rust-scripts/scriptbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: script-sign-rs script-verify-rs

Browse Source
This commit is contained in:
Hatter Jiang
2025-01-23 00:25:34 +08:00
parent 912332da97
commit c2af7ec23b
12 changed files with 1238 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
file-meta.txt
View File

@@ -9,5 +9,6 @@ osssendfile-rs
post-rs
rpm-read-rs
script-sign-rs
script-verify-rs
sync-rs
xattr-rs

14
script-meta-v2.json
View File

@@ -90,11 +90,19 @@
},
"script-sign.rs": {
"script_name": "script-sign.rs",
"script_length": 4457,
"script_sha256": "9b688c4446a13d0d0013220a41984fdb4288c99bc5d8c80b641ec7ac04f7a6c0",
"script_length": 3029,
"script_sha256": "08b9ef13b770004e058a337d0493b22784c6568012bc507cc2a412a3b7f330c8",
"script_full_url": "https://git.hatter.ink/rust-scripts/scriptbase/raw/branch/main/script-sign-rs/src/main.rs",
"publish_time": 1737272563311,
"update_time": 1737481447995
"update_time": 1737563113466
},
"script-verify.rs": {
"script_name": "script-verify.rs",
"script_length": 2388,
"script_sha256": "3e0947c475c14249a3545fd8793488fa6df4acab6f97c1340e50593a71f24924",
"script_full_url": "https://git.hatter.ink/rust-scripts/scriptbase/raw/branch/main/script-verify-rs/src/main.rs",
"publish_time": 1737563113466,
"update_time": 1737563113466
},
"sync.rs": {
"script_name": "sync.rs",

9
script-meta.json
View File

@@ -51,8 +51,13 @@
},
"script-sign-rs": {
"script_name": "script-sign-rs",
"script_length": 4457,
"script_sha256": "9b688c4446a13d0d0013220a41984fdb4288c99bc5d8c80b641ec7ac04f7a6c0"
"script_length": 3029,
"script_sha256": "08b9ef13b770004e058a337d0493b22784c6568012bc507cc2a412a3b7f330c8"
},
"script-verify-rs": {
"script_name": "script-verify-rs",
"script_length": 2388,
"script_sha256": "3e0947c475c14249a3545fd8793488fa6df4acab6f97c1340e50593a71f24924"
},
"sync-rs": {
"script_name": "sync-rs",

