[Forensics-changes] [SCM] debian-forensics/afflib branch, upstream, updated. upstream/3.5.7+dfsg-1-g1e71b23
Christophe Monniez
christophe.monniez at fccu.be
Thu Apr 1 20:56:41 UTC 2010
The following commit has been merged in the upstream branch:
commit 1e71b239849fcaabf7042e8f255da2ff9025f4a9
Author: Christophe Monniez <christophe.monniez at fccu.be>
Date: Thu Apr 1 22:53:05 2010 +0200
Adding upstream version 3.5.10+dfsg.
diff --git a/ChangeLog b/ChangeLog
index 863afa5..a798c1f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,40 @@
+2010-03-19 Simson L. Garfinkel <simsong at Silver-SSD.local>
+
+ * configure.ac: updated version to 3.5.10
+
+ * tools/aff_bom.h: removed non-PD terms in copyright statement.
+
+ * tools/aff_bom.cpp: removed non-PD terms in copyright statement.
+
+2010-03-14 Simson Garfinkel <simsong at Silver-Surfer.local>
+
+ * configure.ac: increased version number to 3.5.9
+
+ * lib/vnode_raw.cpp: now sets af->imagesectorsize when
+ AF_SECTORSIZE is requested.
+
+ * (raw_filesize): moved added support for af_figure_media to
+ raw_filesize().
+
+ * (raw_open): modified to call raw_filesize() to figure size of
+ the media
+
+ * bulk_extractor should now work with raw devices.
+
+2010-02-23 Simson L. Garfinkel <simsong at Silver-SSD.local>
+
+ * configure.ac: increased version to 3.5.8
+
+ * tools/test_signing.sh (echo): removed ./ from command names.
+
+ * tools/afconvert.cpp (main): removed TERM dependency from
+ afconvert.
+
+2010-01-17 Simson L. Garfinkel <simsong at Silver-SSD.local>
+
+ * lib/afflib_pages.cpp: removed 'shouldfree' comment, because the
+ variable is gone.
+
2010-01-16 Simson L. Garfinkel <simsong at Silver-SSD.local>
* configure.ac: updated version to 3.5.6
diff --git a/README b/README
index b13825f..9721803 100644
--- a/README
+++ b/README
@@ -73,6 +73,18 @@ The AFF library can be downloaded from http://afflib.org/.
The pre-compiled AFF for Windows can be downloaded from
http://afflib.org/windows.
+====
+AFFLIB with SleuthKit:
+
+TSK officially supports a subset of the image formats that AFFLIB
+supports. To use the other image formats, specify the image type as
+"afflib". For example:
+
+
+# fls -o 63 -i afflib foo.vmdk
+
+
+
================
Note: AFF and AFFLIB are trademarks of Simson L. Garfinkel and Basis
Technology, Inc.
diff --git a/afflib.spec b/afflib.spec
index fc1ffe7..59ae9b1 100644
--- a/afflib.spec
+++ b/afflib.spec
@@ -1,5 +1,5 @@
Name: afflib
-Version: 3.5.7
+Version: 3.5.10
Release: 1
Summary: Library to support the Advanced Forensic Format
Group: System Environment/Libraries
diff --git a/configure b/configure
index 67b464b..cac11fa 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for AFFLIB 3.5.7.
+# Generated by GNU Autoconf 2.61 for AFFLIB 3.5.10.
#
# Report bugs to <bugs at afflib.org>.
#
@@ -723,8 +723,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='AFFLIB'
PACKAGE_TARNAME='afflib'
-PACKAGE_VERSION='3.5.7'
-PACKAGE_STRING='AFFLIB 3.5.7'
+PACKAGE_VERSION='3.5.10'
+PACKAGE_STRING='AFFLIB 3.5.10'
PACKAGE_BUGREPORT='bugs at afflib.org'
# Factoring default headers for most tests.
@@ -1427,7 +1427,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures AFFLIB 3.5.7 to adapt to many kinds of systems.
