authenticode_check.sh 3.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
  1. #!/bin/sh
  2. # Copyright (c) 2017, The Tor Project, Inc.
  3. #
  4. # Redistribution and use in source and binary forms, with or without
  5. # modification, are permitted provided that the following conditions are
  6. # met:
  7. # * Redistributions of source code must retain the above copyright
  8. # notice, this list of conditions and the following disclaimer.
  9. #
  10. # * Redistributions in binary form must reproduce the above
  11. # copyright notice, this list of conditions and the following disclaimer
  12. # in the documentation and/or other materials provided with the
  13. # distribution.
  14. #
  15. # * Neither the names of the copyright owners nor the names of its
  16. # contributors may be used to endorse or promote products derived from
  17. # this software without specific prior written permission.
  18. #
  19. # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  20. # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  21. # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  22. # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  23. # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  24. # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  25. # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  26. # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  27. # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  28. # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  29. # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  30. # Usage:
  31. # 1) Let OSSLSIGNCODE point to your osslsigncode binary
  32. # 2) Change into the directory containing the .exe files and the sha256sums-unsigned-build.txt
  33. # 3) Run /path/to/authenticode_check.sh
  34. if [ -z "$OSSLSIGNCODE" ]
  35. then
  36. echo "The path to your osslsigncode binary is missing!"
  37. exit 1
  38. fi
  39. UNSIGNED_BUNDLES=0
  40. BADSIGNED_BUNDLES=0
  41. mkdir tmp
  42. for f in `ls *.exe`; do
  43. SHA256_TXT=`grep "$f" sha256sums-unsigned-build.txt`
  44. # Test 1: Is the .exe file still unsigned? I.e. does its SHA-256 sum still
  45. # match the one we had before we signed the .exe file? If so, notify us
  46. # later and exit.
  47. if [ "$SHA256_TXT" = "`sha256sum $f`" ]
  48. then
  49. echo "$f has still the SHA-256 sum of the unsigned bundle!"
  50. UNSIGNED_BUNDLES=`expr $UNSIGNED_BUNDLES + 1`
  51. fi
  52. # Test 2: Do we get the old SHA-256 sum after stripping the authenticode
  53. # signature? If not, notify us later and exit.
  54. if [ "$UNSIGNED_BUNDLES" = "0" ]
  55. then
  56. # At least we seem to have attempted to sign the bundle. Let's see if we
  57. # succeeded by stripping the signature. This behavior is reproducible.
  58. # Thus, we know if we don't get the same SHA-256 sum we did not sign the
  59. # bundle correctly.
  60. echo "Trying to strip the authenticode signature of $f..."
  61. ${OSSLSIGNCODE} remove-signature $f tmp/$f
  62. cd tmp
  63. if ! [ "$SHA256_TXT" = "`sha256sum $f`" ]
  64. then
  65. echo "$f does not have the SHA-256 sum of the unsigned bundle!"
  66. BADSIGNED_BUNDLES=`expr $BADSIGNED_BUNDLES + 1`
  67. fi
  68. cd ..
  69. fi
  70. done
  71. rm -rf tmp/
  72. if ! [ "$UNSIGNED_BUNDLES" = "0" ]
  73. then
  74. echo "We got $UNSIGNED_BUNDLES unsigned bundle(s), exiting..."
  75. exit 1
  76. fi
  77. if ! [ "$BADSIGNED_BUNDLES" = "0" ]
  78. then
  79. echo "We got $BADSIGNED_BUNDLES badly signed bundle(s), exiting..."
  80. exit 1
  81. fi
  82. echo "The signatures are fine."
  83. exit 0