signtool.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 1,012 行 · 第 1/2 页

			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-d");
			errorCount++;
			goto loser;
		}
		cert_dir = PL_strdup(arg);
		ate = 1;
		break;
	case EXTENSION_OPT:
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"extension (-e)");
			errorCount++;
			goto loser;
		}
		PL_HashTableAdd(extensions, arg, arg);
		extensionsGiven = PR_TRUE;
		ate = 1;
		break;
	case INSTALL_SCRIPT_OPT:
		if(install_script) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"installScript (-i)");
			warningCount++;
			PR_Free(install_script); install_script = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"installScript (-i)");
			errorCount++;
			goto loser;
		}
		install_script = PL_strdup(arg);
		ate = 1;
		break;
	case SCRIPTDIR_OPT:
		if(scriptdir) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"javascriptdir (-j)");
			warningCount++;
			PR_Free(scriptdir); scriptdir = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"javascriptdir (-j)");
			errorCount++;
			goto loser;
		}
		scriptdir = PL_strdup(arg);
		ate = 1;
		break;
	case CERTNAME_OPT:
		if(keyName) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"keyName (-k)");
			warningCount++;
			PR_Free(keyName); keyName = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"keyName (-k)");
			errorCount++;
			goto loser;
		}
		keyName = PL_strdup(arg);
		ate = 1;
		break;
	case LIST_OBJSIGN_CERTS_OPT:
	case LIST_ALL_CERTS_OPT:
		if(list_certs != 0) {
			PR_fprintf(errorFD,
			  "warning: only one of -l and -L may be specified.\n");
			warningCount++;
		}
		list_certs = (type==LIST_OBJSIGN_CERTS_OPT ? 1 : 2);
		break;
	case METAFILE_OPT:
		if(metafile) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"metafile (-m)");
			warningCount++;
			PR_Free(metafile); metafile = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"metafile (-m)");
			errorCount++;
			goto loser;
		}
		metafile = PL_strdup(arg);
		ate = 1;
		break;
	case OPTIMIZE_OPT:
		optimize = 1;
		break;
	case PASSWORD_OPT:
		if(password) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"password (-p)");
			warningCount++;
			PR_Free(password); password= NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"password (-p)");
			errorCount++;
			goto loser;
		}
		password = PL_strdup(arg);
		ate = 1;
		break;
	case VERIFY_OPT:
		if(verify) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"verify (-v)");
			warningCount++;
			PR_Free(verify); verify = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"verify (-v)");
			errorCount++;
			goto loser;
		}
		verify = PL_strdup(arg);
		ate = 1;
		break;
	case WHO_OPT:
		if(tell_who) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"who (-v)");
			warningCount++;
			PR_Free(tell_who); tell_who = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"who (-w)");
			errorCount++;
			goto loser;
		}
		tell_who = PL_strdup(arg);
		ate = 1;
		break;
	case EXCLUDE_OPT:
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"exclude (-x)");
			errorCount++;
			goto loser;
		}
		PL_HashTableAdd(excludeDirs, arg, arg);
		exclusionsGiven = PR_TRUE;
		ate = 1;
		break;
	case NO_TIME_OPT:
		no_time = 1;
		break;
	case JAVASCRIPT_OPT:
		javascript++;
		break;
	case ZIPFILE_OPT:
		if(zipfile) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"jarfile (-Z)");
			warningCount++;
			PR_Free(zipfile); zipfile = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"jarfile (-Z)");
			errorCount++;
			goto loser;
		}
		zipfile = PL_strdup(arg);
		ate = 1;
		break;
	case GENKEY_OPT:
		if(genkey) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"generate (-G)");
			warningCount++;
			PR_Free(zipfile); zipfile = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
				"generate (-G)");
			errorCount++;
			goto loser;
		}
		genkey = PL_strdup(arg);
		ate = 1;
		break;
	case MODULES_OPT:
		list_modules++;
		break;
	case SIGNDIR_OPT:
		if(jartree) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"signdir");
			warningCount++;
			PR_Free(jartree); jartree = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "signdir");
			errorCount++;
			goto loser;
		}
		jartree = PL_strdup(arg);
		ate = 1;
		break;
	case OUTFILE_OPT:
		if(outfile) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
				"outfile");
			warningCount++;
			PR_Free(outfile); outfile = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "outfile");
			errorCount++;
			goto loser;
		}
		outfile = PL_strdup(arg);
		ate = 1;
		break;
	case COMMAND_FILE_OPT:
		if(cmdFile) {
			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-f");
			warningCount++;
			PR_Free(cmdFile); cmdFile = NULL;
		}
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-f");
			errorCount++;
			goto loser;
		}
		cmdFile = PL_strdup(arg);
		ate = 1;
		break;
	case NORECURSE_OPT:
		noRecurse = PR_TRUE;
		break;
	case LEAVE_ARC_OPT:
		leaveArc = PR_TRUE;
		break;
	case VERBOSITY_OPT:
		if(!arg) {
			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
			  "--verbosity");
			errorCount++;
			goto loser;
		}
		verbosity = atoi(arg);
		ate = 1;
		break;
    case KEYSIZE_OPT:
        if( keySize != -1 ) {
            PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-s");
            warningCount++;
        }
        keySize = atoi(arg);
        ate = 1;
        if( keySize < 1 || keySize > MAX_RSA_KEY_SIZE ) {
            PR_fprintf(errorFD, "Invalid key size: %d.\n", keySize);
            errorCount++;
            goto loser;
        }
        break;
    case TOKEN_OPT:
        if( token ) {
            PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-t");
            PR_Free(token); token = NULL;
        }
        if( ! arg ) {
            PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-t");
            errorCount++;
            goto loser;
        }
        token = PL_strdup(arg);
        ate = 1;
        break;
	default:
		PR_fprintf(errorFD, "warning: unknown option\n");
		warningCount++;
		break;
	}

