casualscripter/Masterthesis
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity

Nautilus scripts for verify added

Browse Source
This commit is contained in:
Patrick Neumann 2020-11-29 21:47:19 +01:00
parent 18a4564408
commit 714d4d4bba
6 changed files with 878 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
home/lucifer/.local/share/nautilus/scripts/01-verify/01-ewfverify Executable file
View File

@ -0,0 +1,127 @@
#!/bin/bash
#===============================================================================
#
# DIRECTORY:
# /home/*/.local/share/nautilus/scripts/01-verify/
# OR
# /home/*/.gnome2/nautilus-sctipts/01-verify/ (deprecated)
#
# FILE:
# 01-ewfverify
#
# USAGE:
# Right klick on the first file of an EWF image and
# choose this nautilus script from the context menu.
#
# OPTIONS:
# none
#
# DESCRIPTION:
# Verifies media data stored in EWF files.
# Show the progress and store the result in a file.
#
# REQUIREMENTS:
# bash, zenity, ewf-tools, gnome-terminal, progps and coreutils
#
# BUGS:
# ---
#
# NOTES:
# Tested on
# - Debian 8+
# - Arch Linux
#
# AUTHOR:
# Patrick Neumann, patrick@neumannsland.de
#
# COMPANY:
# (privately)
#
# VERSION:
# 0.9 (beta)
#
# LINK TO THE MOST CURRENT VERSIONS:
# https://...
#
# CREATED:
# 09.09.2020
#
# COPYRIGHT (C):
# 2015-2020 - Patrick Neumann
#
# LICENSE:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WARRANTY:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# TODO:
# ---
#
# HISTORY:
# 0.9 - Patrick Neumann - Initial (public) release
#
#===============================================================================
#-------------------------------------------------------------------------------
# Additional supported Distribution(s) (add before Library!).
#-------------------------------------------------------------------------------
SUPPORTED_OSR="arch"
#-------------------------------------------------------------------------------
# Check for library (casualscripter_nautilus-scripts_functions.sh).
#-------------------------------------------------------------------------------
readonly LIBRARY="${0%/*/*}/.casualscripter_nautilus-scripts_functions.sh"
if [ ! -f "${LIBRARY}" ] ; then
zenity --error \
--text \
"ERROR: casualscripter_nautilus-scripts_functions.sh MISSING!"
exit 1
fi
source "${LIBRARY}"
#-------------------------------------------------------------------------------
# Checks (see library "casualscripter_nautilus-scripts_functions.sh").
#-------------------------------------------------------------------------------
check_dep "${GTERMINAL_BIN}" "gnome-terminal"
check_dep "${EWFVERIFY_BIN}" "ewf-tools"
check_dep "${SLEEP_BIN}" "coreutils"
check_dep "${PGREP_BIN}" "procps"
check_ext "${SOURCE}" "[eE]01"
check_tmp
#-------------------------------------------------------------------------------
# Generate ewfverify file, if necessary.
#-------------------------------------------------------------------------------
readonly EWFVERIFY="${TMP}/ewfverify-$( basename "${SOURCE}" ).txt"
if [ ! -f "${EWFVERIFY}" ] ; then
${GTERMINAL_BIN} --hide-menubar -- \
${EWFVERIFY_BIN} -d sha1 -l "${EWFVERIFY}" "${SOURCE}"
${SLEEP_BIN} 3
# We have to wait until ewfverify has finished...
while ${PGREP_BIN} --full "${EWFVERIFY_BIN}" > /dev/null 2>&1; do
${SLEEP_BIN} 1
done
fi
#-------------------------------------------------------------------------------
# Display content of the resultfile "ewfverify.txt".
#-------------------------------------------------------------------------------
display_resultfile "${EWFVERIFY}"
exit 0

141
home/lucifer/.local/share/nautilus/scripts/01-verify/02a-signify-verify Executable file
View File

