#!/bin/zsh
set -e
confirm() {
while true; do
echo -n "$1 [y/N] "
read -k 1 -s yn
case $yn in
[Yy]* ) echo -e "$yn";break;;
[Nn\r\n]* ) echo -e "$yn\nAborted." 1>&2; exit 1;;
* ) echo -e "\nMust answer with y/n.";;
esac
done
}
sign() {
cat "$1"
confirm "Do you wish to sign $1, as shown above?"
gpg --default-key "${SIGKEY:-'B546778F06BBCC8EC167DB3CD919706487B8B6DE'}" -o "${2:-"$1.sig"}" --clearsign "$1"
if [[ "$2" == "" ]] && (grep ".sig" <<< "$1"); then
mv "$1.sig" "$1"
fi;
}
export DAY="$(date -u "+%Y-%m-%d")"
export TIME="$(date -u "+%H:%M:%S")"
statustext() {
gt() {
echo " ┏━ Date & Time ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
┃
┃ Canary will target $DAY, at $TIME
┃ "
if [[ "$MONERO_HASH" != "" ]]; then
echo " ┣━ Monero ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
┃
┃ Canary will target monero blockhash $MONERO_HASH
┃ "
fi;
if [[ "$KERNEL_COMMIT" != "" ]]; then
echo " ┣━ Kernel ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄
┃
┃ Canary will target kernel commit $KERNEL_COMMIT
┃ "
fi
echo " ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄"
}
clear 1>&2;
echo "$(gt)$(seq $(wc -l <<< "$(gt)") 15 | sed -E 's/[0-9]+/ /g')" 1>&2
}
statustext
confirm "Do you wish to prepare canaries targetting $DAY at $TIME?"
localmonero_blockhash_api() {
statustext
echo 'Fetching Monero Blockheight & Blockhash' 1>&2;
curl -fsSL "https://localmonero.co/blocks/api/get_block_data/$(curl -fsSL https://localmonero.co/blocks/api/get_stats | jq .height)" | jq '.block_data.result.block_header.hash'
}
manual_monero_hash_entry() {
statustext
echo -n "Please enter the current monero block hash: "
read MONERO_HASH
if [[ "$(wc -m <<< "$MONERO_HASH")" != "65" ]]; then
confirm "This is the incorrect length for a monero block hash. Are you sure?" || manual_monero_hash_entry
fi
MONERO_HASH="\"$MONERO_HASH\""
}
get_monero() {
IS_MANUAL=false;
if [[ "$MONERO_HASH" == "" ]] && [[ "$IS_MANUAL_MONERO_HEIGHT_ENTRY" == "" ]]; then
MONERO_HASH="$(localmonero_blockhash_api)"
fi
if [[ "$MONERO_HASH" == "" ]]; then
IS_MANUAL=true
manual_monero_hash_entry
fi
statustext
echo -e 'Validation Sources:'
if [[ "$IS_MANUAL" == "true" ]]; then
echo -e '- https://localmonero.co/blocks (use if height was manually entered only)'
fi
echo -e '- https://moneroexplorer.org - click latest height'
echo -e '- https://xmrscan.org/blocks'
echo -e '- a local monerod'
confirm "Please validate that $MONERO_HASH is the latest monero hash - is it correct?"
}
get_kernel_commit() {
statustext
rm -rf /tmp/kernel
if [[ "$KERNEL_COMMIT" == "" ]]; then
echo "Fetching kernel commit..."
git clone --depth 1 --bare --branch master https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git /tmp/kernel
KERNEL_COMMIT="\"$(git --git-dir=/tmp/kernel rev-parse HEAD)\""
rm -rf /tmp/kernel
fi
statustext
confirm "Please validate that $KERNEL_COMMIT is the current latest commit hash of the linux kernel, as per https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/"
}
# export KERNEL_COMMIT="$KERNEL_COMMIT"
# export MONERO_HASH="$MONERO_HASH"
get_monero
get_kernel_commit
process_canary() {
FILE="$1"
replace_template() {
sed -i "s/\\[$1\\]/$2/g" "$FILE"
}
clear
replace_template 'PRESENT_DAY' "$DAY"
replace_template 'PRESENT_TIME' "$TIME"
replace_template 'MONERO_HASH' "$( (jq -r <<< "$MONERO_HASH" 2>/dev/null) || echo -n "$MONERO_HASH" )"
replace_template 'LINUX_KERNEL_COMMIT' "$( (jq -r <<< "$KERNEL_COMMIT" 2>/dev/null) || echo -n "$KERNEL_COMMIT" )"
rm -f "$FILE.sig"
sign "$FILE" "$FILE.sig"
mv "$FILE.sig" "$FILE"
}
mkdir -p static/canaries
cp -r canary-templates/* static/canaries/
for f in static/canaries/*; do
process_canary "$f"
done;