	return ate;
loser:
	return -1;
}


/*********************************************************************
 *
 * m a i n
 */
int
main(int argc, char *argv[])
{
	PRBool readOnly;
	int retval=0;

	outputFD = PR_STDOUT;
	errorFD = PR_STDERR;

	progName = argv[0];

  if (argc < 2)
    {
    usage();
    }

	excludeDirs = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
					PL_CompareStrings, NULL, NULL);
	extensions = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
					PL_CompareStrings, NULL, NULL);

	if(parse_args(argc, argv)) {
		retval = -1;
		goto cleanup;
	}

	/* Parse the command file if one was given */
	if(cmdFile) {
		if(ProcessCommandFile()) {
			retval = -1;
			goto cleanup;
		}
	}

	/* Set up output redirection */
	if(outfile) {
		if(PR_Access(outfile, PR_ACCESS_EXISTS)==PR_SUCCESS) {
			/* delete the file if it is already present */
			PR_fprintf(errorFD,
				"warning: %s already exists and will be overwritten.\n",
				outfile);
			warningCount++;
			if(PR_Delete(outfile) != PR_SUCCESS) {
				PR_fprintf(errorFD, "ERROR: unable to delete %s.\n", outfile);
				errorCount++;
				exit(ERRX);
			}
		}
		outputFD = PR_Open(outfile,
			PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777);
		if(!outputFD) {
			PR_fprintf(errorFD, "ERROR: Unable to create %s.\n", outfile);
			errorCount++;
			exit(ERRX);
		}
		errorFD = outputFD;
	}

  /* This seems to be a fairly common user error */

  if (verify && list_certs > 0)
    {
    PR_fprintf (errorFD, "%s: Can't use -l and -v at the same time\n",
		PROGRAM_NAME);
	errorCount++;
	retval = -1;
    goto cleanup;
    }