@ -0,0 +1,141 @@
#!/bin/bash
#===============================================================================
#
# DIRECTORY:
# /home/*/.local/share/nautilus/scripts/01-verify/
# OR
# /home/*/.gnome2/nautilus-sctipts/01-verify/ (deprecated)
#
# FILE:
# 02a-signify-verify
#
# USAGE:
# Right klick on the first file of an EWF image and
# choose this nautilus script from the context menu.
#
# OPTIONS:
# none
#
# DESCRIPTION:
# Verifies that an logfile was digitally signed by a specific examiner.
#
# REQUIREMENTS:
# bash, zenity, signify, gawk and coreutils
#
# BUGS:
# ---
#
# NOTES:
# Tested on
# - Arch Linux
#
# AUTHOR:
# Patrick Neumann, patrick@neumannsland.de
#
# COMPANY:
# (privately)
#
# VERSION:
# 0.9 (beta)
#
# LINK TO THE MOST CURRENT VERSIONS:
# https://...
#
# CREATED:
# 10.09.2020
#
# COPYRIGHT (C):
# 2015-2020 - Patrick Neumann
#
# LICENSE:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WARRANTY:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# TODO:
# ---
#
# HISTORY:
# 0.9 - Patrick Neumann - Initial (public) release
#
#===============================================================================
#-------------------------------------------------------------------------------
# Additional supported Distribution(s) (add before Library!).
#-------------------------------------------------------------------------------
SUPPORTED_OSR="arch"
#-------------------------------------------------------------------------------
# Check for library (casualscripter_nautilus-scripts_functions.sh).
#-------------------------------------------------------------------------------
readonly LIBRARY="${0%/*/*}/.casualscripter_nautilus-scripts_functions.sh"
if [ ! -f "${LIBRARY}" ] ; then
zenity --error \
--text \
"ERROR: casualscripter_nautilus-scripts_functions.sh MISSING!"
exit 1
fi
source "${LIBRARY}"
#-------------------------------------------------------------------------------
# Checks (see library "casualscripter_nautilus-scripts_functions.sh").
#-------------------------------------------------------------------------------
check_dep "${BASENAME_BIN}" "coreutils"
check_dep "${OPENSSL_BIN}" "openssl"
check_dep "${AWK_BIN}" "gawk"
check_dep "${SIGNIFY_BIN}" "signify"
check_ext "${SOURCE}" "info|log|txt"
check_tmp
#-------------------------------------------------------------------------------
# Ask user for signify public key file if default is missing.
#-------------------------------------------------------------------------------
if [ ! -r "${SOURCE}.sig" ] ; then
error_exit "no signify signature file (.sig) found"
fi
if [ -r "${DIRNAME}/signify-key.pub" ] ; then
readonly SIGNIFY_KEY_PUB="${DIRNAME}/signify-key.pub"
else
readonly SIGNIFY_KEY_PUB="$( ${ZENITY_BIN} --title="Select signify public key file" \
--file-selection )"
if [ -z "${SIGNIFY_KEY_PUB}" ] ; then
error_exit "no signify public key file choosen"
fi
fi
#-------------------------------------------------------------------------------
# Generate signify verify file, if necessary.
#-------------------------------------------------------------------------------
readonly SIGNIFYVERIFY="${TMP}/signify-verify-$( ${BASENAME_BIN} "${SOURCE}" ).txt"
if [ ! -f "${SIGNIFYVERIFY}" ] ; then
${PRINTF_BIN} "Verified log file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" )" > "${SIGNIFYVERIFY}"
${PRINTF_BIN} "Verified signature file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" ).sig" >> "${SIGNIFYVERIFY}"
${PRINTF_BIN} "MD5 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -md5 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${SIGNIFYVERIFY}"
${PRINTF_BIN} "SHA1 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -sha1 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${SIGNIFYVERIFY}"
${PRINTF_BIN} "Used signify public key file:\n %s\n\n" "$( ${BASENAME_BIN} "${SIGNIFY_KEY_PUB}" )" >> "${SIGNIFYVERIFY}"
${PRINTF_BIN} "Output of signify:\n " >> "${SIGNIFYVERIFY}"
${SIGNIFY_BIN} -V -p "${SIGNIFY_KEY_PUB}" -m "${SOURCE}" >> "${SIGNIFYVERIFY}" 2>&1
fi
#-------------------------------------------------------------------------------
# Display content of the resultfile "signify-verify...txt".
#-------------------------------------------------------------------------------
display_resultfile "${SIGNIFYVERIFY}"
exit 0

140
home/lucifer/.local/share/nautilus/scripts/01-verify/02b-minisign-verify Executable file
View File