+\`configure' configures AFFLIB 3.5.10 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1497,7 +1497,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of AFFLIB 3.5.7:";;
+ short | recursive ) echo "Configuration of AFFLIB 3.5.10:";;
esac
cat <<\_ACEOF
@@ -1616,7 +1616,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-AFFLIB configure 3.5.7
+AFFLIB configure 3.5.10
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1630,7 +1630,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by AFFLIB $as_me 3.5.7, which was
+It was created by AFFLIB $as_me 3.5.10, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2320,7 +2320,7 @@ fi
# Define the identity of the package.
PACKAGE='afflib'
- VERSION='3.5.7'
+ VERSION='3.5.10'
cat >>confdefs.h <<_ACEOF
@@ -22706,7 +22706,7 @@ exec 6>&1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by AFFLIB $as_me 3.5.7, which was
+This file was extended by AFFLIB $as_me 3.5.10, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -22759,7 +22759,7 @@ Report bugs to <bug-autoconf at gnu.org>."
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-AFFLIB config.status 3.5.7
+AFFLIB config.status 3.5.10
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff --git a/configure.ac b/configure.ac
index a06e3d4..cfa7498 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5,7 +5,7 @@
# and http://www.openismus.com/documents/linux/automake/automake.shtml
-AC_INIT([AFFLIB],[3.5.7],[bugs at afflib.org])
+AC_INIT([AFFLIB],[3.5.10],[bugs at afflib.org])
AM_INIT_AUTOMAKE
AM_MAINTAINER_MODE
diff --git a/lib/afflib_pages.cpp b/lib/afflib_pages.cpp
index c45df1b..6cbae21 100644
--- a/lib/afflib_pages.cpp
+++ b/lib/afflib_pages.cpp
@@ -189,7 +189,6 @@ int af_get_page_raw(AFFILE *af,int64_t pagenum,unsigned long *arg,
* If the page is compressed, uncompress it.
* data points to a segmenet of at least *bytes;
* *bytes is then modified to indicate the actual amount of bytes read.
- * if shouldfree is set, then data should be freed.
* Return 0 if success, -1 if fail.
*/
diff --git a/lib/threaded_hash.h b/lib/threaded_hash.h
index 3a3c3df..6b5e74f 100644
--- a/lib/threaded_hash.h
+++ b/lib/threaded_hash.h
@@ -72,6 +72,8 @@ private:
mutable char *hexbuf; // mull if needs to be calculated
public:
std::string name(){return std::string(EVP_MD_name(md));}
+ static bool iszero(const u_char *buf,size_t bufsize);
+
/** The worker thread needs to be a static function because it is run in its own thread.
* It does the work on the worklist when there is work to do.
@@ -211,7 +213,9 @@ public:;
EVP_DigestUpdate(&ctx,buf,bufsize);
hashed_bytes += bufsize;
}
- /* Perform the final and return a pointer to the buffer. */
+ /** If the hash hasn't been calculated,
+ * Perform the final and return a pointer to the buffer.
+ */
u_char *final(){
if(this->md==0) return 0;
if(this->hashbuf==0){
@@ -231,12 +235,14 @@ public:;
void final(u_char *mdbuf,unsigned int md_len){
if(this->md==0) return;
- memcpy(mdbuf,this->hashbuf,MIN(md_len,hash_size));
+ memcpy(mdbuf,final(),MIN(md_len,hash_size));
}
/** Return the hash buffer */
- u_char *hash(){
- return final();
- }
+ u_char *hash(){ return final(); }
+
+ /** Returns the length of the hash in bytesn*/
+ size_t len(){return hash_size;}
+
/** Return the hex of the hash buffer, null terminated */