  /* -J assumes -Z now */

  if (javascript && zipfile)
    {
    PR_fprintf (errorFD, "%s: Can't use -J and -Z at the same time\n",
		PROGRAM_NAME);
    PR_fprintf (errorFD, "%s: -J option will create the jar files for you\n",
		PROGRAM_NAME);
	errorCount++;
	retval = -1;
	goto cleanup;
    }

  /* Less common mixing of -L with various options */

	if (list_certs > 0 && 
        (tell_who || zipfile || javascript || 
           scriptdir || extensionsGiven || exclusionsGiven || install_script)) {
		PR_fprintf(errorFD, "%s: Can't use -l or -L with that option\n",
			PROGRAM_NAME);
		errorCount++;
		retval = -1;
		goto cleanup;
	}


	if (!cert_dir)
		cert_dir = get_default_cert_dir();

	VerifyCertDir(cert_dir, keyName);


	if(	compression_level < MIN_COMPRESSION_LEVEL ||
	 compression_level > MAX_COMPRESSION_LEVEL) {
		PR_fprintf(errorFD, "Compression level must be between %d and %d.\n",
		 MIN_COMPRESSION_LEVEL, MAX_COMPRESSION_LEVEL);
		errorCount++;
		retval = -1;
		goto cleanup;
	}

	if(jartree && !keyName) {
		PR_fprintf(errorFD, "You must specify a key with which to sign.\n");
		errorCount++;
		retval = -1;
		goto cleanup;
	}

	readOnly = (genkey == NULL); /* only key generation requires write */
	if(InitCrypto(cert_dir, readOnly)) {
		PR_fprintf(errorFD, "ERROR: Cryptographic initialization failed.\n");
		errorCount++;
		retval = -1;
		goto cleanup;
	}

  if (verify)
    {
    VerifyJar(verify);
    }
  else if (list_certs)
    {
    ListCerts(keyName, list_certs);
    }
  else if (list_modules)
    {
    JarListModules();
    }
  else if (genkey)
    {
    GenerateCert(genkey, keySize, token);
    }
  else if (tell_who)
    {
    JarWho(tell_who);
    }
  else if (javascript && jartree)
    {
	/* make sure directory exists */
	PRDir *dir;
	dir = PR_OpenDir(jartree);
	if(!dir) {
		PR_fprintf(errorFD, "ERROR: unable to open directory %s.\n", jartree);
		errorCount++;
		retval = -1;
		goto cleanup;
	} else {
		PR_CloseDir(dir);
	}

    /* undo junk from prior runs of signtool*/
    if(RemoveAllArc(jartree)) {
		PR_fprintf(errorFD, "Error removing archive directories under %s\n", jartree);
		errorCount++;
		retval = -1;
		goto cleanup;
	}

    /* traverse all the htm|html files in the directory */
    if(InlineJavaScript(jartree, !noRecurse)) {
		retval = -1;
		goto cleanup;
	}

    /* sign any resultant .arc directories created in above step */
    SignAllArc(jartree, keyName, javascript, metafile, install_script,
		optimize, !noRecurse);

	if(!leaveArc) {
		RemoveAllArc(jartree);
	}

	if(errorCount>0 || warningCount>0) {
		PR_fprintf(outputFD, "%d error%s, %d warning%s.\n", errorCount,
			errorCount==1?"":"s", warningCount, warningCount==1?"":"s");
	} else {
		PR_fprintf(outputFD, "Directory %s signed successfully.\n", jartree);
	}
  } else if (jartree)
    {
    SignArchive(jartree, keyName, zipfile, javascript, metafile,
		install_script, optimize, !noRecurse);
    }
  else
    usage();

cleanup:
	if(extensions) {
		PL_HashTableDestroy(extensions); extensions = NULL;
	}
	if(excludeDirs) {
		PL_HashTableDestroy(excludeDirs); excludeDirs = NULL;
	}
	if(outputFD != PR_STDOUT) {
		PR_Close(outputFD);
	}
	rm_dash_r(TMP_OUTPUT);
  return retval;
}