/trunk/signtool/public.pem |
---|
0,0 → 1,25 |
-----BEGIN PUBLIC KEY----- |
MIIEIjANBgkqhkiG9w0BAQEFAAOCBA8AMIIECgKCBAEA4UEmad2KHWzfGLcAzbOD |
IhqWyoPA1Cg4zN5YK/CWUiE7sh2CNinIwYqGnIOhZLp54/Iyv3H05QeWJU7kD+jQ |
5JwR8+pqk8ZGBfqlxXUBJ2bZhYIBJZYfilSROa7jgPPrrw0CjdGLmM3wmc8ztQRv |
4GpP7MaKVyVOsRz5xEcpzghWZ+Cl8Nxq1Vo02RkMYOOPA16abxZ65lVM8Vv2EKGf |
/VAVViTFvLWPxggvt1fbJJniC0cwt8gjzFXt6IJJSRlqc1lOO9ZIa/EWDKuHKQ1n |
ENQCqnuVPFDZU3lU20Z+6+EA0YngcvNYi3ucdIvgBd4Yv5FetzuxiOZUoDRfh/3R |
6dCJ8CvRiq0BSZcynTIWNmF3AVsH7vjxZe8kMDbwZNnR0suZ5MfBh6L/s1lCEWlS |
GwmCLc3MnOLxq3JLnfmbVa509YxlUamdSswnvzes28AjnzQ3LQchspP2a8bSXH6/ |
qpbwvmV5WiNgwJck04VhaXrRRy3XFSwuk7KU/L4aqadXP26kgDqIYNvPXSa9JyGc |
14zwdmAtn36o8vpXM/A7GhdWqgPLlJbdTdK6IfwpBs8P/JB6y3t6RzAGiEOITdj9 |
QUhW+sAoKno0j4WT7s80vWNWz37WoFJcvVLnVEYitnW6DqM+GOt2od3g6WgI6dOa |
MESA4J44Y4x1gXBw/M6F/ZngP4EJoAUG0GbzsaZ6HKLt4pDTZmw8PnNcXrOMYkr/ |
N5EliTXil45DCaLkgNJmpdXjNpIvShW4ogq2osw+SQUalnAbW8ddiaOVCdgXkDFq |
gvnl5QSeUrKPF5v+vlnwWar6Rp7iInQpnA+PTSbAlO3Dd9WqbWx+uNoI/kXUlN0O |
a/vi5Uwat2Bz3N+jIpnBqg4+O+SG0z3UCVmT6Leg+kqO/rXbzoVv/DV7E30vTqdo |
wsswdJEM1BI7Wyid6HPwBek+rdv77gUg3W37vUcdfKxsYRcoHriXLHpmENznJcEx |
/nvilw6To1zx2LKmM/p56MQriKkXnqoOBpkpn3PaWyXZKY9xJNTAbcSP3haE7z9p |
PzJw88KI8dnYuFg4yS/AgmVGAUtu3bhDG4qF9URu2ck868zViH996lraYkmFIWJG |
r7h1LImhrwDEJvb/rOW8QvOZBX9H6pcSKs/LQbeoy6HMIOTlny+S15xtiS4t6Ayv |
3m0ry5c0qkl/mgKvGpeRnNlrcr6mb2fzxxGvcuBzi25wgIbRLPgJoqsmeBvW1OLU |
+9DpkNvitEJnPRo86v0VF86aou12Sm8Wb4mtrQ7h3qLIYvw2LN2mYh4WlgrSwPpx |
YvE2+vWapilnnDWoiu2ZmDWa7WW/ihqvX9fmp/qzxQvJmBYIN8dFpgcNLqSx526N |
bwIDAQAB |
-----END PUBLIC KEY----- |
/trunk/signtool/sign |
---|
0,0 → 1,58 |
#!/usr/bin/php |
<?php |
// Generate keypair with: |
// openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:8192 |
// openssl rsa -pubout -in private.pem -out public.pem |
if ($argc < 2) { |
die("Syntax: $argv[0] file1 [file2 ...]\n"); |
} |
if (!file_exists(__DIR__.'/private.pem')) { |
echo "Key private.pem not found\n"; |
} |
for ($i=1; $i<$argc; $i++) { |
$file = $argv[$i]; |
$cont = file_get_contents($file); |
$original = $cont; |
if (strpos($cont, '<?php') === false) { |
echo "Not a PHP file: $file\n"; |
continue; |
} |
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $cont); |
$hash = hash("sha256", $naked.basename($file)); |
$pkeyid = @openssl_pkey_get_private('file://'.__DIR__.'/private.pem'); |
openssl_sign($hash, $signature, $pkeyid, OPENSSL_ALGO_SHA256); |
openssl_free_key($pkeyid); |
if (!$signature) { |
echo "ERROR: $file\n"; |
continue; |
} |
$sign_line = '<?php /* <ViaThinkSoftSignature>'.base64_encode($signature).'</ViaThinkSoftSignature> */ ?>'; |
if (substr($cont,0,2) === '#!') { |
// Preserve shebang |
$shebang_pos = strpos($naked, "\n"); |
$shebang = substr($naked, 0, $shebang_pos); |
$rest = substr($naked, $shebang_pos+1); |
$cont = $shebang."\n".$sign_line."\n".$rest; |
} else { |
$cont = $sign_line."\n".$naked; |
} |
if ($cont != $original) { |
echo "Signed: $file\n"; |
file_put_contents($file, $cont); |
} else { |
echo "Already signed: $file\n"; |
} |
} |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/trunk/signtool/verify |
---|
0,0 → 1,21 |
#!/usr/bin/php |
<?php |
$file = $argv[1]; |
$cont = file_get_contents($file); |
if (!preg_match('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', $cont, $m)) { |
die("File $file not signed\n"); |
} |
$signature = base64_decode($m[1]); |
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $cont); |
$hash = hash("sha256", $naked.basename($file)); |
$public_key = file_get_contents(__DIR__.'/public.pem'); |
if (!openssl_verify($hash, $signature, $public_key, OPENSSL_ALGO_SHA256)) { |
die("Signature invalid\n"); |
} |
echo "Signature valid\n"; |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/trunk/signtool/. |
---|
Property changes: |
Added: svn:ignore |
+private.pem |