# README
CanaryTail CLI
CanaryTail CLI is a simple proof-of-concept implementation of the CanaryTail standard
Installation
Windows:
$Env:GOOS="windows"; $Env:GOARCH="amd64"; go build -o canarytail-windows-amd64.exe ./cmd/
$Env:GOOS="linux"; $Env:GOARCH="amd64"; go build -o canarytail-linux-amd64 ./cmd/
$Env:GOOS="darwin"; $Env:GOARCH="amd64"; go build -o canarytail-darwin-amd64 ./cmd/
OS X & Linux:
Skip this step if you already know how to use go
In order to build, make sure you have go installed and the GOPATH set to its location. It will likely be /usr/local/go. Replace the example below with your go location.
export GOROOT=/usr/local/go
export PATH=$PATH:$GOROOT/bin
Build the project from the source folder for this canarytail client repo
go build ./cmd/canarytail.go
Run it via ./canarytail, which should return:
Usage: ./canarytail command [SUBCOMMAND] [OPTIONS]
Commands:
help Display this help message or help on a command
init Initialize config and keys to $CANARY_HOME
key
This command is for manipulating cryptographic keys.
new ALIAS Generates a new key for signing canaries and saves
to $CANARY_HOME/ALIAS
canary
This command is for manipulating canaries.
new ALIAS [--OPTIONS]
Generates a new canary, signs it using the key located
in $CANARY_HOME/ALIAS, and saves to that same path.
Codes provided in OPTIONS will be removed from the canary,
signifying that event has triggered the canary.
update ALIAS [--OPTIONS]
Updates the existing canary named ALIAS. If no OPTIONS
are provided, it merely updates the signature date. If
no EXPIRY is provided, it reuses the previous value
(e.g. renewing for a month).
Codes provided in OPTIONS will be removed from the canary,
signifying that event has triggered the canary.
Valid OPTIONS:
--expiry:# Expires in # minutes from now (default: 43200, one month)
--cease Court order to cease operations
--duress Under duress (coercion, blackmail, etc)
--gag Gag order received
--raid Raided, but data unlikely compromised
--seize Hardware or data seized, unlikely compromised
--subp Subpoena received
--trap Trap and trace order received
--war Warrant received
--xcred Compromised credentials
--xopers Operations compromised
validate [URI] Validates a canary's signature
version Show version and exit
Environment:
CANARY_HOME Location of canarytail config and files (default: $PWD)
Usage examples:
New canary signing key ./canarytail key new mydomain
New canary with defaults ./canarytail canary new mydomain
Renew existing canary 30 more days ./canarytail canary update mydomain
Trigger canary for warrant ./canarytail canary update mydomain --WAR
Validate a canary on a site ./canarytail canary validate https://mydomain/canary.json
Validate a canary locally ./canarytail canary validate ~/canary.json
Contributing
- Fork it (https://github.com/canarytail/client/fork)
- Create your feature branch (
git checkout -b feature/fooBar) - Commit your changes (
git commit -am 'Add some fooBar') - Push to the branch (
git push origin feature/fooBar) - Create a new Pull Request
# Packages
No description provided by the author
# Functions
AllCodes lists all Canary codes TODO: support multiple standard versions.
FormatBlockChainBlockHash formats a block hash in the standartd string format.
FormatKey formats a key into a base64 string.
GenerateKeyPair generates an Ed25519 key pair for signatures.
GetBlockInfo retrieves the block information from the BlockChain Data API.
GetLastBlockChainBlockHash retrieves the latest block hash from the BlockChain Data API.
GetLastBlockChainBlockHashFormatted retrieves the latest block hash from the BlockChain Data API, in the standard string format.
InverseCodes returns the missing codes from the standard, given a list of codes.
NewCanaryValidator instantiates a CanaryValidator.
ParsePrivateKey parses a private key in string form.
ParsePublicKey parses a public key in string form.
Read parses a canary from a URL or a local path.
SignString signs a Canary given a private key.
StructToMap converts a struct to a map while maintaining the json alias as keys.
ValidateSignatureString validates a Canary's signature given the corresponding public key.
# Constants
StandardVersion represents the current standard version being used by this library.
TimestampLayout defines the timestamp layout used in the standardconst TimestampLayout string = "2006-01-02T15:04:05.000" // time.RFC3339 should be preferred (what we have plus Z).
# Structs
BlockInfo represents a block in the BlockChain Data API https://www.blockchain.com/api/blockchain_api
{ "hash":"0000000000000bae09a7a393a8acded75aa67e46cb81f7acaa5ad94f9eacd103", "ver":1, "prev_block":"00000000000007d0f98d9edca880a6c124e25095712df8952e0439ac7409738a", "mrkl_root":"935aa0ed2e29a4b81e0c995c39e06995ecce7ddbebb26ed32d550a72e8200bf5", "time":1322131230, "bits":437129626, "nonce":2964215930, "n_tx":22, "size":9195, "block_index":818044, "main_chain":true, "height":154595, "received_time":1322131301, "relayed_by":"108.60.208.156", "tx":[--Array of Transactions--] }.
Canary represents a Canary, with its claims and its signature(s).
CanaryClaim the claims that conform this canary.
No description provided by the author
CanarySignatureValidator validates an ECDSA (Curve25519) set of signatures for a given canary and a public key.
CanaryValidator validates a canary.
# Type aliases
CanarySignature we will keep this as a string for now, in the future it will support several signatures.