@ -0,0 +1,140 @@
#!/bin/bash
#===============================================================================
#
# DIRECTORY:
# /home/*/.local/share/nautilus/scripts/01-verify/
# OR
# /home/*/.gnome2/nautilus-sctipts/01-verify/ (deprecated)
#
# FILE:
# 02b-minisign-verify
#
# USAGE:
# Right klick on the first file of an EWF image and
# choose this nautilus script from the context menu.
#
# OPTIONS:
# none
#
# DESCRIPTION:
# Verifies that an logfile was digitally signed by a specific examiner.
#
# REQUIREMENTS:
# bash, zenity, minisign and coreutils
#
# BUGS:
# ---
#
# NOTES:
# Tested on
# - Arch Linux
#
# AUTHOR:
# Patrick Neumann, patrick@neumannsland.de
#
# COMPANY:
# (privately)
#
# VERSION:
# 0.9 (beta)
#
# LINK TO THE MOST CURRENT VERSIONS:
# https://...
#
# CREATED:
# 10.09.2020
#
# COPYRIGHT (C):
# 2015-2020 - Patrick Neumann
#
# LICENSE:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WARRANTY:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# TODO:
# ---
#
# HISTORY:
# 0.9 - Patrick Neumann - Initial (public) release
#
#===============================================================================
#-------------------------------------------------------------------------------
# Additional supported Distribution(s) (add before Library!).
#-------------------------------------------------------------------------------
SUPPORTED_OSR="arch"
#-------------------------------------------------------------------------------
# Check for library (casualscripter_nautilus-scripts_functions.sh).
#-------------------------------------------------------------------------------
readonly LIBRARY="${0%/*/*}/.casualscripter_nautilus-scripts_functions.sh"
if [ ! -f "${LIBRARY}" ] ; then
zenity --error \
--text \
"ERROR: casualscripter_nautilus-scripts_functions.sh MISSING!"
exit 1
fi
source "${LIBRARY}"
#-------------------------------------------------------------------------------
# Checks (see library "casualscripter_nautilus-scripts_functions.sh").
#-------------------------------------------------------------------------------
check_dep "${GTERMINAL_BIN}" "gnome-terminal"
check_dep "${MINISIGN_BIN}" "minisign"
check_dep "${BASENAME_BIN}" "coreutils"
check_ext "${SOURCE}" "info|log|txt"
check_tmp
#-------------------------------------------------------------------------------
# Ask user for minisign public key file.
#-------------------------------------------------------------------------------
if [ ! -r "${SOURCE}.minisig" ] ; then
error_exit "no minisign signature file (.minisig) found"
fi
if [ -r "${DIRNAME}/minisign.pub" ] ; then
readonly MINISIGN_PUB="${DIRNAME}/minisign.pub"
else
readonly MINISIGN_PUB="$( ${ZENITY_BIN} --title="Select minisign public key file" \
--file-selection )"
if [ -z "${MINISIGN_PUB}" ] ; then
error_exit "no minisign public key file choosen"
fi
fi
#-------------------------------------------------------------------------------
# Generate signify minisign file, if necessary.
#-------------------------------------------------------------------------------
readonly MINISIGNVERIFY="${TMP}/minisign-verify-$( ${BASENAME_BIN} "${SOURCE}" ).txt"
if [ ! -f "${MINISIGNVERIFY}" ] ; then
${PRINTF_BIN} "Verified log file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" )" > "${MINISIGNVERIFY}"
${PRINTF_BIN} "Verified signature file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" ).minisig" >> "${MINISIGNVERIFY}"
${PRINTF_BIN} "MD5 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -md5 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${MINISIGNVERIFY}"
${PRINTF_BIN} "SHA1 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -sha1 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${MINISIGNVERIFY}"
${PRINTF_BIN} "Used minisign public key file:\n %s\n\n" "$( ${BASENAME_BIN} "${MINISIGN_PUB}" )" >> "${MINISIGNVERIFY}"
${PRINTF_BIN} "Output of minisign:\n " >> "${MINISIGNVERIFY}"
${MINISIGN_BIN} -V -p "${MINISIGN_PUB}" -m "${SOURCE}" >> "${MINISIGNVERIFY}" 2>&1
fi
#-------------------------------------------------------------------------------
# Display content of the resultfile "minisign-verify.txt".
#-------------------------------------------------------------------------------
display_resultfile "${MINISIGNVERIFY}"
exit 0

179
home/lucifer/.local/share/nautilus/scripts/01-verify/02c-gpg-verify Executable file
View File

