src/meson.build

@@ -1,17 +1,14 @@
 # Find scripts
-main = find_program('zlevis')
 encrypt = find_program('zlevis-encrypt')
 decrypt = find_program('zlevis-decrypt')
 fetch = find_program('zlevis-fetch')
 
 # Test the scripts
-test('zlevis', main, args: '--summary')
 test('zlevis-encrypt', encrypt, args: '--summary')
 test('zlevis-decrypt', decrypt, args: '--summary')
 test('zlevis-fetch', fetch, args: '--summary')
 
 # Add paths of scripts to bins
-bins += join_paths(meson.current_source_dir(), 'zlevis')
 bins += join_paths(meson.current_source_dir(), 'zlevis-encrypt')
 bins += join_paths(meson.current_source_dir(), 'zlevis-decrypt')
 bins += join_paths(meson.current_source_dir(), 'zlevis-fetch')

src/zlevis

@@ -1,39 +0,0 @@
-#!/bin/sh
-
-# Exit immediately if a command exits with a non-zero status
-set -e
-
-# Summary of the script's functionality
-summary="A tool that enables automatic decryption of ZFS rpools with TPM2"
-
-# Display summary if requested
-if [ "$1" = "--summary" ]; then
-    echo "$summary"
-    exit 0
-fi
-
-# Display usage information if input is from a terminal
-if [ -t 0 ]; then
-    exec >&2
-    echo "Usage: zlevis {decrypt|encrypt} {pool|*} [options]"
-    exit 2
-fi
-
-case "$1" in
-    decrypt) 
-        case "$2" in 
-            pool) zfs list -Ho tpm:jwe $3 | zlevis-decrypt;;
-            *) zlevis-decrypt $2;;
-        esac
-    ;;
-    encrypt)
-        case "$2" in
-            pool) read -r -d . key || zfs set tpm:jwe=$(printf "%s" "$key" | zlevis-encrypt $4) $3;;
-            *) zlevis-encrypt $2;;
-        esac
-    ;;
-    *) exit 1;;
-esac
-
-# Exit with the status of the last command
-exit $?

src/zlevis-decrypt

@@ -18,7 +18,10 @@ fi
 # Display usage information if input is from a terminal
 if [ -t 0 ]; then
     exec >&2
+    echo "$summary"
+    echo
     echo "Usage: \"zlevis-decrypt < file.jwe\""
+    echo "Usage ZFS: \"zfs list -Ho tpm:jwe <pool> | zlevis-decrypt\""
     exit 2
 fi
 

src/zlevis-encrypt

@@ -21,7 +21,7 @@ fi
 # Display usage information if input is from a terminal
 if [ -t 0 ]; then
     exec >&2
-    echo "Usage: \"zlevis-encrypt '{\"property\":\"value\"}' < file.key > file.jwe\""
+    echo "$summary"
     echo
     echo "This command uses the following configuration properties:"
     echo "  hash: <string> -> Hash algorithm used in the computation of the object name (default: sha256)."
@@ -29,6 +29,9 @@ if [ -t 0 ]; then
     echo "  pcr_bank: <string> -> PCR algorithm bank to use for policy (default: first supported by TPM)."
     echo "  pcr_ids: <string> -> PCR list used for policy. If not present, no policy is used."
     echo "  pcr_digest: <string> -> Binary PCR hashes encoded in base64. If not present, the hash values are looked up."
+    echo
+    echo "Usage: \"zlevis-encrypt '{\"property\":\"value\"}' < file.key > file.jwe\""
+    echo "Usage ZFS: \"zfs set tpm:jwe=\$(zlevis-encrypt '{\"property\":\"value\"}' < tank.key) <pool>\""
     exit 2
 fi