75
script-sign-rs/Cargo.lock generated
View File

@@ -67,11 +67,12 @@ dependencies = [
[[package]]
name = "anstyle-wincon"
version = "3.0.6"
version = "3.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2109dbce0e72be3ec00bed26e6a7479ca384ad226efdd66db8fa2e3a38c83125"
checksum = "ca3534e77181a9cc07539ad51f2141fe32f6c3ffd4df76db8ad92346b003ae4e"
dependencies = [
"anstyle",
"once_cell",
"windows-sys",
]
@@ -101,9 +102,9 @@ checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
[[package]]
name = "bitflags"
version = "2.6.0"
version = "2.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"
checksum = "8f68f53c83ab957f72c32642f3868eec03eb974d1fb82e453128456482613d36"
[[package]]
name = "block-buffer"
@@ -122,9 +123,9 @@ checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c"
[[package]]
name = "cc"
version = "1.2.7"
version = "1.2.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a012a0df96dd6d06ba9a1b29d6402d1a5d77c6befd2566afdc26e10603dc93d7"
checksum = "13208fcbb66eaeffe09b99fffbe1af420f00a7b35aa99ad683dfc1aa76145229"
dependencies = [
"shlex",
]
@@ -151,9 +152,9 @@ dependencies = [
[[package]]
name = "clap"
version = "4.5.23"
version = "4.5.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3135e7ec2ef7b10c6ed8950f0f792ed96ee093fa088608f1c76e569722700c84"
checksum = "769b0145982b4b48713e01ec42d61614425f27b7058bda7180a3a41f30104796"
dependencies = [
"clap_builder",
"clap_derive",
@@ -161,9 +162,9 @@ dependencies = [
[[package]]
name = "clap_builder"
version = "4.5.23"
version = "4.5.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30582fc632330df2bd26877bde0c1f4470d57c582bbc070376afcd04d8cb4838"
checksum = "1b26884eb4b57140e4d2d93652abfa49498b938b3c9179f9fc487b0acc3edad7"
dependencies = [
"anstream",
"anstyle",
@@ -173,9 +174,9 @@ dependencies = [
[[package]]
name = "clap_derive"
version = "4.5.18"
version = "4.5.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4ac6a0c7b1a9e9a5186361f67dfa1b88213572f427fb9ab038efb2bd8c582dab"
checksum = "54b755194d6389280185988721fffba69495eed5ee9feeee9a599b53db80318c"
dependencies = [
"heck",
"proc-macro2",
@@ -427,9 +428,9 @@ checksum = "d75a2a4b1b190afb6f5425f10f6a8f959d2ea0b9c2b1d79553551850539e4674"
[[package]]
name = "js-sys"
version = "0.3.76"
version = "0.3.77"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6717b6b5b077764fb5966237269cb3c64edddde4b14ce42647430a78ced9e7b7"
checksum = "1cfaf33c695fc6e08064efbc1f72ec937429614f25eef83af942d0e227c3a28f"
dependencies = [
"once_cell",
"wasm-bindgen",
@@ -459,9 +460,9 @@ dependencies = [
[[package]]
name = "log"
version = "0.4.22"
version = "0.4.25"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24"
checksum = "04cbf5b083de1c7e0222a7a51dbfdba1cbe1c6ab0b15e29fff3f6c077fd9cd9f"
[[package]]
name = "memchr"
@@ -538,9 +539,9 @@ dependencies = [
[[package]]
name = "proc-macro2"
version = "1.0.92"
version = "1.0.93"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "37d3544b3f2748c54e147655edb5025752e2303145b5aefb3c3ea2c78b973bb0"
checksum = "60946a68e5f9d28b0dc1c21bb8a97ee7d018a8b322fa57838ba31cc878e22d99"
dependencies = [
"unicode-ident",
]
@@ -645,9 +646,9 @@ checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f"
[[package]]
name = "script-sign"
version = "0.1.0"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "187af8146515de8a5cde0828910084742ebd4e8e5898a51aea83eeb3099d482e"
checksum = "ea5d04451fc662739bab9ec4d1ecb5071465298d7a9ad5ef214b19ee2d3f30f2"
dependencies = [
"base64",
"digest",
@@ -665,7 +666,7 @@ dependencies = [
[[package]]
name = "script-sign-rs"
version = "0.1.0"
version = "0.1.1"
dependencies = [
"clap",
"rust_util",
@@ -708,9 +709,9 @@ dependencies = [
[[package]]
name = "serde_json"
version = "1.0.134"
version = "1.0.137"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d00f4175c42ee48b15416f6193a959ba3a0d67fc699a0db9ad12df9f83991c7d"
checksum = "930cfb6e6abf99298aaad7d29abbef7a9999a9a8806a40088f55f0dcec03146b"
dependencies = [
"itoa",
"memchr",
@@ -779,9 +780,9 @@ checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
[[package]]
name = "syn"
version = "2.0.95"
version = "2.0.96"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "46f71c0377baf4ef1cc3e3402ded576dccc315800fbc62dfc7fe04b009773b4a"
checksum = "d5d0adab1ae378d7f53bdebc67a39f1f151407ef230f0ce2883572f5d8985c80"
dependencies = [
"proc-macro2",
"quote",
@@ -861,20 +862,21 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "wasm-bindgen"
version = "0.2.99"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a474f6281d1d70c17ae7aa6a613c87fce69a127e2624002df63dcb39d6cf6396"
checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5"
dependencies = [
"cfg-if",
"once_cell",
"rustversion",
"wasm-bindgen-macro",
]
[[package]]
name = "wasm-bindgen-backend"
version = "0.2.99"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5f89bb38646b4f81674e8f5c3fb81b562be1fd936d84320f3264486418519c79"
checksum = "2f0a0651a5c2bc21487bde11ee802ccaf4c51935d0d3d42a6101f98161700bc6"
dependencies = [
"bumpalo",
"log",
@@ -886,9 +888,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro"
version = "0.2.99"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2cc6181fd9a7492eef6fef1f33961e3695e4579b9872a6f7c83aee556666d4fe"
checksum = "7fe63fc6d09ed3792bd0897b314f53de8e16568c2b3f7982f468c0bf9bd0b407"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
@@ -896,9 +898,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro-support"
version = "0.2.99"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30d7a95b763d3c45903ed6c81f156801839e5ee968bb07e534c44df0fcd330c2"
checksum = "8ae87ea40c9f689fc23f209965b6fb8a99ad69aeeb0231408be24920604395de"
dependencies = [
"proc-macro2",
"quote",
@@ -909,9 +911,12 @@ dependencies = [
[[package]]
name = "wasm-bindgen-shared"
version = "0.2.99"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "943aab3fdaaa029a6e0271b35ea10b72b943135afe9bffca82384098ad0e06a6"
checksum = "1a05d73b933a847d6cccdda8f838a22ff101ad9bf93e33684f39c1f5f0eece3d"
dependencies = [
"unicode-ident",
]
[[package]]
name = "winapi"