const char *hexhash(){
if(hexbuf==0){
@@ -248,16 +254,29 @@ public:;
}
return hexbuf;
}
- bool operator<( threaded_hash &s2) {
- if(this->md==0 || s2.md==0) return false;
- if(this->hash_size != s2.hash_size) return false;
- return memcmp(hash(),s2.hash(),hash_size) < 0;
- }
- bool operator==( threaded_hash &s2) {
- if(this->md==0 || s2.md==0) return false;
- if(this->hash_size != s2.hash_size) return false;
- return memcmp(hash(),s2.hash(),s2.hash_size) == 0;
+ bool operator<( threaded_hash &s2);
+ bool operator==( threaded_hash &s2);
+};
+
+inline bool threaded_hash::iszero(const u_char *buf,size_t bufsize){
+ for(u_int i=0;i<bufsize;i++){
+ if(buf[i]!=0) return false;
}
+ return true;
+}
+
+inline bool threaded_hash::operator<( threaded_hash &s2) {
+ if(this->md==0 || s2.md==0) return false;
+ if(this->hash_size != s2.hash_size) return false;
+ return memcmp(hash(),s2.hash(),hash_size) < 0;
+}
+
+inline bool threaded_hash::operator==( threaded_hash &s2) {
+ if(this->md==0 || s2.md==0) return false;
+ if(this->hash_size != s2.hash_size) return false;
+ return memcmp(hash(),s2.hash(),s2.hash_size) == 0;
+}
+
+
-};
#endif
diff --git a/lib/vnode_raw.cpp b/lib/vnode_raw.cpp
index 79095b6..3cc906f 100644
--- a/lib/vnode_raw.cpp
+++ b/lib/vnode_raw.cpp
@@ -30,11 +30,20 @@ static int64_t raw_filesize(AFFILE *af)
struct raw_private *rp = RAW_PRIVATE(af);
struct stat sb;
- if(fstat(fileno(rp->raw),&sb)){
- (*af->error_reporter)("raw_open: stat(%s): ",af->fname);
- return -1; // kind of odd...
+ if(fstat(fileno(rp->raw),&sb)==0){
+ if(sb.st_mode & S_IFREG){ // only do this for regular files
+ return sb.st_size;
+ }
+
+ /* See if this is a device that we can figure */
+ struct af_figure_media_buf afb;
+ if(af_figure_media(fileno(rp->raw),&afb)==0){
+ if(afb.total_sectors>0 && afb.sector_size>0){
+ return afb.total_sectors * afb.sector_size;
+ }
+ }
}
- return sb.st_size;
+ return 0; // no clue
}
static int raw_open(AFFILE *af)
@@ -50,9 +59,9 @@ static int raw_open(AFFILE *af)
if(af->fname) rp->raw=fopen(af->fname,mode);
if(rp->raw==0) return -1; // raw open failed
- af->image_size = raw_filesize(af);
- af->image_pagesize = RAW_PAGESIZE;
- af->cur_page = 0;
+ af->image_size = raw_filesize(af);
+ af->image_pagesize = RAW_PAGESIZE;
+ af->cur_page = 0;
return 0;
}
@@ -120,14 +129,38 @@ static int raw_get_seg(AFFILE *af,const char *name,
int64_t segnum = af_segname_page_number(name);
if(segnum<0){
/* See if PAGESIZE or IMAGESIZE is being requested; we can fake those */
- if(strcmp(name,AF_PAGESIZE)==0 && arg){*arg = af->image_pagesize;return 0;}
- if(strcmp(name,AF_IMAGESIZE)==0 && data && *datalen>=8){
+ if(strcmp(name,AF_PAGESIZE)==0){
+ if(arg) *arg = af->image_pagesize;
+ if(datalen) *datalen = 0;
+ return 0;
+ }
+ if(strcmp(name,AF_IMAGESIZE)==0){
+ struct aff_quad q;
+ if(data && *datalen>=0){
+ q.low = htonl((unsigned long)(af->image_size & 0xffffffff));
+ q.high = htonl((unsigned long)(af->image_size >> 32));
+ memcpy(data,&q,8);
+ *datalen = 8;
+ }
+ return 0;
+ }
+ if(strcmp(name,AF_SECTORSIZE)==0){
+ if(arg) *arg = af->image_sectorsize;
+ if(datalen) *datalen = 0;
+ return 0;
+ }
+ if(strcmp(name,AF_DEVICE_SECTORS)==0){
+ int64_t devicesectors = af->image_size / af->image_sectorsize;
struct aff_quad q;
