secnote

The secnote tool.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/secnote

commit 42aef115a2ba2b80e0148562e1c97c80bd9a7d61
parent 1b4edd1f8512efa61f05b1b30220036ded029e36
Author: Joris Vink <joris@coders.se>
Date:   Wed, 15 Jun 2022 14:37:08 +0200

add hackish web page generation

Diffstat:
LICENSE | 15+++++++++++++++
README.md | 42++++++++++++++++++++++++++++++++++--------
www/Makefile | 5+++++
www/index.html.end | 11+++++++++++
www/index.html.start | 12++++++++++++
www/style.css | 177+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 254 insertions(+), 8 deletions(-)

diff --git a/LICENSE b/LICENSE @@ -0,0 +1,15 @@ +/* + * Copyright (c) 2022 Joris Vink <joris@coders.se> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ diff --git a/README.md b/README.md @@ -1,44 +1,54 @@ # About secnote -A tool to help mark sections in code as security critical or build -code flows, all from within the code itself. +A tool to help mark sections in code as security critical or +build code flows, all from within the code itself. -# A secnote +## How A secnote is opened with a @secnote-open marker. - The open marker must include a topic and id. +``` /* @secnote-open topic=a-topic id=unique-id-in-topic */ - ... +``` The note is closed with a @secnote-close marker. +``` /* @secnote-close */ +``` A note can have a weight attached to it. This is used by secnote for ordering the notes when multiple exist in the same topic. To do so, specify the weight after the topic name: +``` /* @secnote-open topic=a-topic:100 ... */ +``` -# Show +## Show When running the tool without options on input files or directory it will gather information about the notes found and display them on stdout. +``` $ secnote . +``` You can also use options to display just a list of topics. - $ secnote -l src include +``` + $ secnote -l src include +``` Or include all relevant locations. +``` $ secnote -lf sys kern fs +``` -# Verify +## Verify The tool allows the notes to be dumped into a simple text-based database format, which allows a developer to verify these secnotes against new @@ -47,15 +57,25 @@ altered. Create a secnote: +``` $ secnote -d proj_1_0_0 > secnote.txt +``` Verify the note against a new release: +``` $ secnote -v secnote.txt proj_1_0_2 +``` You can also run secnote between 2 copies of the source: +``` $ secnote -d proj_1_0_0 | secnote -p1 -v - proj_1_0_2 +``` + +## Contribute + +Send patches to joris@coders.se. ## Caveats @@ -71,3 +91,9 @@ intimate understanding of the code. As with everything related to comments and documentation, if it falls out of touch with reality it will become useless and could even turn into a security risk. + +Only accepts .c, .h and .py files, hackable though. + +## License + +ISC licensed, created by Joris Vink. diff --git a/www/Makefile b/www/Makefile @@ -0,0 +1,5 @@ +construct: + rm -f index.html + cat index.html.start > index.html + cat ../README.md | markdown >> index.html + cat index.html.end >> index.html diff --git a/www/index.html.end b/www/index.html.end @@ -0,0 +1,11 @@ + </div> + + <div class="releases"> + <h3>Source code</h3> + <a href="https://github.com/jorisvink/secnote">on github</a> + </div> +</div> + +</body> + +</html> diff --git a/www/index.html.start b/www/index.html.start @@ -0,0 +1,12 @@ +<!DOCTYPE> +<html> + +<head> +<title>secnote - A way to document security critical code</title> +<link rel="stylesheet" href="/style.css" /> +</head> + +<body> + +<div class="wrapper"> + <div class="content"> diff --git a/www/style.css b/www/style.css @@ -0,0 +1,177 @@ +* { + padding: 0px; + margin: 0px; + font-family: "Helvetica Neue",Helvetica,Arial,sans-serif; +} + +body { + background-color: #fff; +} + +h1 { + margin-top: 25px; + margin-bottom: 25px; +} + +h2 { + margin-top: 35px; + margin-bottom: 10px; +} + +ul { + margin-left: 50px; + margin-top: 10px; +} + +table { + width: 100%; +} + +th { + text-align: left; + padding-bottom: 5px; +} + +td { + margin-right: 5px; +} + +p { + margin-bottom: 15px; +} + +code { + background-color: #f0f0f0; + color: black; + padding: 5px; + border-radius: 5px; + display: block; + font-family: 'Courier New', monospace; +} + +div.wrapper { + margin-left: auto; + margin-right: auto; + width: 1000px; + display: grid; + column-gap: 50px; + grid-template-columns: [content] 750px [right] auto; + grid-template-rows: [row-top] 50px [row-release] 150px [row-sponsors] 150px [row-other] auto [row-footer] 150px; +} + +div.menu { + left: 0px; + top: 0px; + width: 100%; + height: 50px; + padding-top: 4px; + font-size: 22px; + text-align: center; + background-color: rgb(56, 127, 170); +} + +div.menu > div.items { + padding-top: 8px; +} + +a, a:visited { + color: blue; +} + +div.menu > div.items > a, div.menu > div.items > a:visited { + color: white; + text-decoration: none; +} + +div.content { + grid-column: content; + grid-row-start: row-top; + grid-row-end: row-footer; +} + +div.content > div.logo > img { + width: 250px; + height: auto; + margin-top: 25px; + margin-bottom: 25px; +} + +div.releases { + grid-column: right; + grid-row: row-release; +} + +div.sponsors { + grid-column: right; + grid-row: row-sponsors; +} + +div.sponsors > img { + width: auto; + height: 75px; +} + +@media only screen and (min-width: 320px) and (max-width: 450px) { + +div.wrapper { + width: 95%; + display: grid; + column-gap: 50px; + grid-template-columns: [content] 100%; + grid-template-rows: [row-top] 20px [row-release] 20px [row-other] auto [row-empty] 50px [row-sponsors] 150px [row-footer] 50px; +} + +div.menu { + padding-top: 25px; + font-size: 16px; +} + +div.content { + grid-row-start: row-other; + grid-row-end: row-empty; +} + +div.content > div.logo { + width: 100%; + text-align: center; +} + +div.content > div.logo > img { + width: 200px; + height: auto; + margin-top: 25px; + margin-bottom: 25px; +} + +div.sponsors { + grid-column: content; + grid-row: row-sponsors; + text-align: center; +} + +div.sponsors > a > img { + width: 230; + height: auto; +} + +div.releases { + grid-column: content; + grid-row: row-release; + text-align: center; +} + +div.releases > h3 { + display: none; +} + +div.releases > p { + display: inline-block; +} + +code { + white-space: pre-wrap; + white-space: -moz-pre-wrap; + word-wrap: break-word; +} + +}