servel333/signtool.rb

## signtool.rb

def require_signature(file)
    abort file+' is not signed!' if !SignTool.is_signed file
end

def warn_if_not_signed(file)
    puts '---- WARNING ---- '+file+' is not signed!' if !SignTool.is_signed file
end

class SignTool

    def self.path
        p = find_in_joined_list([
            ENV['ProgramFiles'],
            ENV['ProgramFiles(x86)'],
            ENV['ProgramW6432'],
        ], [
            'Microsoft SDKs\Windows\v6.0A\Bin\signtool.exe',
            'Microsoft SDKs\Windows\v7.1\Bin\signtool.exe',
            'Windows Kits\8.0\bin\x86\signtool.exe',
            'Windows Kits\8.0\bin\x64\signtool.exe',
            'InstallMate 7\Tools\signtool.exe',
            'InstallMate 9\Tools\signtool.exe',
        ])

        abort 'Missing signtool.exe' if !File.exists? p
        p.fix_directory_separator
    end

    def self.signtool_verify(sub_command)
        cmd = self.path.quote+' verify '+sub_command+' 2>&1'
        return `#{cmd}`
    end

    def self.is_signed(file)
        # verify /tw : Generate a Warning if the signature is not timestamped.
        # verify /pa : Use the "Default Authenticode" Verification Policy.

        x = self.signtool_verify '/pa /tw '+file.quote

        case ($?.exitstatus)
        when  0; return true; #puts file+' is signed'
        when  1; return false; #puts file+' is not signed'
        when  2; abort 'warning'
        else   ; abort 'Unknown error: signtool returned '+$?.exitstatus+' status code'
        end
    end

#    def self.signtool_sign(sub_command)
#        cmd = self.path.quote+' sign '+sub_command+' 2>&1'
#        return `#{cmd}`
#    end

#    def self.sign(file, certificate_name)
#        x = self.signtool_sign [
#            '/n', certificate_name.quote,
#            '/t', 'http://timestamp.verisign.com/scripts/timestamp.dll',
#            file,
#            ].join(' ')
#    end

end

	def require_signature(file)
	abort file+' is not signed!' if !SignTool.is_signed file
	end

	def warn_if_not_signed(file)
	puts '---- WARNING ---- '+file+' is not signed!' if !SignTool.is_signed file
	end

	class SignTool

	def self.path
	p = find_in_joined_list([
	ENV['ProgramFiles'],
	ENV['ProgramFiles(x86)'],
	ENV['ProgramW6432'],
	], [
	'Microsoft SDKs\Windows\v6.0A\Bin\signtool.exe',
	'Microsoft SDKs\Windows\v7.1\Bin\signtool.exe',
	'Windows Kits\8.0\bin\x86\signtool.exe',
	'Windows Kits\8.0\bin\x64\signtool.exe',
	'InstallMate 7\Tools\signtool.exe',
	'InstallMate 9\Tools\signtool.exe',
	])

	abort 'Missing signtool.exe' if !File.exists? p
	p.fix_directory_separator
	end

	def self.signtool_verify(sub_command)
	cmd = self.path.quote+' verify '+sub_command+' 2>&1'
	return `#{cmd}`
	end

	def self.is_signed(file)
	# verify /tw : Generate a Warning if the signature is not timestamped.
	# verify /pa : Use the "Default Authenticode" Verification Policy.

	x = self.signtool_verify '/pa /tw '+file.quote

	case ($?.exitstatus)
	when 0; return true; #puts file+' is signed'
	when 1; return false; #puts file+' is not signed'
	when 2; abort 'warning'
	else ; abort 'Unknown error: signtool returned '+$?.exitstatus+' status code'
	end
	end

	# def self.signtool_sign(sub_command)
	# cmd = self.path.quote+' sign '+sub_command+' 2>&1'
	# return `#{cmd}`
	# end

	# def self.sign(file, certificate_name)
	# x = self.signtool_sign [
	# '/n', certificate_name.quote,
	# '/t', 'http://timestamp.verisign.com/scripts/timestamp.dll',
	# file,
	# ].join(' ')
	# end

	end