- q.low = htonl((unsigned long)(af->image_size & 0xffffffff));
- q.high = htonl((unsigned long)(af->image_size >> 32));
- memcpy(data,&q,8);
+ if(data && *datalen>=0){
+ q.low = htonl((unsigned long)(devicesectors & 0xffffffff));
+ q.high = htonl((unsigned long)(devicesectors >> 32));
+ memcpy(data,&q,8);
+ *datalen = 8;
+ }
return 0;
}
+
return -1; // don't know how to fake this
}
@@ -199,22 +232,7 @@ static int raw_vstat(AFFILE *af,struct af_vnode_info *vni)
/* If we can stat the file, use that. */
fflush(rp->raw);
- struct stat sb;
- if(fstat(fileno(rp->raw),&sb)==0){
- if(sb.st_mode & S_IFREG){ // only do this for regular files
- vni->imagesize = sb.st_size;
- }
- }
-
- if(vni->imagesize==-1){
- /* See if this is a device that we can figure */
- struct af_figure_media_buf afb;
- if(af_figure_media(fileno(rp->raw),&afb)==0){
- if(afb.total_sectors>0 && afb.sector_size>0){
- vni->imagesize = afb.total_sectors * afb.sector_size;
- }
- }
- }
+ vni->imagesize = raw_filesize(af);
vni->supports_compression = 0;
vni->has_pages = 1;
diff --git a/pyaff/Makefile.am b/pyaff/Makefile.am
index 2a9dc31..cd23e60 100644
--- a/pyaff/Makefile.am
+++ b/pyaff/Makefile.am
@@ -9,5 +9,5 @@ pyexec_LTLIBRARIES = pyaff.la
pyaff_la_SOURCES = pyaff.c
pyaff_la_LIBADD = ../lib/libafflib.la
pyaff_la_CPPFLAGS = $(PYTHON_CPPFLAGS)
-pyaff_la_LDFLAGS = -module $(PYTHON_LDFLAGS)
+pyaff_la_LDFLAGS = -module -avoid-version $(PYTHON_LDFLAGS)
endif
diff --git a/pyaff/Makefile.in b/pyaff/Makefile.in
index 833317d..a7bf82c 100644
--- a/pyaff/Makefile.in
+++ b/pyaff/Makefile.in
@@ -223,7 +223,7 @@ EXTRA_DIST = PKG-INFO README pyaff.c setup.py
@HAVE_PYTHON_TRUE at pyaff_la_SOURCES = pyaff.c
@HAVE_PYTHON_TRUE at pyaff_la_LIBADD = ../lib/libafflib.la
@HAVE_PYTHON_TRUE at pyaff_la_CPPFLAGS = $(PYTHON_CPPFLAGS)
- at HAVE_PYTHON_TRUE@pyaff_la_LDFLAGS = -module $(PYTHON_LDFLAGS)
+ at HAVE_PYTHON_TRUE@pyaff_la_LDFLAGS = -module -avoid-version $(PYTHON_LDFLAGS)
all: all-am
.SUFFIXES:
diff --git a/tools/afconvert.cpp b/tools/afconvert.cpp
index 850e720..7d20bed 100644
--- a/tools/afconvert.cpp
+++ b/tools/afconvert.cpp
@@ -68,9 +68,6 @@
#include <term.h>
#endif
-#ifdef HAVE_NCURSES_TERM_H
-#include <ncurses/term.h>
-#endif
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
@@ -621,10 +618,6 @@ int main(int argc,char **argv)
char *outfile = 0;
int ch;
-#ifdef HAVE_LIBNCURSES
- setupterm((char *)0,1,(int *)0);
-#endif
-
command_line = aff::command_line(argc,argv);
while ((ch = getopt(argc, argv, "a:e:Lo:zqrs:xX:Zh?M:O::ydV")) != -1) {
switch (ch) {
diff --git a/tools/aff_bom.cpp b/tools/aff_bom.cpp
index 3fd2183..18ba9ec 100644
--- a/tools/aff_bom.cpp
+++ b/tools/aff_bom.cpp
@@ -13,12 +13,7 @@
* United States Government and/or for any works created by United
* States Government employees. User acknowledges that this software
* contains work which was created by NPS employee(s) and is therefore
- * in the public domain and not subject to copyright. The User may
- * use, distribute, or incorporate this software provided the User
- * acknowledges this via an explicit acknowledgment of NPS-related
- * contributions to the User's work. User also agrees to acknowledge,
- * via an explicit acknowledgment, that any modifications or
- * alterations have been made to this software before redistribution.