@ -0,0 +1,179 @@
#!/bin/bash
#===============================================================================
#
# DIRECTORY:
# /home/*/.local/share/nautilus/scripts/01-verify/
# OR
# /home/*/.gnome2/nautilus-sctipts/01-verify/ (deprecated)
#
# FILE:
# 02c-gpg-verify
#
# USAGE:
# Right klick on the first file of an EWF image and
# choose this nautilus script from the context menu.
#
# OPTIONS:
# none
#
# DESCRIPTION:
# Verifies that an logfile was digitally signed by a specific examiner.
#
# REQUIREMENTS:
# bash, zenity, gpg, grep, awk and coreutils
#
# BUGS:
# ---
#
# NOTES:
# Tested on
# - Arch Linux
#
# AUTHOR:
# Patrick Neumann, patrick@neumannsland.de
#
# COMPANY:
# (privately)
#
# VERSION:
# 0.9 (beta)
#
# LINK TO THE MOST CURRENT VERSIONS:
# https://...
#
# CREATED:
# 11.09.2020
#
# COPYRIGHT (C):
# 2015-2020 - Patrick Neumann
#
# LICENSE:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WARRANTY:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# TODO:
# - more DRY (dont repeat yourself)!
#
# HISTORY:
# 0.9 - Patrick Neumann - Initial (public) release
#
#===============================================================================
#-------------------------------------------------------------------------------
# Additional supported Distribution(s) (add before Library!).
#-------------------------------------------------------------------------------
SUPPORTED_OSR="arch"
#-------------------------------------------------------------------------------
# Check for library (casualscripter_nautilus-scripts_functions.sh).
#-------------------------------------------------------------------------------
readonly LIBRARY="${0%/*/*}/.casualscripter_nautilus-scripts_functions.sh"
if [ ! -f "${LIBRARY}" ] ; then
zenity --error \
--text \
"ERROR: casualscripter_nautilus-scripts_functions.sh MISSING!"
exit 1
fi
source "${LIBRARY}"
#-------------------------------------------------------------------------------
# Checks (see library "casualscripter_nautilus-scripts_functions.sh").
#-------------------------------------------------------------------------------
check_dep "${BASENAME_BIN}" "coreutils"
check_dep "${OPENSSL_BIN}" "openssl"
check_dep "${AWK_BIN}" "gawk"
check_dep "${GREP_BIN}" "grep"
check_dep "${GPG_BIN}" "gnupg"
check_ext "${SOURCE}" "info|log|txt"
check_tmp
#-------------------------------------------------------------------------------
# Import public key if needed.
#-------------------------------------------------------------------------------
if [ -r "${SOURCE}.sig" ] ; then
if ${GPG_BIN} --verify "${SOURCE}.sig" "${SOURCE}" 2>&1 | ${GREP_BIN} --fixed-strings "No public key" 2>&1 > /dev/null ; then
readonly GPG_PUB_KEY_FILE="$( ${ZENITY_BIN} --title="Select gpg public key file" \
--file-selection )"
if [ -z "${GPG_PUB_KEY_FILE}" ] ; then
error_exit "no gpg public key file choosen"
fi
PUBKEY1="$( ${GPG_BIN} "${GPG_PUB_KEY_FILE}" 2>/dev/null | ${GREP_BIN} --only-matching --only-matching "[[:xdigit:]]{40}" )"
