Skip to main content
summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Williams2016-05-03 16:59:12 +0000
committerDavid Williams2016-05-03 16:59:12 +0000
commit2473d75058d1000cf4756a8361b1ddef9a271953 (patch)
tree7bc208dd9971f7a143591aa7e4383fcd35066f15
parent48f6f29935affb924daa01744a4e4a14f9afe84e (diff)
downloadeclipse.platform.releng-2473d75058d1000cf4756a8361b1ddef9a271953.tar.gz
eclipse.platform.releng-2473d75058d1000cf4756a8361b1ddef9a271953.tar.xz
eclipse.platform.releng-2473d75058d1000cf4756a8361b1ddef9a271953.zip
Bug 445108 - bare bones beginning of checking if Mac is signed
-rw-r--r--bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/CheckMacSignatures.java41
-rwxr-xr-xbundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/checkSignature61
2 files changed, 102 insertions, 0 deletions
diff --git a/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/CheckMacSignatures.java b/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/CheckMacSignatures.java
new file mode 100644
index 00000000..2256eb9d
--- /dev/null
+++ b/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/CheckMacSignatures.java
@@ -0,0 +1,41 @@
+
+package org.eclipse.releng.tests;
+
+import java.util.Properties;
+
+import org.junit.Before;
+import org.junit.Test;
+
+public class CheckMacSignatures {
+
+ static boolean runningOnMac;
+ static String eclipseInstall;
+
+ public CheckMacSignatures() {
+
+ }
+
+ @Before
+ public void checkIfOnMac() {
+ String os = System.getProperty("osgi.os");
+ if ("macosx".equals(os)) {
+ runningOnMac = true;
+ eclipseInstall = System.getProperty("eclipse.install.location");
+ }
+ // temp
+ System.out.println("eclipse.home: " + System.getProperty("eclipse.home"));
+ System.out.println("eclipse.home.location: " + System.getProperty("eclipse.home.location"));
+ System.out.println("All properties");
+ Properties allProperties = System.getProperties();
+ allProperties.list(System.out);
+ }
+
+ @Test
+ public void checkSignature() {
+ if (!runningOnMac) {
+ System.out.println("Not running on Mac. No need to check Mac signature");
+ } else {
+ System.out.println("Eclipse Install location: " + eclipseInstall);
+ }
+ }
+}
diff --git a/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/checkSignature b/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/checkSignature
new file mode 100755
index 00000000..22fe3661
--- /dev/null
+++ b/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/checkSignature
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+# small utility to check signature of app on the mac. Assumes the XCode tools installed.
+
+appPathAndName=$1
+if [[ -z "${appPathAndName}" ]]
+then
+ echo -e "\n\t[ERROR] Programming error. The applications path and name must be specified for $(basename $0)"
+ exit 1
+fi
+
+if [[ ! -e "${appPathAndName}" ]]
+then
+ echo -e "\n\t[ERROR] Programning error in $(basename $0). The applications path and name was specified, but did not exist,\n\t\tWas specified as ${appPathAndName}"
+ exit 2
+fi
+SPCTL=$(which spctl)
+if [[ -z "${SPCTL}" ]]
+then
+ echo "\n\t[ERROR} spctl was not found on this system to check signatures"
+ exit 3
+fi
+CODESIGN=$(which codesign)
+if [[ -z "${CODESIGN}" ]]
+then
+ echo "\n\t[ERROR codesign was not found on this system to check signatures"
+ exit 4
+fi
+
+echo -e "\n\t${SPCTL} -a -t exec -vvvv $appPathAndName\n"
+"${SPCTL}" -a -t exec -vvvv "$appPathAndName"
+RCspctl=$?
+if [[ $RCspctl != 0 ]]
+then
+ echo -e "\n\tspctl returned $RCspctl"
+fi
+# display always returns 0 apparently
+echo -e "\n\t${CODESIGN} --verbose=4 --display --deep -r- $appPathAndName\n"
+"${CODESIGN}" --verbose=4 --display --deep --continue -r- "$appPathAndName"
+# verify for return code
+echo -e "\n\t${CODESIGN} --verbose=4 --verify --deep --continue -r- $appPathAndName\n"
+"${CODESIGN}" --verbose=4 --verify --deep --continue -r- "$appPathAndName"
+RCcodesign=$?
+if [[ $RCcodesign != 0 ]]
+then
+ echo -e "\n\tcodesign returned $RCcodesign"
+fi
+# according to man pages, return code of 1 means "not correctly signed".
+# other return codes (2, 3) mean things like "arguments not correct"
+if [[ $RCspctl == 1 || $RCcodesign == 1 ]]
+then
+ echo -e "\n\t[ERROR] The application $appPathAndName was not correctly signed"
+ exit $(( $RCspctl & $RCcodesign ))
+fi
+if [[ $RCspctl != 0 || $RCcodesign != 0 ]]
+then
+ echo -e "\n\t[ERROR] The verification arguments while checking $appPathAndName were not correct"
+ exit $(( $RCspctl & $RCcodesign ))
+fi
+exit 0
+

Back to the top