xref: /aoo41x/main/postprocess/signing/signing.pl (revision cdf0e10c) 
1:
2eval 'exec perl -wS $0 ${1+"$@"}'
3    if 0;
4#*************************************************************************
5#
6# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
7#
8# Copyright 2000, 2010 Oracle and/or its affiliates.
9#
10# OpenOffice.org - a multi-platform office productivity suite
11#
12# This file is part of OpenOffice.org.
13#
14# OpenOffice.org is free software: you can redistribute it and/or modify
15# it under the terms of the GNU Lesser General Public License version 3
16# only, as published by the Free Software Foundation.
17#
18# OpenOffice.org is distributed in the hope that it will be useful,
19# but WITHOUT ANY WARRANTY; without even the implied warranty of
20# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21# GNU Lesser General Public License version 3 for more details
22# (a copy is included in the LICENSE file that accompanied this code).
23#
24# You should have received a copy of the GNU Lesser General Public License
25# version 3 along with OpenOffice.org.  If not, see
26# <http://www.openoffice.org/license.html>
27# for a copy of the LGPLv3 License.
28#
29#*************************************************************************
30
31use strict;
32use Getopt::Long;
33
34my $debug = 0;
35my $max_files = 20; 		  # sign $max_files with one command line
36
37#### globals #####
38my $myname 		= "";
39my $opt_dir 	= "";
40my $opt_exclude = "";         # file with a list of not signable dll and exe files
41my $opt_verbose = 0;
42my $opt_help	= 0;
43my $opt_log		= "";		  # for logging
44my $opt_pass	= "";         # password for signing
45my $opt_pfxfile = "";		  # Personal Information Exchange file
46my $opt_timestamp_url = "";   # timestamp url
47my %exclude_files = ();  	  # list of not signable dll and exe files
48my $signtool    = "signtool.exe sign";
49my @args		= ();
50my @files_to_sign = ();
51
52#### main #####
53$myname = script_id();
54if ( $#ARGV < 2 ) {
55	usage();
56    exit(1);
57}
58@args = parse_options();
59get_exclude_files();
60@files_to_sign = get_files(\@args);
61if ( $opt_log ) {               # logging
62	open(LOG,">$opt_log") || die "Can't open log file $opt_log\n";
63}
64sign_files(\@files_to_sign);
65close LOG if ($opt_log);        # logging
66exit 0;
67
68
69#### subroutines ####
70
71sub script_id
72{
73    ( my $script_name = $0 ) =~ s/^.*[\\\/]([\w\.]+)$/$1/;
74
75    my $script_rev;
76    my $id_str = ' $Revision$ ';
77    $id_str =~ /Revision:\s+(\S+)\s+\$/
78      ? ($script_rev = $1) : ($script_rev = "-");
79#    print "\n$script_name -- version: $script_rev\n";
80    return $script_name;
81}
82
83############################################################################
84sub parse_options		#09.07.2007 08:13
85############################################################################
86{
87	# e exclude list file
88	# v verbose
89	my $success = GetOptions('h' => \$opt_help,
90         'd=s' => \$opt_dir, 'e=s'=>\$opt_exclude, 'f=s'=>\$opt_pfxfile, 'l=s'=>\$opt_log,
91		 'p=s'=>\$opt_pass,'v'=>\$opt_verbose, 't=s'=>\$opt_timestamp_url);
92    if ( !$success || $opt_help ) {
93        usage();
94        exit(1);
95    }
96	if ( !$opt_exclude || !$opt_pfxfile || !$opt_pass || !$opt_timestamp_url) {
97		print "ERROR: Parameter missing!\n!";
98        usage();
99        exit(1);
100	}
101	return @ARGV;
102}	##parse_options
103
104############################################################################
105sub get_exclude_files		#09.07.2007 10:12
106############################################################################
107{
108	if ( -e $opt_exclude ) {
109            # get data from cache file
110            open( IN, "<$opt_exclude") || die "Can't open exclude file $opt_exclude\n";
111            while ( my $line = <IN> ) {
112			chomp($line);
113			$exclude_files{$line} = 1;			# fill hash
114			print "$line - $exclude_files{$line}\n" if ($debug);
115            }
116        } else
117        {
118			print_error("Can't open $opt_exclude file!\n");
119		}
120}	##get_exclude_files
121
122############################################################################
123sub get_files		#10.07.2007 10:19
124############################################################################
125 {
126	use File::Basename;
127    my $target = shift;
128	my $file_pattern;
129	my $file;
130	my @files = ();
131	print "\n";
132	foreach $file_pattern ( @$target )
133	{
134		print "Files: $file_pattern\n";
135        foreach $file ( glob( $file_pattern ) )
136		{
137            my $lib = File::Basename::basename $file;
138			if ( ! $exclude_files{$lib} ) {
139				push @files,$file;
140			}
141			else
142			{
143				print "exclude=$lib\n" if ($opt_verbose);
144			}