PUBKEY2="$( ${GPG_BIN} --verify "${SOURCE}.sig" "${SOURCE}" 2>&1 | ${GREP_BIN} --only-matching --only-matching "[[:xdigit:]]{40}" )"
if [ "${PUBKEY1}" != "${PUBKEY2}" ] ; then
error_exit "wrong gpg public key file"
fi
${GPG_BIN} --import "${GPG_PUB_KEY_FILE}"
# gpg --edit-key "${PUBKEY1}"
# -> trust
# -> 5
# -> save
fi
elif [ -r "${SOURCE}.asc" ] ; then
if ${GPG_BIN} --verify "${SOURCE}.asc" 2>&1 | ${GREP_BIN} --fixed-strings "No public key" 2>&1 > /dev/null ; then
readonly GPG_PUB_KEY_FILE="$( ${ZENITY_BIN} --title="Select gpg public key file" \
--file-selection )"
if [ -z "${GPG_PUB_KEY_FILE}" ] ; then
error_exit "no gpg public key file choosen"
fi
PUBKEY1="$( ${GPG_BIN} "${GPG_PUB_KEY_FILE}" 2>/dev/null | ${GREP_BIN} --only-matching "[[:xdigit:]]{40}" )"
PUBKEY2="$( ${GPG_BIN} --verify "${SOURCE}.asc" 2>&1 | ${GREP_BIN} --only-matching "[[:xdigit:]]{40}" )"
if [ "${PUBKEY1}" != "${PUBKEY2}" ] ; then
error_exit "wrong gpg public key file"
fi
${GPG_BIN} --import "${GPG_PUB_KEY_FILE}"
fi
else
error_exit "no gpg signatur (.sig or .asc) found"
fi
#-------------------------------------------------------------------------------
# Generate gpg verify file, if necessary.
#-------------------------------------------------------------------------------
readonly GPGVERIFY="${TMP}/gpg-verify-$( ${BASENAME_BIN} "${SOURCE}" ).txt"
if [ ! -f "${GPGVERIFY}" ] ; then
if [ -r "${SOURCE}.sig" ] ; then
${PRINTF_BIN} "Verified log file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" )" > "${GPGVERIFY}"
${PRINTF_BIN} "Verified signature file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" ).sig" >> "${GPGVERIFY}"
${PRINTF_BIN} "MD5 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -md5 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${GPGVERIFY}"
${PRINTF_BIN} "SHA1 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -sha1 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${GPGVERIFY}"
${PRINTF_BIN} "Output of gnupg:\n\n" >> "${GPGVERIFY}"
${GPG_BIN} --verify "${SOURCE}.sig" "${SOURCE}" 2>> "${GPGVERIFY}"
elif [ -r "${SOURCE}.asc" ] ; then
${PRINTF_BIN} "Verified log file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" )" > "${GPGVERIFY}"
${PRINTF_BIN} "Verified signature file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" ).asc" >> "${GPGVERIFY}"
${PRINTF_BIN} "MD5 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -md5 "${SOURCE}.asc" | ${AWK_BIN} '{ print $NF }' )" >> "${GPGVERIFY}"
${PRINTF_BIN} "SHA1 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -sha1 "${SOURCE}.asc" | ${AWK_BIN} '{ print $NF }' )" >> "${GPGVERIFY}"
${PRINTF_BIN} "Output of gnupg:\n\n" >> "${GPGVERIFY}"
${GPG_BIN} --verify "${SOURCE}.asc" 2>> "${GPGVERIFY}"
fi
fi
#-------------------------------------------------------------------------------
# Display content of the resultfile "gpg-verify...txt".
#-------------------------------------------------------------------------------
display_resultfile "${GPGVERIFY}"
exit 0

