From 4ceab0e7910d043c51843af0d01f22f46d441165 Mon Sep 17 00:00:00 2001
From: Greg DiCristofaro <gregd@basistech.com>
Date: Tue, 22 Nov 2022 12:51:25 -0500
Subject: [PATCH] script to update homebrew file

---
 homebrew/autopsy4.rb                          | 14 +++-
 homebrew/version_update/.gitignore            |  2 +
 homebrew/version_update/requirements.txt      |  1 +
 homebrew/version_update/version_update.py     | 82 +++++++++++++++++++
 snap/version_update/requirements.txt          |  1 -
 ...ap_version_update.py => version_update.py} |  4 +-
 6 files changed, 97 insertions(+), 7 deletions(-)
 create mode 100644 homebrew/version_update/.gitignore
 create mode 100644 homebrew/version_update/requirements.txt
 create mode 100644 homebrew/version_update/version_update.py
 rename snap/version_update/{snap_version_update.py => version_update.py} (98%)

diff --git a/homebrew/autopsy4.rb b/homebrew/autopsy4.rb
index e25adf30aa..a008569f26 100644
--- a/homebrew/autopsy4.rb
+++ b/homebrew/autopsy4.rb
@@ -5,10 +5,16 @@
 # A package installer can be generated using brew-pkg: https://github.com/timsutton/brew-pkg
 # Can be run locally with `brew install --debug --build-from-source --verbose <path_to_this_file>`
 class Autopsy4 < Formula
+  AUTOPSY_RESOURCE_URL = "https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.19.2/autopsy-4.19.2.zip".freeze
+  AUTOPSY_RESOURCE_SHA256 = "b1ca770df47f09512276fee16c184644cdd9a2591edfdb622a3177896f299893".freeze
+  TSK_RESOURCE_URL = "https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.11.1/sleuthkit-4.11.1.tar.gz".freeze
+  TSK_RESOURCE_SHA256 = "8ad94f5a69b7cd1a401afd882ab6b8e5daadb39dd2a6a3bbd5aecee2a2ea57a0".freeze
+
   desc "Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card. "
   homepage "http://www.sleuthkit.org/autopsy/"
-  url "https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.19.2/autopsy-4.19.2.zip"
-  sha256 "b1ca770df47f09512276fee16c184644cdd9a2591edfdb622a3177896f299893"
+
+  url AUTOPSY_RESOURCE_URL
+  sha256 AUTOPSY_RESOURCE_SHA256
   license "Apache-2.0"
 
   depends_on "afflib"
@@ -33,8 +39,8 @@ class Autopsy4 < Formula
   depends_on "ant" => :build
 
   resource "sleuthkit" do
-    url "https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.11.1/sleuthkit-4.11.1.tar.gz"
-    sha256 "8ad94f5a69b7cd1a401afd882ab6b8e5daadb39dd2a6a3bbd5aecee2a2ea57a0"
+    url TSK_RESOURCE_URL
+    sha256 TSK_RESOURCE_SHA256
   end
 
