signing interface

2025-10-01 01:07:51 -04:00 · 2009-09-18 01:09:02 +00:00 · 2009-09-18 01:09:02 +00:00 · b16484896b
commit b16484896b
parent 1482e4732e
2 changed files with 39 additions and 1 deletions
--- a/direct/src/p3d/Packager.py
+++ b/direct/src/p3d/Packager.py
@ -226,6 +226,7 @@ class Packager:
            self.compressionLevel = 0
            self.importedMapsDir = 'imported_maps'
            self.mainModule = None
+            self.signParams = []
            self.requires = []

            # This is the set of config variables assigned to the
@ -532,6 +533,11 @@ class Packager:
            if self.p3dApplication:
                self.makeP3dInfo()
            self.multifile.repack()
+
+            # Also sign the multifile before we close it.
+            for certificate, chain, pkey, password in self.signParams:
+                self.multifile.addSignature(certificate, chain or '', pkey or '', password or '')
+            
            self.multifile.close()

            if not multifileFilename.renameTo(self.packageFullpath):
@ -2207,6 +2213,21 @@ class Packager:

        self.currentPackage.mainModule = (moduleName, newName)

+    def do_sign(self, certificate, chain = None, pkey = None, password = None):
+        """ Signs the resulting p3d file (or package multifile) with
+        the indicated certificate.  If needed, the chain file should
+        contain the list of additional certificate authorities needed
+        to validate the signing certificate.  The pkey file should
+        contain the private key.
+
+        It is also legal for the certificate file to contain the chain
+        and private key embedded within it.
+
+        If the private key is encrypted, the password should be
+        supplied. """
+
+        self.currentPackage.signParams.append((certificate, chain, pkey, password))
+
    def do_setupPanda3D(self):
        """ A special convenience command that adds the minimum
        startup modules for a panda3d package, intended for developers
--- a/direct/src/p3d/packp3d.py
+++ b/direct/src/p3d/packp3d.py
@ -30,6 +30,13 @@ Options:
     (this is preferable to having the module start itself immediately
     upon importing).

+  -S file.crt[,chain.crt[,file.key[,\"password\"]]]
+     Signs the resulting p3d with the indicated certificate.  You may
+     specify the signing certificate, the optional authorization
+     chain, and the private key in three different files, or they may
+     all be combined in the first file.  If the private key is
+     encrypted, the password will be required to decrypt it.
+
  -r package
     Names an additional package that this application requires at
     startup time.  The default package is 'panda3d'; you may repeat
@ -65,12 +72,13 @@ class ArgumentError(StandardError):
    pass

 def makePackedApp(args):
-    opts, args = getopt.getopt(args, 'd:m:r:s:Dh')
+    opts, args = getopt.getopt(args, 'd:m:S:r:s:Dh')

    packager = Packager.Packager()

    root = Filename('.')
    main = None
+    signParams = []
    requires = []
    allowPythonDev = False
    
@ -79,6 +87,8 @@ def makePackedApp(args):
            root = Filename.fromOsSpecific(value)
        elif option == '-m':
            main = value
+        elif option == '-S':
+            signParams.append(value)
        elif option == '-r':
            requires.append(value)
        elif option == '-s':
@ -137,6 +147,13 @@ def makePackedApp(args):
        packager.do_dir(root)
        packager.do_mainModule(mainModule)

+        for param in signParams:
+            tokens = param.split(',')
+            while len(tokens) < 4:
+                tokens.append('')
+            certificate, chain, pkey, password = tokens[:4]
+            packager.do_sign(certificate, chain = chain, pkey = pkey, password = password)
+
        packager.endPackage()
        packager.close()