commit 42aef115a2ba2b80e0148562e1c97c80bd9a7d61
parent 1b4edd1f8512efa61f05b1b30220036ded029e36
Author: Joris Vink <joris@coders.se>
Date: Wed, 15 Jun 2022 14:37:08 +0200
add hackish web page generation
Diffstat:
6 files changed, 254 insertions(+), 8 deletions(-)
diff --git a/LICENSE b/LICENSE
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2022 Joris Vink <joris@coders.se>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
diff --git a/README.md b/README.md
@@ -1,44 +1,54 @@
# About secnote
-A tool to help mark sections in code as security critical or build
-code flows, all from within the code itself.
+A tool to help mark sections in code as security critical or
+build code flows, all from within the code itself.
-# A secnote
+## How
A secnote is opened with a @secnote-open marker.
-
The open marker must include a topic and id.
+```
/* @secnote-open topic=a-topic id=unique-id-in-topic */
- ...
+```
The note is closed with a @secnote-close marker.
+```
/* @secnote-close */
+```
A note can have a weight attached to it. This is used by secnote
for ordering the notes when multiple exist in the same topic.
To do so, specify the weight after the topic name:
+```
/* @secnote-open topic=a-topic:100 ... */
+```
-# Show
+## Show
When running the tool without options on input files or directory it will
gather information about the notes found and display them on stdout.
+```
$ secnote .
+```
You can also use options to display just a list of topics.
- $ secnote -l src include
+```
+ $ secnote -l src include
+```
Or include all relevant locations.
+```
$ secnote -lf sys kern fs
+```
-# Verify
+## Verify
The tool allows the notes to be dumped into a simple text-based database
format, which allows a developer to verify these secnotes against new
@@ -47,15 +57,25 @@ altered.
Create a secnote:
+```
$ secnote -d proj_1_0_0 > secnote.txt
+```
Verify the note against a new release:
+```
$ secnote -v secnote.txt proj_1_0_2
+```
You can also run secnote between 2 copies of the source:
+```
$ secnote -d proj_1_0_0 | secnote -p1 -v - proj_1_0_2
+```
+
+## Contribute
+
+Send patches to joris@coders.se.
## Caveats
@@ -71,3 +91,9 @@ intimate understanding of the code.
As with everything related to comments and documentation, if it
falls out of touch with reality it will become useless and could
even turn into a security risk.
+
+Only accepts .c, .h and .py files, hackable though.
+
+## License
+
+ISC licensed, created by Joris Vink.
diff --git a/www/Makefile b/www/Makefile
@@ -0,0 +1,5 @@
+construct:
+ rm -f index.html
+ cat index.html.start > index.html
+ cat ../README.md | markdown >> index.html
+ cat index.html.end >> index.html
diff --git a/www/index.html.end b/www/index.html.end
@@ -0,0 +1,11 @@
+ </div>
+
+ <div class="releases">
+ <h3>Source code</h3>
+ <a href="https://github.com/jorisvink/secnote">on github</a>
+ </div>
+</div>
+
+</body>
+
+</html>
diff --git a/www/index.html.start b/www/index.html.start
@@ -0,0 +1,12 @@
+<!DOCTYPE>
+<html>
+
+<head>
+<title>secnote - A way to document security critical code</title>
+<link rel="stylesheet" href="/style.css" />
+</head>
+
+<body>
+
+<div class="wrapper">
+ <div class="content">
diff --git a/www/style.css b/www/style.css
@@ -0,0 +1,177 @@
+* {
+ padding: 0px;
+ margin: 0px;
+ font-family: "Helvetica Neue",Helvetica,Arial,sans-serif;
+}
+
+body {
+ background-color: #fff;
+}
+
+h1 {
+ margin-top: 25px;
+ margin-bottom: 25px;
+}
+
+h2 {
+ margin-top: 35px;
+ margin-bottom: 10px;
+}
+
+ul {
+ margin-left: 50px;
+ margin-top: 10px;
+}
+
+table {
+ width: 100%;
+}
+
+th {
+ text-align: left;
+ padding-bottom: 5px;
+}
+
+td {
+ margin-right: 5px;
+}
+
+p {
+ margin-bottom: 15px;
+}
+
+code {
+ background-color: #f0f0f0;
+ color: black;
+ padding: 5px;
+ border-radius: 5px;
+ display: block;
+ font-family: 'Courier New', monospace;
+}
+
+div.wrapper {
+ margin-left: auto;
+ margin-right: auto;
+ width: 1000px;
+ display: grid;
+ column-gap: 50px;
+ grid-template-columns: [content] 750px [right] auto;
+ grid-template-rows: [row-top] 50px [row-release] 150px [row-sponsors] 150px [row-other] auto [row-footer] 150px;
+}
+
+div.menu {
+ left: 0px;
+ top: 0px;
+ width: 100%;
+ height: 50px;
+ padding-top: 4px;
+ font-size: 22px;
+ text-align: center;
+ background-color: rgb(56, 127, 170);
+}
+
+div.menu > div.items {
+ padding-top: 8px;
+}
+
+a, a:visited {
+ color: blue;
+}
+
+div.menu > div.items > a, div.menu > div.items > a:visited {
+ color: white;
+ text-decoration: none;
+}
+
+div.content {
+ grid-column: content;
+ grid-row-start: row-top;
+ grid-row-end: row-footer;
+}
+
+div.content > div.logo > img {
+ width: 250px;
+ height: auto;
+ margin-top: 25px;
+ margin-bottom: 25px;
+}
+
+div.releases {
+ grid-column: right;
+ grid-row: row-release;
+}
+
+div.sponsors {
+ grid-column: right;
+ grid-row: row-sponsors;
+}
+
+div.sponsors > img {
+ width: auto;
+ height: 75px;
+}
+
+@media only screen and (min-width: 320px) and (max-width: 450px) {
+
+div.wrapper {
+ width: 95%;
+ display: grid;
+ column-gap: 50px;
+ grid-template-columns: [content] 100%;
+ grid-template-rows: [row-top] 20px [row-release] 20px [row-other] auto [row-empty] 50px [row-sponsors] 150px [row-footer] 50px;
+}
+
+div.menu {
+ padding-top: 25px;
+ font-size: 16px;
+}
+
+div.content {
+ grid-row-start: row-other;
+ grid-row-end: row-empty;
+}
+
+div.content > div.logo {
+ width: 100%;
+ text-align: center;
+}
+
+div.content > div.logo > img {
+ width: 200px;
+ height: auto;
+ margin-top: 25px;
+ margin-bottom: 25px;
+}
+
+div.sponsors {
+ grid-column: content;
+ grid-row: row-sponsors;
+ text-align: center;
+}
+
+div.sponsors > a > img {
+ width: 230;
+ height: auto;
+}
+
+div.releases {
+ grid-column: content;
+ grid-row: row-release;
+ text-align: center;
+}
+
+div.releases > h3 {
+ display: none;
+}
+
+div.releases > p {
+ display: inline-block;
+}
+
+code {
+ white-space: pre-wrap;
+ white-space: -moz-pre-wrap;
+ word-wrap: break-word;
+}
+
+}