new: [doc] Added a verify.txt to explain how to verify

new: [deploy] Addded symlinks to have an easier latest for actual files.
MISP · May 15, 2019 · 39da435 · 39da435
1 parent d0b7ede
commit 39da435
Show file tree

Hide file tree

Showing 2 changed files with 68 additions and 4 deletions.
diff --git a/deploy.sh b/deploy.sh
@@ -227,6 +227,7 @@ if [[ "${LATEST_COMMIT}" != "$(cat /tmp/${PACKER_NAME}-latest.sha)" ]]; then
     # Create the latest MISP export directory
     if [[ "${REMOTE}" == "1" ]]; then
       ssh ${REL_USER}@${REL_SERVER} "mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} ; mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums"
+      scp verify.txt ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/
     fi
 
     # Sign and transfer files
@@ -242,15 +243,22 @@ if [[ "${LATEST_COMMIT}" != "$(cat /tmp/${PACKER_NAME}-latest.sha)" ]]; then
 
       if [[ "${REMOTE}" == "1" ]]; then
         rsync -azvq --progress ${FILE} ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}
-        ssh ${REL_USER}@${REL_SERVER} "rm export/latest ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} export/latest"
+        ssh ${REL_USER}@${REL_SERVER} "rm export/latest ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} export/latest ;\
+                                       rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc"
       fi
     done
 
     if [[ "${REMOTE}" == "1" ]]; then
       ssh ${REL_USER}@${REL_SERVER} "chmod -R +r export ;\
-                                     mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
-                                     mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
-                                     cd export ; tree -T "${PACKER_VM} VM Images" -H https://www.circl.lu/misp-images/ -o index.html"
+         mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv     export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
+         mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
+         rm export/${PACKER_VM}_${VER}@latest.ova              ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova export/${PACKER_VM}_${VER}@latest.ova ;\
+         rm export/${PACKER_VM}_${VER}@latest.ova.asc          ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova.asc export/${PACKER_VM}_${VER}@latest.ova.asc ;\
+         rm export/${PACKER_VM}_${VER}@latest-VMware.zip       ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip export/${PACKER_VM}_${VER}@latest-VMware.zip ;\
+         rm export/${PACKER_VM}_${VER}@latest-VMware.zip.asc   ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip.asc export/${PACKER_VM}_${VER}@latest-VMware.zip.asc ;\
+         rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv     ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv ;\
+         rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ;\
+         cd export ; tree -T "${PACKER_VM} VM Images" -H https://www.circl.lu/misp-images/ -o index.html "
     fi
 
   else

diff --git a/verify.txt b/verify.txt
@@ -0,0 +1,56 @@
+How to verify the Automate MISP-VMs?
+------------------------------------
+
+In this directory you will find the following files:
+
+- OVA File (VirtualBox export of the VM)
+- ZIP File (ZIP Packae of the VMware VM)
+- ASC File (PGP Armored file of the above files)
+- checksums Directory (The directory with all the checksums of the above files)
+
+Verify VirtualBox OVA
+---------------------
+
+1. Download signatures
+
+Download the OVA and the ASC into the same directory.
+
+2. Verify signatures
+
+On the command line verify the PGP signature first, example:
+
+$ gpg --verify [email protected] [email protected]
+
+TODO: Include output.
+
+3. Download SFV files
+
+Now download the checksum file and its signature, and verify.
+
+$ wget https://www.circl.lu/misp-images/[email protected]
+$ wget https://www.circl.lu/misp-images/[email protected]
+$ gpg --verify /[email protected] [email protected]
+
+Next, use rhash or go with the manual way.
+
+rhash
+-----
+
+$ rhash -c [email protected]
+
+Verify VMware
+-------------
+
+1. Download signatures
+
+Download the ZIP and the ASC into the same directory.
+
+2. Verify signatures
+
+On the command line verify the PGP signature first, example:
+
+$ gpg --verify [email protected] [email protected]
+
+TODO: Include output.
+
+Do steps number 3 from above.