145		}
146	}
147	print "\n";
148	return @files;
149}	##get_files
150
151############################################################################
152sub sign_files		#09.07.2007 10:36
153############################################################################
154{
155	my $files_to_sign = shift;
156	my $commandline_base = ""; # contains whole stuff without the file name
157	my $file = "";
158	my $result = "";
159
160	print_error("Can't open PFX file: $opt_pfxfile\n") if ( ! -e $opt_pfxfile );
161	print_error("Password is empty\n") if ( !$opt_pass );
162	if ( $opt_pass =~ /\.exe$/ ) {
163		# get password by tool
164		open(PIPE, "$opt_pass 2>&1 |") || die "Can't open PIPE!\n";
165		my $pass = <PIPE>;
166		close PIPE;
167		print_error("Can't get password!\n") if ( !$pass ); # exit here
168		$opt_pass = $pass;
169	}
170	$signtool .= " -v" if ($opt_verbose);
171	$commandline_base = $signtool . " " . "-f $opt_pfxfile -p $opt_pass -t $opt_timestamp_url";
172
173	# Here switch between:
174	# one command line for muliple files (all doesn't work, too much) / for each file one command line
175	if ( $max_files > 1 ) {
176		exec_multi_sign($files_to_sign, $commandline_base);
177	} else
178	{
179		exec_single_sign($files_to_sign, $commandline_base);
180	}
181}	##sign_files
182
183############################################################################
184sub exec_single_sign		#11.07.2007 09:05
185############################################################################
186{
187	my $files_to_sign    = shift;
188	my $commandline_base = shift; 				  # contains whole stuff without the file name
189	my $file = "";
190	my $commandline = "";
191
192	foreach $file (@$files_to_sign)
193	{
194		$commandline = $commandline_base . " $file";
195		print "$commandline\n" if ($debug);
196		execute($commandline);
197	} #foreach
198}	##exec_single_sign
199
200############################################################################
201sub exec_multi_sign		#11.07.2007 08:56
202############################################################################
203 {
204	# sign multiple file with one command line
205	my $files_to_sign    = shift;
206	my $commandline_base = shift; 				  # contains whole stuff without the file name
207	my $commandline = $commandline_base;	      # contains stuff which will be executed
208	my $file = "";
209	my $counter = 0;
210
211	foreach $file (@$files_to_sign)
212	{
213		$commandline .= " $file";
214		++$counter;
215		if ( $counter >= $max_files ) {
216			execute($commandline);
217			$counter = 0;						 # reset counter
218			$commandline = $commandline_base;    # reset command line
219		}
220	}
221	execute($commandline) if ($counter > 0);
222}	##exec_multi_sign
223
224############################################################################
225sub execute		#11.07.2007 10:02
226############################################################################
227{
228	my $commandline = shift;
229	my $result = "";
230
231  	print "$commandline\n" if ($debug);
232  	open(PIPE, "$commandline 2>&1 |") || die "Error: Cant open pipe!\n";
233  	while ( $result = <PIPE> ) {
234  		print LOG "$result" if ($opt_log);        # logging
235  		if ( $result =~ /SignTool Error\:/ ) {
236			close PIPE;
237  			print_error( "$result\n" );
238  		} # if error
239  	} # while
240  	close PIPE;
241}	##execute
242
243############################################################################
244sub print_error		#09.07.2007 11:21
245############################################################################
246 {
247	my $text = shift;
248	print "ERROR: $text\n";
249	print LOG "ERROR: $text\n" if ($opt_log);        # logging
250	close LOG if ($opt_log);        				 # logging
251	exit(1);
252}	##print_error
253
254############################################################################
255sub usage		#09.07.2007 08:39
256############################################################################
257 {
258	print "Usage:\t $myname <-e filename> <-f filename> <-p password> <-t timestamp> [-l filename] [-v] <file[list]> \n";
259    print "Options:\n";
260	print "\t -e filename\t\t\tFile which contains a list of files which don't have to be signed.\n";
261    print                            "Mandatory.\n";
262    print "\t -f pfx_filename\t\t\"Personal Information Exchange\" file. ";
263    print                            "Mandatory.\n";
264    print "\t -p password\t\t\tPassword for \"Personal Information Exchange\" file. Mandatory.\n";
265    print "\t -t timestamp\t\t\tTimestamp URL e.g. \"http://timestamp.verisign.com/scripts/timstamp.dll\"\n";
266    print "\t\t\t\t\tMandatory.\n";
267	print "\t -l log_filename\t\tFile for logging.\n";
268    print "\t -v\t\t\t\tVerbose.\n";
269}	##usage
270
271
272
273
274