+ * in the public domain and not subject to copyright.
* --------------------------------------------------------------------
*
* Change History:
diff --git a/tools/aff_bom.h b/tools/aff_bom.h
index 557b81e..64866b2 100644
--- a/tools/aff_bom.h
+++ b/tools/aff_bom.h
@@ -13,12 +13,7 @@
* United States Government and/or for any works created by United
* States Government employees. User acknowledges that this software
* contains work which was created by NPS employee(s) and is therefore
- * in the public domain and not subject to copyright. The User may
- * use, distribute, or incorporate this software provided the User
- * acknowledges this via an explicit acknowledgment of NPS-related
- * contributions to the User's work. User also agrees to acknowledge,
- * via an explicit acknowledgment, that any modifications or
- * alterations have been made to this software before redistribution.
+ * in the public domain and not subject to copyright.
* --------------------------------------------------------------------
*
* Change History:
diff --git a/tools/afinfo.cpp b/tools/afinfo.cpp
index 50ea7f3..5c21aba 100644
--- a/tools/afinfo.cpp
+++ b/tools/afinfo.cpp
@@ -113,6 +113,7 @@ const char *opt_passphrase = 0;
vector<string> opt_seglist; // just info these segments
bool something_was_decrypted = false;
+const char *term = 0;
/**
@@ -120,6 +121,7 @@ bool something_was_decrypted = false;
*/
void bold(int on)
{
+ if(!term) return;
#if defined(HAVE_LIBNCURSES)
#ifdef HAVE_ISATTY
if(!isatty(fileno(stdout))) return;
@@ -794,9 +796,12 @@ int main(int argc,char **argv)
/* Figure out how many cols the screen has... */
#ifdef HAVE_LIBNCURSES
- setupterm((char *)0,1,(int *)0);
- start_color();
- cols = tgetnum((char *)"co");
+ term = getenv("TERM");
+ if(term){
+ setupterm((char *)0,1,(int *)0);
+ start_color();
+ cols = tgetnum((char *)"co");
+ }
#endif
while ((ch = getopt(argc, argv, "abh?s:SmiIwj:p:xvVX5dAl")) != -1) {
diff --git a/tools/test_afsegment.sh b/tools/test_afsegment.sh
index 1bb3183..fd62b76 100755
--- a/tools/test_afsegment.sh
+++ b/tools/test_afsegment.sh
@@ -9,9 +9,9 @@ unset AFFLIB_PASSPHRASE
echo === Putting a new metadata segment into blank.aff ===
/bin/rm -f $BLANK_AFF
-./afcopy /dev/null $BLANK_AFF
-./afsegment -ssegname=testseg1 $BLANK_AFF
-if [ x"testseg1" = x`./afsegment -p segname $BLANK_AFF` ] ; then
+afcopy /dev/null $BLANK_AFF
+afsegment -ssegname=testseg1 $BLANK_AFF
+if [ x"testseg1" = x`afsegment -p segname $BLANK_AFF` ] ; then
echo afsegment worked!
else
echo afsegment does not work properly
diff --git a/tools/test_crypto.sh b/tools/test_crypto.sh
index 96a43c7..d22251e 100755
--- a/tools/test_crypto.sh
+++ b/tools/test_crypto.sh
@@ -35,8 +35,8 @@ QUZGIGRlY3J5cHRpb24gYXBwZWFycyB0byB3b3JrLgo=
EOF
# file://:password@/$ENCRYPTED_AFF
-echo ./afcompare $ENCRYPTED_ISO $ENCRYPTED_ISO
-if ! ./afcompare $ENCRYPTED_ISO $ENCRYPTED_ISO ; then
+echo afcompare $ENCRYPTED_ISO $ENCRYPTED_ISO
+if ! afcompare $ENCRYPTED_ISO $ENCRYPTED_ISO ; then
echo $ENCRYPTED_ISO does not decrypt properly.
