#!/bin/zsh set -e confirm() { while true; do echo -n "$1 [y/N] " read -k 1 -s yn case $yn in [Yy]* ) echo -e "$yn";break;; [Nn\r\n]* ) echo -e "$yn\nAborted." 1>&2; exit 1;; * ) echo -e "\nMust answer with y/n.";; esac done } sign() { cat "$1" confirm "Do you wish to sign $1, as shown above?" gpg --default-key "${SIGKEY:-'B546778F06BBCC8EC167DB3CD919706487B8B6DE'}" -o "${2:-"$1.sig"}" --clearsign "$1" if [[ "$2" == "" ]] && (grep ".sig" <<< "$1"); then mv "$1.sig" "$1" fi; } export DAY="$(date -u "+%Y-%m-%d")" export TIME="$(date -u "+%H:%M:%S")" statustext() { gt() { echo " ┏━ Date & Time ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄ ┃ ┃ Canary will target $DAY, at $TIME ┃ " if [[ "$MONERO_HASH" != "" ]]; then echo " ┣━ Monero ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄ ┃ ┃ Canary will target monero blockhash $MONERO_HASH ┃ " fi; if [[ "$KERNEL_COMMIT" != "" ]]; then echo " ┣━ Kernel ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄ ┃ ┃ Canary will target kernel commit $KERNEL_COMMIT ┃ " fi echo " ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┅┅┅┅┅┅┅┄┄┄┄┄" } clear 1>&2; echo "$(gt)$(seq $(wc -l <<< "$(gt)") 15 | sed -E 's/[0-9]+/ /g')" 1>&2 } statustext confirm "Do you wish to prepare canaries targetting $DAY at $TIME?" localmonero_blockhash_api() { statustext echo 'Fetching Monero Blockheight & Blockhash' 1>&2; curl -fsSL "https://localmonero.co/blocks/api/get_block_data/$(curl -fsSL https://localmonero.co/blocks/api/get_stats | jq .height)" | jq '.block_data.result.block_header.hash' } manual_monero_hash_entry() { statustext echo -n "Please enter the current monero block hash: " read MONERO_HASH if [[ "$(wc -m <<< "$MONERO_HASH")" != "65" ]]; then confirm "This is the incorrect length for a monero block hash. Are you sure?" || manual_monero_hash_entry fi MONERO_HASH="\"$MONERO_HASH\"" } get_monero() { IS_MANUAL=false; if [[ "$MONERO_HASH" == "" ]] && [[ "$IS_MANUAL_MONERO_HEIGHT_ENTRY" == "" ]]; then MONERO_HASH="$(localmonero_blockhash_api)" fi if [[ "$MONERO_HASH" == "" ]]; then IS_MANUAL=true manual_monero_hash_entry fi statustext echo -e 'Validation Sources:' if [[ "$IS_MANUAL" == "true" ]]; then echo -e '- https://localmonero.co/blocks (use if height was manually entered only)' fi echo -e '- https://moneroexplorer.org - click latest height' echo -e '- https://xmrscan.org/blocks' echo -e '- a local monerod' confirm "Please validate that $MONERO_HASH is the latest monero hash - is it correct?" } get_kernel_commit() { statustext rm -rf /tmp/kernel if [[ "$KERNEL_COMMIT" == "" ]]; then echo "Fetching kernel commit..." git clone --depth 1 --bare --branch master https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git /tmp/kernel KERNEL_COMMIT="\"$(git --git-dir=/tmp/kernel rev-parse HEAD)\"" rm -rf /tmp/kernel fi statustext confirm "Please validate that $KERNEL_COMMIT is the current latest commit hash of the linux kernel, as per https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/" } # export KERNEL_COMMIT="$KERNEL_COMMIT" # export MONERO_HASH="$MONERO_HASH" get_monero get_kernel_commit process_canary() { FILE="$1" replace_template() { sed -i "s/\\[$1\\]/$2/g" "$FILE" } clear replace_template 'PRESENT_DAY' "$DAY" replace_template 'PRESENT_TIME' "$TIME" replace_template 'MONERO_HASH' "$( (jq -r <<< "$MONERO_HASH" 2>/dev/null) || echo -n "$MONERO_HASH" )" replace_template 'LINUX_KERNEL_COMMIT' "$( (jq -r <<< "$KERNEL_COMMIT" 2>/dev/null) || echo -n "$KERNEL_COMMIT" )" rm -f "$FILE.sig" sign "$FILE" "$FILE.sig" mv "$FILE.sig" "$FILE" } mkdir -p static/canaries cp -r canary-templates/memdmp:* static/canaries/ for f in static/canaries/memdmp:*; do process_canary "$f" done;