search

dyne / tomb

the Crypto Undertaker
https://dyne.org/software/tomb
GNU General Public License v3.0
1.32k stars 150 forks source link

second password from cmdline? #110

Closed reiven closed 10 years ago

reiven commented 10 years ago

Hi! i'm trying to use 'setkey' from an python wrapper using subprocess, passing '--unsecure-dev-mode --tomb-pwd newpassword' as argument, but i cannot send the old password using commandline. There is any way to do that?

Update: i was trying to add --old-tomb-pwd in subcommand_opts[setkey] but cant make it work

reiven commented 10 years ago

This will be usefull to use from external libraries/wrappers like the one i'm working on (https://github.com/reiven/tomber)

jaromil commented 10 years ago

Interesting! this will likely super-seed pytomb

https://github.com/dyne/Tomb/tree/master/extras/pytomb/tomblib

which is left unmaintained since a while.

I'm taking this bug, will try to solve it by adding --old-tomb-pwd in --unsecure-dev-mode and adding a test unit for the setkey function that uses that flag. This will likely be in the new upcoming release.

cheers

reiven commented 10 years ago

I've looked into the pytomb code but i didnt find all the functionality i needed so i decide to start a new "fork" of that and try to include the most needed functions. Oh, i'm using the parser from the pytomblib.

Thanks @jaromil !

jaromil commented 10 years ago

Thankyou for writing a python wrapper that works, also neat and readable.

I've fixed the setkey issue and took the occasion for a bigger code cleanup around key handling (was kind of needed). See commit 108a4c00fc3

This issue should be solved and setkey work also in dev-mode, let me know.

reiven commented 10 years ago

'setkey' looks to be working ok from cmdline 

$ tomb setkey eee.key eee.tomb -k uuu.key --unsecure-dev-mode --tomb-pwd 4321 --tomb-old-pwd 1234
tomb  .  Commanded to reset key for tomb eee.tomb
tomb [W] An active swap partition is detected, this poses security risks.
tomb (*) All your swaps are belong to crypt.  Good.
tomb  .  Valid key file found: ./uuu.key
tomb  .  Valid key file found: eee.key
tomb  .  Valid tomb file found: eee.tomb
tomb (*) Changing lock on tomb eee
tomb  .  Old key: eee.key
tomb  .  New key: ./uuu.key
tomb  .  A password is required to use key uuu.key
tomb  .  Password OK.
tomb  .  A password is required to use key eee.key
tomb  .  Password OK.
tomb (*) Succesfully changed key for tomb: eee.tomb
tomb  .  The new key is: ./uuu.key

Thanks again @jaromil