exit 1
fi
diff --git a/tools/test_passphrase.sh b/tools/test_passphrase.sh
index 48f05ce..8769b20 100755
--- a/tools/test_passphrase.sh
+++ b/tools/test_passphrase.sh
@@ -22,8 +22,8 @@ if [ ! -r $BLANK_ISO ]; then
exit 0
fi
-./afconvert -o $BLANK_AFF $BLANK_ISO
-./afconvert -o file://:passphrase@/$BLANK_ENCRYPTED_AFF $BLANK_ISO
+afconvert -o $BLANK_AFF $BLANK_ISO
+afconvert -o file://:passphrase@/$BLANK_ENCRYPTED_AFF $BLANK_ISO
if [ ! -r $BLANK_ENCRYPTED_AFF ]; then
echo CANNOT CREATE $BLANK_ENCRYPTED_AFF
@@ -33,7 +33,7 @@ fi
# Make sure afcrypto reports properly for with and with no encrypted segments
-if (./afcrypto $BLANK_AFF | grep " 0 encrypted" > /dev/null ) ; then
+if (afcrypto $BLANK_AFF | grep " 0 encrypted" > /dev/null ) ; then
echo $BLANK_ENCRYPTED_AFF properly created
else
echo ENCRYPTED SEGMENTS IN $BLANK_ENCRYPTED_AFF --- STOP
@@ -41,8 +41,8 @@ else
fi
# Now test afcrypto
-echo Encrypted segment count: `./afcrypto -j $BLANK_ENCRYPTED_AFF`
-if [ `./afcrypto -j $BLANK_ENCRYPTED_AFF` = "0" ]; then
+echo Encrypted segment count: `afcrypto -j $BLANK_ENCRYPTED_AFF`
+if [ `afcrypto -j $BLANK_ENCRYPTED_AFF` = "0" ]; then
echo NO ENCRYPTED SEGMENTS IN $BLANK_ENCRYPTED_AFF --- STOP
exit 1
else
@@ -54,7 +54,7 @@ echo "dopey" >> $WORDS
echo "doc" >> $WORDS
echo "passphrase" >> $WORDS
echo "foobar" >> $WORDS
-if [ "`./afcrypto -k -f $WORDS $BLANK_ENCRYPTED_AFF|grep correct|grep passphrase`"x = x ] ; then
+if [ "`afcrypto -k -f $WORDS $BLANK_ENCRYPTED_AFF|grep correct|grep passphrase`"x = x ] ; then
echo afcrypto did not find the right passphrase
exit 1
else
diff --git a/tools/test_recovery.sh b/tools/test_recovery.sh
index 2bf20de..a7d72cb 100755
--- a/tools/test_recovery.sh
+++ b/tools/test_recovery.sh
@@ -36,24 +36,24 @@ fi
cp $RECOVERY_ISO $RECOVERY_BAK
echo ===========
echo Step 1: SIGNING $RECOVERY_ISO
-if ! ./afsign -k $RECOVERY_PEM $RECOVERY_ISO ; then exit 1 ; fi
+if ! afsign -k $RECOVERY_PEM $RECOVERY_ISO ; then exit 1 ; fi
ls -l $RECOVERY_ISO $RECOVERY_AFM
echo ===========
echo Step 2: VERIFYING SIGNATURE
-if ! ./afverify $RECOVERY_AFM ; then exit 1 ; fi
+if ! afverify $RECOVERY_AFM ; then exit 1 ; fi
echo ===========
echo Step 3: CORRUPTING FILE recovery.iso
dd if=/dev/random of=$RECOVERY_ISO count=1 skip=1 conv=notrunc
echo ===========
echo Step 4: ATTEMPTING RECOVERY
-if ! ./afrecover $RECOVERY_AFM ; then exit 1 ; fi
+if ! afrecover $RECOVERY_AFM ; then exit 1 ; fi
echo ==========
echo Step 5: MAKING SURE THAT THE MD5 HAS NOT CHANGED
if ! cmp $RECOVERY_BAK $RECOVERY_ISO ; then echo file changed ; exit 1 ; fi
echo MD5 has not changed
echo ==========
echo Step 6: See if Digital Signature is still good
-if ! ./afverify $RECOVERY_AFM ; then echo signature no longer good ; exit 1 ; fi
+if ! afverify $RECOVERY_AFM ; then echo signature no longer good ; exit 1 ; fi
echo Signature still good
echo ALL TESTS PASS
/bin/rm -f $RECOVERY_KEY $RECOVERY_BAK $RECOVERY_ISO $RECOVERY_AFM $RECOVERY_PEM
diff --git a/tools/test_signing.sh b/tools/test_signing.sh
index 7f09dc3..5515b23 100755
--- a/tools/test_signing.sh
+++ b/tools/test_signing.sh
@@ -30,40 +30,40 @@ openssl req -x509 -newkey rsa:1024 -keyout $ARCHIVES_PEM -out $ARCHIVES_PEM -nod
echo Making an AFF file to sign
rm -f $EVIDENCE evidence?.aff
-./afconvert -o $EVIDENCE rawevidence.iso
+afconvert -o $EVIDENCE rawevidence.iso
echo Initial AFF file
-if ! ./afinfo -a $EVIDENCE ; then exit 1 ; fi
+if ! afinfo -a $EVIDENCE ; then exit 1 ; fi
echo Signing AFF file...
