0,0 → 1,58 |
#!/usr/bin/php |
<?php |
|
// Generate keypair with: |
// openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:8192 |
// openssl rsa -pubout -in private.pem -out public.pem |
|
if ($argc < 2) { |
die("Syntax: $argv[0] file1 [file2 ...]\n"); |
} |
|
if (!file_exists(__DIR__.'/private.pem')) { |
echo "Key private.pem not found\n"; |
} |
|
for ($i=1; $i<$argc; $i++) { |
$file = $argv[$i]; |
|
$cont = file_get_contents($file); |
$original = $cont; |
|
if (strpos($cont, '<?php') === false) { |
echo "Not a PHP file: $file\n"; |
continue; |
} |
|
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $cont); |
|
$hash = hash("sha256", $naked.basename($file)); |
|
$pkeyid = @openssl_pkey_get_private('file://'.__DIR__.'/private.pem'); |
openssl_sign($hash, $signature, $pkeyid, OPENSSL_ALGO_SHA256); |
openssl_free_key($pkeyid); |
|
if (!$signature) { |
echo "ERROR: $file\n"; |
continue; |
} |
|
$sign_line = '<?php /* <ViaThinkSoftSignature>'.base64_encode($signature).'</ViaThinkSoftSignature> */ ?>'; |
if (substr($cont,0,2) === '#!') { |
// Preserve shebang |
$shebang_pos = strpos($naked, "\n"); |
$shebang = substr($naked, 0, $shebang_pos); |
$rest = substr($naked, $shebang_pos+1); |
$cont = $shebang."\n".$sign_line."\n".$rest; |
} else { |
$cont = $sign_line."\n".$naked; |
} |
|
if ($cont != $original) { |
echo "Signed: $file\n"; |
file_put_contents($file, $cont); |
} else { |
echo "Already signed: $file\n"; |
} |
} |
|
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |