Subversion Repositories vnag

Compare Revisions

No changes between revisions

Regard whitespace Rev 1 → Rev 2

/trunk/signtool/public.pem
0,0 → 1,25
-----BEGIN PUBLIC KEY-----
MIIEIjANBgkqhkiG9w0BAQEFAAOCBA8AMIIECgKCBAEA4UEmad2KHWzfGLcAzbOD
IhqWyoPA1Cg4zN5YK/CWUiE7sh2CNinIwYqGnIOhZLp54/Iyv3H05QeWJU7kD+jQ
5JwR8+pqk8ZGBfqlxXUBJ2bZhYIBJZYfilSROa7jgPPrrw0CjdGLmM3wmc8ztQRv
4GpP7MaKVyVOsRz5xEcpzghWZ+Cl8Nxq1Vo02RkMYOOPA16abxZ65lVM8Vv2EKGf
/VAVViTFvLWPxggvt1fbJJniC0cwt8gjzFXt6IJJSRlqc1lOO9ZIa/EWDKuHKQ1n
ENQCqnuVPFDZU3lU20Z+6+EA0YngcvNYi3ucdIvgBd4Yv5FetzuxiOZUoDRfh/3R
6dCJ8CvRiq0BSZcynTIWNmF3AVsH7vjxZe8kMDbwZNnR0suZ5MfBh6L/s1lCEWlS
GwmCLc3MnOLxq3JLnfmbVa509YxlUamdSswnvzes28AjnzQ3LQchspP2a8bSXH6/
qpbwvmV5WiNgwJck04VhaXrRRy3XFSwuk7KU/L4aqadXP26kgDqIYNvPXSa9JyGc
14zwdmAtn36o8vpXM/A7GhdWqgPLlJbdTdK6IfwpBs8P/JB6y3t6RzAGiEOITdj9
QUhW+sAoKno0j4WT7s80vWNWz37WoFJcvVLnVEYitnW6DqM+GOt2od3g6WgI6dOa
MESA4J44Y4x1gXBw/M6F/ZngP4EJoAUG0GbzsaZ6HKLt4pDTZmw8PnNcXrOMYkr/
N5EliTXil45DCaLkgNJmpdXjNpIvShW4ogq2osw+SQUalnAbW8ddiaOVCdgXkDFq
gvnl5QSeUrKPF5v+vlnwWar6Rp7iInQpnA+PTSbAlO3Dd9WqbWx+uNoI/kXUlN0O
a/vi5Uwat2Bz3N+jIpnBqg4+O+SG0z3UCVmT6Leg+kqO/rXbzoVv/DV7E30vTqdo
wsswdJEM1BI7Wyid6HPwBek+rdv77gUg3W37vUcdfKxsYRcoHriXLHpmENznJcEx
/nvilw6To1zx2LKmM/p56MQriKkXnqoOBpkpn3PaWyXZKY9xJNTAbcSP3haE7z9p
PzJw88KI8dnYuFg4yS/AgmVGAUtu3bhDG4qF9URu2ck868zViH996lraYkmFIWJG
r7h1LImhrwDEJvb/rOW8QvOZBX9H6pcSKs/LQbeoy6HMIOTlny+S15xtiS4t6Ayv
3m0ry5c0qkl/mgKvGpeRnNlrcr6mb2fzxxGvcuBzi25wgIbRLPgJoqsmeBvW1OLU
+9DpkNvitEJnPRo86v0VF86aou12Sm8Wb4mtrQ7h3qLIYvw2LN2mYh4WlgrSwPpx
YvE2+vWapilnnDWoiu2ZmDWa7WW/ihqvX9fmp/qzxQvJmBYIN8dFpgcNLqSx526N
bwIDAQAB
-----END PUBLIC KEY-----
/trunk/signtool/sign
0,0 → 1,58
#!/usr/bin/php
<?php
 
// Generate keypair with:
// openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:8192
// openssl rsa -pubout -in private.pem -out public.pem
 
if ($argc < 2) {
die("Syntax: $argv[0] file1 [file2 ...]\n");
}
 
if (!file_exists(__DIR__.'/private.pem')) {
echo "Key private.pem not found\n";
}
 
for ($i=1; $i<$argc; $i++) {
$file = $argv[$i];
 
$cont = file_get_contents($file);
$original = $cont;
 
if (strpos($cont, '<?php') === false) {
echo "Not a PHP file: $file\n";
continue;
}
 
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $cont);
 
$hash = hash("sha256", $naked.basename($file));
 
$pkeyid = @openssl_pkey_get_private('file://'.__DIR__.'/private.pem');
openssl_sign($hash, $signature, $pkeyid, OPENSSL_ALGO_SHA256);
openssl_free_key($pkeyid);
 
if (!$signature) {
echo "ERROR: $file\n";
continue;
}
 
$sign_line = '<?php /* <ViaThinkSoftSignature>'.base64_encode($signature).'</ViaThinkSoftSignature> */ ?>';
if (substr($cont,0,2) === '#!') {
// Preserve shebang
$shebang_pos = strpos($naked, "\n");
$shebang = substr($naked, 0, $shebang_pos);
$rest = substr($naked, $shebang_pos+1);
$cont = $shebang."\n".$sign_line."\n".$rest;
} else {
$cont = $sign_line."\n".$naked;
}
 
if ($cont != $original) {
echo "Signed: $file\n";
file_put_contents($file, $cont);
} else {
echo "Already signed: $file\n";
}
}
 
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/trunk/signtool/verify
0,0 → 1,21
#!/usr/bin/php
<?php
 
$file = $argv[1];
 
$cont = file_get_contents($file);
 
if (!preg_match('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', $cont, $m)) {
die("File $file not signed\n");
}
$signature = base64_decode($m[1]);
 
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $cont);
$hash = hash("sha256", $naked.basename($file));
 
$public_key = file_get_contents(__DIR__.'/public.pem');
if (!openssl_verify($hash, $signature, $public_key, OPENSSL_ALGO_SHA256)) {
die("Signature invalid\n");
}
 
echo "Signature valid\n";
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/trunk/signtool/.
Property changes:
Added: svn:ignore
+private.pem