echo afsign -k $AGENT_PEM $EVIDENCE
-if ! ./afsign -k $AGENT_PEM $EVIDENCE ; then echo afsign failed ; exit 1 ; fi
+if ! afsign -k $AGENT_PEM $EVIDENCE ; then echo afsign failed ; exit 1 ; fi
echo Verifying Signature...
echo afverify $EVIDENCE
-if ! ./afverify $EVIDENCE ; then echo afverify failed ; exit 1 ; fi ;
+if ! afverify $EVIDENCE ; then echo afverify failed ; exit 1 ; fi ;
echo Signature test 1 passed
echo Testing chain-of-custody signatures
echo Copying original raw file to evidence1.aff
-if ! ./afcopy -z -k $AGENT_PEM rawevidence.iso evidence1.aff ; then exit 1; fi
-if ! ./afinfo -a evidence1.aff ; then exit 1 ; fi
-if ! ./afcompare rawevidence.iso evidence1.aff ; then exit 1 ; fi
-if ! ./afverify evidence1.aff ; then exit 1 ; fi
+if ! afcopy -z -k $AGENT_PEM rawevidence.iso evidence1.aff ; then exit 1; fi
+if ! afinfo -a evidence1.aff ; then exit 1 ; fi
+if ! afcompare rawevidence.iso evidence1.aff ; then exit 1 ; fi
+if ! afverify evidence1.aff ; then exit 1 ; fi
echo
echo Making the second generation copy
-echo "This copy was made by the analyst" | ./afcopy -z -k $ANALYST_PEM -n evidence1.aff $EVIDENCE2
-if ! ./afinfo -a $EVIDENCE2 ; then exit 1 ; fi
-if ! ./afcompare rawevidence.iso $EVIDENCE2 ; then exit 1 ; fi
-if ! ./afverify $EVIDENCE2 ; then exit 1 ; fi
+echo "This copy was made by the analyst" | afcopy -z -k $ANALYST_PEM -n evidence1.aff $EVIDENCE2
+if ! afinfo -a $EVIDENCE2 ; then exit 1 ; fi
+if ! afcompare rawevidence.iso $EVIDENCE2 ; then exit 1 ; fi
+if ! afverify $EVIDENCE2 ; then exit 1 ; fi
echo
echo Making the third generation copy
-echo "This copy was made by the archives" | ./afcopy -z -k $ARCHIVES_PEM -n $EVIDENCE2 $EVIDENCE3
-if ! ./afinfo -a $EVIDENCE3 ; then exit 1 ; fi
-if ! ./afcompare rawevidence.iso $EVIDENCE3 ; then exit 1 ; fi
-if ! ./afverify $EVIDENCE3 ; then exit 1 ; fi
+echo "This copy was made by the archives" | afcopy -z -k $ARCHIVES_PEM -n $EVIDENCE2 $EVIDENCE3
+if ! afinfo -a $EVIDENCE3 ; then exit 1 ; fi
+if ! afcompare rawevidence.iso $EVIDENCE3 ; then exit 1 ; fi
+if ! afverify $EVIDENCE3 ; then exit 1 ; fi
echo All tests passed successfully
--
debian-forensics/afflib
More information about the forensics-changes
mailing list