free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Check a given hash against the tripwire database

Bob Mottram 7 years ago
parent
adef1bb88f
commit
659e49c477
1 changed files with 38 additions and 3 deletions
Split View Show Diff Stats
  1. 38
    3
      src/freedombone-controlpanel

+ 38
- 3
src/freedombone-controlpanel View File 

@@ -129,8 +129,43 @@ if [[ $USB_DRIVE == *"dev"* ]]; then
129 129 
 fi
130 130
131 131 
 function any_key {
132 
-    echo ' '
133 
-    read -n1 -r -p $"Press any key to continue..." key
132 
+    echo ''
133 
+    read -n1 -rsp $"Press any key to continue..." key
134 
+}
135 
+
136 
+function any_key_verify {
137 
+    echo ''
138 
+    read -n1 -rsp $"Press any key to continue or C to check a hash..." key
139 
+    if [[ "$key" != 'c' && "$key" != 'C' ]]; then
140 
+        return
141 
+    fi
142 
+
143 
+    data=$(tempfile 2>/dev/null)
144 
+    trap "rm -f $data" 0 1 2 5 15
145 
+    dialog --title $"Check tripwire hash" \
146 
+           --backtitle $"Freedombone Control Panel" \
147 
+           --inputbox $"Paste your tripwire hash below and it will be checked against the current database" 12 60 2>$data
148 
+    sel=$?
149 
+    case $sel in
150 
+        0)
151 
+            GIVEN_HASH=$(<$data)
152 
+            if [ ${#GIVEN_HASH} -gt 8 ]; then
153 
+                if [[ "$GIVEN_HASH" == *' '* ]]; then
154 
+                    dialog --title $"Check tripwire" \
155 
+                           --msgbox $"\nThe hash should not contain any spaces" 10 40
156 
+                else
157 
+                    DBHASH=$(sha512sum  /var/lib/tripwire/${HOSTNAME}.twd | awk -F ' ' '{print $1}')
158 
+                    if [[ "$DBHASH" == "$GIVEN_HASH" ]]; then
159 
+                        dialog --title $"Check tripwire" \
160 
+                               --msgbox $"\nSuccess\n\nThe hash you gave matches the current tripwire database" 10 40
161 
+                    else
162 
+                        dialog --title $"Check tripwire" \
163 
+                               --msgbox $"\nFailed\n\nThe hash you gave does not match the current tripwire database. This might be because you reset the tripwire, or there could have been an unauthorised modification of the system" 12 50
164 
+                    fi
165 
+                fi
166 
+            fi
167 
+            ;;
168 
+    esac
134 169 
 }
135 170
136 171 
 function get_app_icann_address {
 
@@ -1325,7 +1360,7 @@ function reset_tripwire {
1325 1360 
     else
1326 1361 
         echo $'ERROR: tripwire database was not created'
1327 1362 
     fi
1328 
-    any_key
1363 
+    any_key_verify
1329 1364 
 }
1330 1365
1331 1366 
 function format_drive {