| OLD | NEW |
|---|
| (Empty) |
| 1 #!/usr/bin/python2.4 | |
| 2 # Copyright 2008, Google Inc. | |
| 3 # All rights reserved. | |
| 4 # | |
| 5 # Redistribution and use in source and binary forms, with or without | |
| 6 # modification, are permitted provided that the following conditions are | |
| 7 # met: | |
| 8 # | |
| 9 # * Redistributions of source code must retain the above copyright | |
| 10 # notice, this list of conditions and the following disclaimer. | |
| 11 # * Redistributions in binary form must reproduce the above | |
| 12 # copyright notice, this list of conditions and the following disclaimer | |
| 13 # in the documentation and/or other materials provided with the | |
| 14 # distribution. | |
| 15 # * Neither the name of Google Inc. nor the names of its | |
| 16 # contributors may be used to endorse or promote products derived from | |
| 17 # this software without specific prior written permission. | |
| 18 # | |
| 19 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
| 20 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
| 21 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
| 22 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
| 23 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
| 24 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
| 25 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
| 26 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
| 27 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
| 28 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
| 29 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 30 | |
| 31 """Code signing build tool. | |
| 32 | |
| 33 This module sets up code signing. | |
| 34 It is used as follows: | |
| 35 env = Environment(tools = ["code_signing"]) | |
| 36 To sign an EXE/DLL do: | |
| 37 env.SignedBinary('hello_signed.exe', 'hello.exe', | |
| 38 CERTIFICATE_FILE='bob.pfx', | |
| 39 CERTIFICATE_PASSWORD='123', | |
| 40 TIMESTAMP_SERVER='') | |
| 41 If no certificate file is specified, copying instead of signing will occur. | |
| 42 If an empty timestamp server string is specified, there will be no timestamp. | |
| 43 """ | |
| 44 | |
| 45 import SCons.Script | |
| 46 | |
| 47 | |
| 48 def generate(env): | |
| 49 # NOTE: SCons requires the use of this name, which fails gpylint. | |
| 50 """SCons entry point for this tool.""" | |
| 51 | |
| 52 env.Replace( | |
| 53 # Path to Microsoft signtool.exe | |
| 54 SIGNTOOL='$VC80_DIR/common7/tools/bin/signtool.exe', | |
| 55 # No certificate by default. | |
| 56 CERTIFICATE_PATH='', | |
| 57 # No certificate password by default. | |
| 58 CERTIFICATE_PASSWORD='', | |
| 59 # The default timestamp server. | |
| 60 TIMESTAMP_SERVER='http://timestamp.verisign.com/scripts/timestamp.dll', | |
| 61 ) | |
| 62 | |
| 63 # Setup Builder for Signing | |
| 64 env['BUILDERS']['SignedBinary'] = SCons.Script.Builder( | |
| 65 generator=SignedBinaryGenerator, | |
| 66 emitter=SignedBinaryEmitter) | |
| 67 | |
| 68 | |
| 69 def SignedBinaryEmitter(target, source, env): | |
| 70 """Add the signing certificate (if any) to the source dependencies.""" | |
| 71 if env['CERTIFICATE_PATH']: | |
| 72 source.append(env['CERTIFICATE_PATH']) | |
| 73 return target, source | |
| 74 | |
| 75 | |
| 76 def SignedBinaryGenerator(source, target, env, for_signature): | |
| 77 """A builder generator for code signing.""" | |
| 78 source = source # Silence gpylint. | |
| 79 target = target # Silence gpylint. | |
| 80 for_signature = for_signature # Silence gpylint. | |
| 81 | |
| 82 # Alway copy and make writable. | |
| 83 commands = [ | |
| 84 SCons.Script.Copy('$TARGET', '$SOURCE'), | |
| 85 SCons.Script.Chmod('$TARGET', 0755), | |
| 86 ] | |
| 87 | |
| 88 # Only do signing if there is a certificate path. | |
| 89 if env['CERTIFICATE_PATH']: | |
| 90 # The command used to do signing (target added on below). | |
| 91 signing_cmd = '$SIGNTOOL sign /f "$CERTIFICATE_PATH"' | |
| 92 # Add certificate password if any. | |
| 93 if env['CERTIFICATE_PASSWORD']: | |
| 94 signing_cmd += ' /p "$CERTIFICATE_PASSWORD"' | |
| 95 # Add timestamp server if any. | |
| 96 if env['TIMESTAMP_SERVER']: | |
| 97 signing_cmd += ' /t "$TIMESTAMP_SERVER"' | |
| 98 # Add in target name | |
| 99 signing_cmd += ' $TARGET' | |
| 100 # Add the signing to the list of commands to perform. | |
| 101 commands.append(signing_cmd) | |
| 102 | |
| 103 return commands | |
| OLD | NEW |
|---|
Chromium Code Reviews