   # sha256 calculated using curl <url> | sha256sum
diff --git a/homebrew/version_update/.gitignore b/homebrew/version_update/.gitignore
new file mode 100644
index 0000000000..f2d51c2b11
--- /dev/null
+++ b/homebrew/version_update/.gitignore
@@ -0,0 +1,2 @@
+/.idea
+/venv
\ No newline at end of file
diff --git a/homebrew/version_update/requirements.txt b/homebrew/version_update/requirements.txt
new file mode 100644
index 0000000000..7a949cdbe8
--- /dev/null
+++ b/homebrew/version_update/requirements.txt
@@ -0,0 +1 @@
+argparse==1.4.0
\ No newline at end of file
diff --git a/homebrew/version_update/version_update.py b/homebrew/version_update/version_update.py
new file mode 100644
index 0000000000..15bb8a5956
--- /dev/null
+++ b/homebrew/version_update/version_update.py
@@ -0,0 +1,82 @@
+import sys
+import argparse
+from typing import Union
+from os.path import join, dirname, abspath, realpath
+import hashlib
+from urllib.request import urlopen
+import re
+
+HOMEBREW_RUBY_PATH = join(dirname(dirname(abspath(realpath(__file__)))), 'autopsy4.rb')
+TSK_URL_KEY = "TSK_RESOURCE_URL"
+TSK_SHA256_KEY = "TSK_RESOURCE_SHA256"
+AUTOPSY_URL_KEY = "AUTOPSY_RESOURCE_URL"
+AUTOPSY_SHA256_KEY = "AUTOPSY_RESOURCE_SHA256"
+
+MAX_FILE_SIZE = 100 * 1024 * 1024 * 1024
+
+
+def hash_url(url: str) -> str:
+    remote = urlopen(url)
+    total_read = 0
+    hasher = hashlib.sha256()
+
+    while total_read < MAX_FILE_SIZE:
+        data = remote.read(4096)
+        total_read += 4096
+        hasher.update(data)
+
+    return hasher.hexdigest()
+
+
+def replace_variable(file_contents: str, var_key: str, var_value: str) -> str:
+    search_regex = rf'^(\s*{re.escape(var_key)}\s*=\s*").+?("[^"]*)$'
+    replacement = rf'\g<1>{var_value}\g<2>'
+    return re.sub(search_regex, replacement, file_contents, flags=re.M)
+
+
+def update_versions(tsk_resource_url: str, autopsy_resource_url: str, file_path: Union[str, None]):
+    tsk_sha256 = hash_url(tsk_resource_url)
+    autopsy_sha256 = hash_url(autopsy_resource_url)
+
+    file_path = file_path if file_path is not None and len(file_path.strip()) > 0 else HOMEBREW_RUBY_PATH
+
+    with open(file_path, 'r') as f:
+        content = f.read()
+
+    for k, v in [
+        (TSK_URL_KEY, tsk_resource_url),
+        (TSK_SHA256_KEY, tsk_sha256),
+        (AUTOPSY_URL_KEY, autopsy_resource_url),
+        (AUTOPSY_SHA256_KEY, autopsy_sha256)
+    ]:
+        content = replace_variable(content, k, v)
+
+    with open(file_path, 'w') as f:
+        f.write(content)
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description="Updates homebrew file with current versions of autopsy and sleuthkit",
+        formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+
+    parser.add_argument('-s', '--sleuthkit_resource_url', required=True, dest='sleuthkit_resource_url', type=str,
+                        help='The compressed build file system of the sleuthkit release ' +
+                         '(i.e. https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.11.1/sleuthkit-4.11.1.tar.gz)')
+    parser.add_argument('-a', '--autopsy_resource_url', required=True, dest='autopsy_resource_url', type=str,
+                        help='The compressed build file system of the autopsy release ' +
+                             '(i.e. https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.19.2/autopsy-4.19.2.zip)')
+
+    parser.add_argument('-p', '--homebrew_path', dest='homebrew_path', type=str, default=HOMEBREW_RUBY_PATH,
+                        help='Path to homebrew file.')
+
+    args = parser.parse_args()
+    update_versions(
+        tsk_resource_url=args.sleuthkit_resource_url,
+        autopsy_resource_url=args.autopsy_resource_url,
+        file_path=args.homebrew_path
+    )
+
+
+if __name__ == '__main__':
+    main()
diff --git a/snap/version_update/requirements.txt b/snap/version_update/requirements.txt
index c85df6330a..72ed5c9e9b 100644
--- a/snap/version_update/requirements.txt
+++ b/snap/version_update/requirements.txt
@@ -1,3 +1,2 @@
 argparse==1.4.0
-#PyYAML==6.0
 ruamel.yaml==0.17.21
\ No newline at end of file
diff --git a/snap/version_update/snap_version_update.py b/snap/version_update/version_update.py
similarity index 98%
rename from snap/version_update/snap_version_update.py
rename to snap/version_update/version_update.py
index 6c16329109..74a32f0b30 100644
--- a/snap/version_update/snap_version_update.py
+++ b/snap/version_update/version_update.py
@@ -41,7 +41,7 @@ def update_versions(sleuthkit_version_tag: str,
         yaml.dump(yaml_dict, snapcraft_file)
 
 
-def main() -> int:
+def main():
     parser = argparse.ArgumentParser(
         description="Updates snapcraft.yml file with current versions of autopsy and sleuthkit",
         formatter_class=argparse.ArgumentDefaultsHelpFormatter)
@@ -72,4 +72,4 @@ def main() -> int:
 
 
 if __name__ == '__main__':
-    sys.exit(main())
+    main()