grempe · April 21, 2024 10:00
diff --git a/beacon.sh b/beacon.sh
 ## NIST Randomness Beacon verification routine
 ## Only slightly adapted by Elliot Williams
 ## from code provided by Lawrence Bassham, NIST
 
 ## The UNIX time that you'd like to test:
 ##
 whichRecord=1491202440 
 
 ## --------------- Utility Functions ----------------
 
 ## Extracts specified record from xml file
 getValue() {
  # see : http://stackoverflow.com/questions/8264134/xmllint-failing-to-properly-query-with-xpath
  xmllint --xpath "/*[local-name()='record']/*[local-name()='$1']/text()" $2
 }

 ## Converts little-endian to big-endian
 byteReverse() {
 len=${#1}
 for((i=${len}-2; i>=0; i=i-2)) do
 rev="$rev${1:$i:2}"
 done
 echo ${rev}
 }

 ## ---------------- Get an arbitrary record -----------------
 echo "Downloading data for: ${whichRecord}"
 curl -s https://beacon.nist.gov/rest/record/${whichRecord} -o rec.xml
 
 ## ------------- Pack data into correct format --------------
 echo
 echo "## Create a summary of all of the data, save as beacon.bin"
 
 ## Strangest choice of format ever!
 ## Version number (ascii text)
 ## Update frequency (4 bytes)
 ## Time Stamp (8 bytes)
 ## The HW RNG seedValue (64 bytes)
 ## The previous output value, does the chaining (64 bytes)
 ## Status code (4 bytes)
 
 getValue version rec.xml > beacon.bin
 printf "%.8x" `getValue frequency rec.xml` | xxd -r -p >> beacon.bin
 printf "%.16x" `getValue timeStamp rec.xml` | xxd -r -p >> beacon.bin
 getValue seedValue rec.xml | xxd -r -p >> beacon.bin
 getValue previousOutputValue rec.xml | xxd -r -p >> beacon.bin
 printf "%.8x" `getValue statusCode rec.xml` | xxd -r -p >> beacon.bin
 
 ## ------------------ Verify signature on data --------------------
 
 echo "## Verify that the signature and NIST's public key correctly SHA512 sign the data"
 
 ## Download Beacon's public key
 echo "Downloading Beacon's public key"
 curl -s https://beacon.nist.gov/certificate/beacon.cer -o beacon.cer
 
 ## Create a bytewise reversed version of the listed signature
 ## This is necessary b/c Beacon signs with Microsoft CryptoAPI which outputs
 ## the signature as little-endian instead of big-endian like many other tools
 ## This may change (personal communication) in a future revision of the Beacon
 signature=`getValue signatureValue rec.xml`
 byteReverse ${signature} | xxd -r -p > beacon.sig
 
 ## Pull public key out of certificate
 /usr/bin/openssl x509 -pubkey -noout -in beacon.cer > beaconpubkey.pem
 ## Test signature / key on packed data
 /usr/bin/openssl dgst -sha512 -verify beaconpubkey.pem -signature beacon.sig beacon.bin
 echo
 echo
 
 ## ------------------ Verify Signature -> Output and Chaining ------------
 echo "The following three values should match: "
 echo " a direct SHA512 of the extracted signature"
 echo " the reported output value"
 echo " next record's previous output value"
 echo
 
 ## Just print output value
 echo "Reported output value"
 getValue outputValue rec.xml
 echo
 
 ## Now turn the signature into the output value: again SHA512
 echo "SHA512 of the signature"
 getValue signatureValue rec.xml | xxd -r -p | sha512sum
 
 ## Now test chaining
 ## Get next record
 echo "Downloading the next record"
 curl -s https://beacon.nist.gov/rest/record/next/${whichRecord} -o next.xml
 ## Make sure that this period's output shows up as next period's "previous output"
 echo "Next value's reported previous output (test of forward chaining)"
 getValue previousOutputValue next.xml
 echo
 echo
 
 ## --------------------- The End -----------------------------------------
 
 ## If this all worked, we've verified that the signature (plus NIST's key)
 ## sign the hash of the random number and its support info
 ## _and_ we've verified that the outputValue is derived from them,
 ## so we know that this output value is in the chain.
 
