tbetter documentation for kdf - tomb - the crypto undertaker
HTML git clone git://parazyd.org/tomb.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit fa44f46eba9ae89240942cbb184f944d0c54ac9f
DIR parent c502ef3d921c10f8bfc9ccff70c041575a4f5f66
HTML Author: Jaromil <jaromil@dyne.org>
Date: Fri, 18 Nov 2016 13:54:18 +0100
better documentation for kdf
also correctly use _failure on fatal error using --kdf
Diffstat:
M doc/tomb.1 | 8 ++++----
M tomb | 4 ++--
2 files changed, 6 insertions(+), 6 deletions(-)
---
DIR diff --git a/doc/tomb.1 b/doc/tomb.1
t@@ -201,10 +201,10 @@ the \fIsize\fR of the new file to be created. Units are megabytes (MiB).
.B
.IP "--kdf \fI<itertime>\fR"
Activate the KDF feature against dictionary attacks when creating a
-key: forces a delay of \fI<itertime>\fR seconds every time this key is used.
-You should keep in mind that the actual iteration count is calculated based on
-the performance of the computer where you forge the key.
-The argument must be an integer, so you cannot say \fI--kdf 0.3\fR for 300ms.
+key: forces a delay of \fI<itertime>\fR times every time this key is
+used. The actual time to wait depends on the CPU speed of the
+computer where the key is used. Using 5 or 10 is a sane amount for
+modern computers, the value is multiplied by 1 million.
.B
.IP "-h"
Display a help text and quit.
DIR diff --git a/tomb b/tomb
t@@ -1148,8 +1148,8 @@ gen_key() {
if [[ "$itertime" != <-> ]]; then
unset tombpass
unset tombpasstmp
- _error "Wrong argument for --kdf: must be an integer number (iteration seconds)."
- _error "Depending on the speed of machines using this tomb, use 1 to 10, or more"
+ _warning "Wrong argument for --kdf: must be an integer number (iteration seconds)."
+ _failure "Depending on the speed of machines using this tomb, use 1 to 10, or more"
return 1
fi
# --kdf takes one parameter: iter time (on present machine) in seconds