152
home/lucifer/.local/share/nautilus/scripts/01-verify/02d-smime-verify Executable file
View File

@ -0,0 +1,152 @@
#!/bin/bash
#===============================================================================
#
# DIRECTORY:
# /home/*/.local/share/nautilus/scripts/01-verify/
# OR
# /home/*/.gnome2/nautilus-sctipts/01-verify/ (deprecated)
#
# FILE:
# 02d-smime-verify
#
# USAGE:
# Right klick on an EWF (or RAW) image and
# choose this nautilus script from the context menu.
#
# OPTIONS:
# none
#
# DESCRIPTION:
# Verifies that an logfile was digitally signed by a specific examiner.
#
# REQUIREMENTS:
# bash, zenity, coreutils, gpg and grep
#
# BUGS:
# ---
#
# NOTES:
# Tested on
# - Arch Linux
#
# AUTHOR:
# Patrick Neumann, patrick@neumannsland.de
#
# COMPANY:
# (privately)
#
# VERSION:
# 0.9 (beta)
#
# LINK TO THE MOST CURRENT VERSIONS:
# https://...
#
# CREATED:
# 11.09.2020
#
# COPYRIGHT (C):
# 2015-2020 - Patrick Neumann
#
# LICENSE:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WARRANTY:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# TODO:
# ---
#
# HISTORY:
# 0.9 - Patrick Neumann - Initial (public) release
#
#===============================================================================
#-------------------------------------------------------------------------------
# Additional supported Distribution(s) (add before Library!).
#-------------------------------------------------------------------------------
SUPPORTED_OSR="arch"
#-------------------------------------------------------------------------------
# Check for library (casualscripter_nautilus-scripts_functions.sh).
#-------------------------------------------------------------------------------
readonly LIBRARY="${0%/*/*}/.casualscripter_nautilus-scripts_functions.sh"
if [ ! -f "${LIBRARY}" ] ; then
zenity --error \
--text \
"ERROR: casualscripter_nautilus-scripts_functions.sh MISSING!"
exit 1
fi
source "${LIBRARY}"
#-------------------------------------------------------------------------------
# Checks (see library "casualscripter_nautilus-scripts_functions.sh").
#-------------------------------------------------------------------------------
check_dep "${BASENAME_BIN}" "coreutils"
check_dep "${GREP_BIN}" "grep"
check_dep "${GPGSM_BIN}" "gnupg"
check_ext "${SOURCE}" "info|log|txt"
check_tmp
#-------------------------------------------------------------------------------
# Import public key if needed.
#-------------------------------------------------------------------------------
if [ -r "${SOURCE}.pem" ] ; then
### TODO: TEST WITHOUT KNOWN PUBLIC KEY !!!
if ${GPGSM_BIN} --verify "${SOURCE}.pem" 2>&1 | ${GREP_BIN} --fixed-strings "No public key" 2>&1 > /dev/null ; then
readonly SMIME_KEY_FILE="$( ${ZENITY_BIN} --title="Select s/mime public key file" \
--file-selection )"
if [ -z "${SMIME_KEY_FILE}" ] ; then
error_exit "no s/mime public key file choosen"
fi
PUBKEY1="$( ${GPGSM_BIN} "${SMIME_KEY_FILE}" 2>/dev/null | ${GREP_BIN} --only-matching "[[:xdigit:]]{40}" )"
PUBKEY2="$( ${GPGSM_BIN} --verify "${SOURCE}.asc" 2>&1 | ${GREP_BIN} --only-matching "[[:xdigit:]]{40}" )"
if [ "${PUBKEY1}" != "${PUBKEY2}" ] ; then
error_exit "wrong s/mime public key file"
fi
${GPGSM_BIN} --import "${SMIME_KEY_FILE}"
fi
else
error_exit "no s/mime signatur (.pem) found"
fi
#-------------------------------------------------------------------------------
# A little bit of configuration before the magic.
#-------------------------------------------------------------------------------
readonly SMIMEVERIFY="${TMP}/smime-verify-$( ${BASENAME_BIN} "${SOURCE}" ).txt"
#-------------------------------------------------------------------------------
# Generate gpg verify file, if necessary.
#-------------------------------------------------------------------------------
if [ ! -f "${SMIMEVERIFY}" ] ; then
${PRINTF_BIN} "Verified log file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" )" > "${SMIMEVERIFY}"
${PRINTF_BIN} "Verified signature file:\n %s\n\n" "$( ${BASENAME_BIN} "${SOURCE}" ).pem" >> "${SMIMEVERIFY}"
${PRINTF_BIN} "MD5 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -md5 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${SMIMEVERIFY}"
${PRINTF_BIN} "SHA1 of log file:\n %s\n\n" "$( ${OPENSSL_BIN} dgst -sha1 "${SOURCE}" | ${AWK_BIN} '{ print $NF }' )" >> "${SMIMEVERIFY}"
${PRINTF_BIN} "Output of gpgsm:\n\n" >> "${SMIMEVERIFY}"
${GPGSM_BIN} --verify "${SOURCE}.pem" 2>> "${SMIMEVERIFY}"
fi
#-------------------------------------------------------------------------------
# Display content of the resultfile "smime-verify.txt".
#-------------------------------------------------------------------------------
display_resultfile "${SMIMEVERIFY}"
exit 0

139
home/lucifer/.local/share/nautilus/scripts/01-verify/03-freetsa-verify Executable file
View File