 ## If we run this on every entry in the chain, and all works out just fine,
 ## then we'd know all is well

diff --git a/numbers-station.sh b/numbers-station.sh
 # modified for macOS
 # http://hackaday.com/2014/12/19/nist-randomness-beacon/

 curl -s https://beacon.nist.gov/rest/record/last |
  sed -E 's#.*<outputValue>(.*)</outputValue>.*#\1#' |
  tee /dev/stderr |
  sed -E '
    s/(.)/\1, /g;
    s/9/niner/g;
    s/A/alpha/g;
    s/B/bravo/g;
    s/C/charlie/g;
    s/D/delta/g;
    s/E/echo/g;
    s/F/foxtrot/g' |
  say
	## NIST Randomness Beacon verification routine
	## Only slightly adapted by Elliot Williams
	## from code provided by Lawrence Bassham, NIST

	## The UNIX time that you'd like to test:
	##
	whichRecord=1491202440

	## --------------- Utility Functions ----------------

	## Extracts specified record from xml file
	getValue() {
	# see : http://stackoverflow.com/questions/8264134/xmllint-failing-to-properly-query-with-xpath
	xmllint --xpath "/[local-name()='record']/[local-name()='$1']/text()" $2
	}

	## Converts little-endian to big-endian
	byteReverse() {
	len=${#1}
	for((i=${len}-2; i>=0; i=i-2)) do
	rev="$rev${1:$i:2}"
	done
	echo ${rev}
	}

	## ---------------- Get an arbitrary record -----------------
	echo "Downloading data for: ${whichRecord}"
	curl -s https://beacon.nist.gov/rest/record/${whichRecord} -o rec.xml

	## ------------- Pack data into correct format --------------
	echo
	echo "## Create a summary of all of the data, save as beacon.bin"

	## Strangest choice of format ever!
	## Version number (ascii text)
	## Update frequency (4 bytes)
	## Time Stamp (8 bytes)
	## The HW RNG seedValue (64 bytes)
	## The previous output value, does the chaining (64 bytes)
	## Status code (4 bytes)

	getValue version rec.xml > beacon.bin
	printf "%.8x" `getValue frequency rec.xml` \| xxd -r -p >> beacon.bin
	printf "%.16x" `getValue timeStamp rec.xml` \| xxd -r -p >> beacon.bin
	getValue seedValue rec.xml \| xxd -r -p >> beacon.bin
	getValue previousOutputValue rec.xml \| xxd -r -p >> beacon.bin
	printf "%.8x" `getValue statusCode rec.xml` \| xxd -r -p >> beacon.bin

	## ------------------ Verify signature on data --------------------

	echo "## Verify that the signature and NIST's public key correctly SHA512 sign the data"

	## Download Beacon's public key
	echo "Downloading Beacon's public key"
	curl -s https://beacon.nist.gov/certificate/beacon.cer -o beacon.cer

	## Create a bytewise reversed version of the listed signature
	## This is necessary b/c Beacon signs with Microsoft CryptoAPI which outputs
	## the signature as little-endian instead of big-endian like many other tools
	## This may change (personal communication) in a future revision of the Beacon
	signature=`getValue signatureValue rec.xml`
	byteReverse ${signature} \| xxd -r -p > beacon.sig

	## Pull public key out of certificate
	/usr/bin/openssl x509 -pubkey -noout -in beacon.cer > beaconpubkey.pem
	## Test signature / key on packed data
	/usr/bin/openssl dgst -sha512 -verify beaconpubkey.pem -signature beacon.sig beacon.bin
	echo
	echo

	## ------------------ Verify Signature -> Output and Chaining ------------
	echo "The following three values should match: "
	echo " a direct SHA512 of the extracted signature"
	echo " the reported output value"
	echo " next record's previous output value"
	echo

	## Just print output value
	echo "Reported output value"
	getValue outputValue rec.xml
	echo

	## Now turn the signature into the output value: again SHA512
	echo "SHA512 of the signature"
	getValue signatureValue rec.xml \| xxd -r -p \| sha512sum

	## Now test chaining
	## Get next record
	echo "Downloading the next record"
	curl -s https://beacon.nist.gov/rest/record/next/${whichRecord} -o next.xml
	## Make sure that this period's output shows up as next period's "previous output"
	echo "Next value's reported previous output (test of forward chaining)"
	getValue previousOutputValue next.xml
	echo
	echo

	## --------------------- The End -----------------------------------------

	## If this all worked, we've verified that the signature (plus NIST's key)
	## sign the hash of the random number and its support info
	## _and_ we've verified that the outputValue is derived from them,
	## so we know that this output value is in the chain.

	## If we run this on every entry in the chain, and all works out just fine,
	## then we'd know all is well
	# modified for macOS
	# http://hackaday.com/2014/12/19/nist-randomness-beacon/

	curl -s https://beacon.nist.gov/rest/record/last \|
	sed -E 's#.<outputValue>(.)</outputValue>.*#\1#' \|
	tee /dev/stderr \|
	sed -E '
	s/(.)/\1, /g;
	s/9/niner/g;
	s/A/alpha/g;
	s/B/bravo/g;
	s/C/charlie/g;
	s/D/delta/g;
	s/E/echo/g;
	s/F/foxtrot/g' \|
	say