@ -0,0 +1,139 @@
#!/bin/bash
#===============================================================================
#
# DIRECTORY:
# /home/*/.local/share/nautilus/scripts/01-verify/
# OR
# /home/*/.gnome2/nautilus-sctipts/01-verify/ (deprecated)
#
# FILE:
# 03-freetsa-verify
#
# USAGE:
# Right klick on the first file of an EWF image and
# choose this nautilus script from the context menu.
#
# OPTIONS:
# none
#
# DESCRIPTION:
# Verifies that the content of a log file has not been changed after a
# specific date.
#
# REQUIREMENTS:
# bash, zenity, curl and openssl
#
# BUGS:
# ---
#
# NOTES:
# Tested on
# - Arch Linux
#
# AUTHOR:
# Patrick Neumann, patrick@neumannsland.de
#
# COMPANY:
# (privately)
#
# VERSION:
# 0.9 (beta)
#
# LINK TO THE MOST CURRENT VERSIONS:
# https://...
#
# CREATED:
# 12.09.2020
#
# COPYRIGHT (C):
# 2015-2020 - Patrick Neumann
#
# LICENSE:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WARRANTY:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# TODO:
# ---
#
# HISTORY:
# 0.9 - Patrick Neumann - Initial (public) release
#
#===============================================================================
#-------------------------------------------------------------------------------
# Additional supported Distribution(s) (add before Library!).
#-------------------------------------------------------------------------------
SUPPORTED_OSR="arch"
#-------------------------------------------------------------------------------
# Check for library (casualscripter_nautilus-scripts_functions.sh).
#-------------------------------------------------------------------------------
readonly LIBRARY="${0%/*/*}/.casualscripter_nautilus-scripts_functions.sh"
if [ ! -f "${LIBRARY}" ] ; then
zenity --error \
--text \
"ERROR: casualscripter_nautilus-scripts_functions.sh MISSING!"
exit 1
fi
source "${LIBRARY}"
#-------------------------------------------------------------------------------
# Checks (see library "casualscripter_nautilus-scripts_functions.sh").
#-------------------------------------------------------------------------------
check_dep "${BASENAME_BIN}" "coreutils"
check_dep "${CURL_BIN}" "curl"
check_dep "${OPENSSL_BIN}" "openssl"
check_ext "${SOURCE}" "info|log|txt"
check_tmp
#-------------------------------------------------------------------------------
# Ask user for a response file if default is missing.
#-------------------------------------------------------------------------------
if [ -r "${SOURCE}.tsr" ] ; then
readonly RESPONSE_FILE="${SOURCE}.tsr"
else
readonly RESPONSE_FILE="$( ${ZENITY_BIN} --title="Select timestamp service response file (.tsr)" \
--file-selection )"
if [ -z "${RESPONSE_FILE}" ] ; then
error_exit "no timestamp service response file (.tsr) choosen"
fi
fi
#-------------------------------------------------------------------------------
# Generate freetsa verify file, if necessary.
#-------------------------------------------------------------------------------
readonly CACERTURL="http://freetsa.org/files/cacert.pem"
readonly PEMFILE="${DIRNAME}/freetsa-org-cacert.pem"
readonly FREETSAVERIFY="${TMP}/freetsa-verify-$( ${BASENAME_BIN} "${SOURCE}" ).txt"
if [ ! -f "${FREETSAVERIFY}" ] ; then
${PRINTF_BIN} "Verified log file:\n %s\n\n" $( ${BASENAME_BIN} "${SOURCE}" ) > "${FREETSAVERIFY}"
${CURL_BIN} -o "${PEMFILE}" "${CACERTURL}"
${PRINTF_BIN} "URL to used certificate file of the Time Stamp Authority (freeTSA.org):\n %s\n\n" "${CACERTURL}" >> "${FREETSAVERIFY}"
${PRINTF_BIN} "Used timestamp service response file (.tsr):\n %s\n\n" "$( ${BASENAME_BIN} "${RESPONSE_FILE}" )" >> "${FREETSAVERIFY}"
${PRINTF_BIN} "Timestamp (date):\n %s\n\n" "$( ${OPENSSL_BIN} ts -reply -in "${RESPONSE_FILE}" -text 2>/dev/null | ${SED_BIN} -n '/Time stamp:/ s/Time stamp: // p' )" >> "${FREETSAVERIFY}"
${PRINTF_BIN} "Output of 'openssl ts -verify' itself:\n " >> "${FREETSAVERIFY}"
${OPENSSL_BIN} ts -verify -in "${RESPONSE_FILE}" -data "${SOURCE}" -CAfile "${PEMFILE}" 2>/dev/null >> "${FREETSAVERIFY}"
fi
#-------------------------------------------------------------------------------
# Display content of the resultfile "freetsa-verify...txt".
#-------------------------------------------------------------------------------
display_resultfile "${FREETSAVERIFY}"
exit 0