6
script-sign-rs/Cargo.toml
View File

@@ -1,9 +1,9 @@
[package]
name = "script-sign-rs"
version = "0.1.0"
version = "0.1.1"
edition = "2021"
[dependencies]
clap = { version = "4.5.23", features = ["derive"] }
rust_util = "0.6.47"
clap = { version = "4.5", features = ["derive"] }
rust_util = "0.6"
script-sign = "0.1"

111
script-sign-rs/src/main.rs
View File

@@ -2,13 +2,13 @@
//! ```cargo
//! [dependencies]
//! clap = { version = "4.5.23", features = ["derive"] }
//! rust_util = "0.6.47"
//! clap = { version = "4.5", features = ["derive"] }
//! rust_util = "0.6"
//! script-sign = "0.1"
//! ```
use clap::Parser;
use rust_util::{failure, failure_and_exit, information, success, warning};
use rust_util::{failure, information, success, warning};
use script_sign::{KeyMap, Script};
use std::fs;
use std::path::PathBuf;
@@ -17,12 +17,6 @@ use std::path::PathBuf;
#[derive(Parser, Debug)]
#[command(version, about, long_about = None, bin_name = "script-sign.rs")]
struct Args {
/// Sign script
#[arg(long)]
sign: bool,
/// Verify script
#[arg(long)]
verify: bool,
/// Force sign script
#[arg(long)]
force: bool,
@@ -32,15 +26,17 @@ struct Args {
fn main() {
let args = Args::parse();
if !args.verify && !args.sign {
failure_and_exit!("Argument --verify or --sign must assigned.");
let key_map = KeyMap::system();
let total_scripts = args.scripts.len();
if total_scripts == 0 {
warning!("No scripts assigned.");
return;
}
let key_map = KeyMap::system().unwrap();
let total_scripts = args.scripts.len();
for (i, script_path) in args.scripts.iter().enumerate() {
information!(
"Processing {}/{}: {}",
"Signing {}/{}: {}",
(i + 1),
total_scripts,
script_path.display()
@@ -67,69 +63,42 @@ fn main() {
}
};
if args.verify {
// VERIFY SCRIPT
if let Some(signature) = &script.signature {
match script.verify(&key_map) {
Ok(true) => {
success!(
"Verify script success: {}, key ID: {}, sign date: {}",
script_path.display(),
signature.key_id,
signature.time
);
}
Ok(false) => {
failure!("Verify script failed: {}", script_path.display());
}
Err(e) => {
warning!("Verify script: {} failed: {}", script_path.display(), e);
}
}
} else {
warning!("Script is not signed: {}", script_path.display());
}
} else if args.sign {
// SIGN SCRIPT
let mut continue_sign = false;
if script.signature.is_some() {
match script.verify(&key_map) {
Ok(true) => {
if args.force {
continue_sign = true;
} else {
warning!("Script is singed, force sign script need --force flag.");
}
}
Ok(false) => {
let mut continue_sign = false;
if script.signature.is_some() {
match script.verify(&key_map) {
Ok(true) => {
if args.force {
continue_sign = true;
}
Err(e) => {
warning!("Verify script: {} failed: {}", script_path.display(), e);
} else {
warning!("Script is singed, force sign script need --force flag.");
}
}
} else {
continue_sign = true;
}
if continue_sign {
information!("Prepare sign script: {}", script_path.display());
match script.sign() {
Ok(_) => match fs::write(script_path, &script.as_string()) {
Ok(_) => {
success!("Sign script success: {}", script_path.display());
}
Err(e) => {
failure!("Sign script {} failed: {}", script_path.display(), e);
}
},
Err(e) => {
failure!("Sign script {} failed: {}", script_path.display(), e);
}
Ok(false) => {
continue_sign = true;
}
Err(e) => {
warning!("Verify script: {} failed: {}", script_path.display(), e);
}
}
} else {
// SHOULD REACH HERE
failure_and_exit!("Argument --verify or --sign flag must assigned.");
continue_sign = true;
}
if continue_sign {
information!("Prepare sign script: {}", script_path.display());
match script.sign() {
Ok(_) => match fs::write(script_path, &script.as_string()) {
Ok(_) => {
success!("Sign script success: {}", script_path.display());
}
Err(e) => {
failure!("Sign script {} failed: {}", script_path.display(), e);
}
},
Err(e) => {
failure!("Sign script {} failed: {}", script_path.display(), e);
}
}
}
}
}

3
script-sign-rs/test.js
View File

@@ -1,3 +1,4 @@
console.log('hello world');
// @SCRIPT-SIGNATURE-V1: yk-r1.ES256.20250105T213419+08:00.MEUCIDGpmzkPcGE0yFO/ARKc0DwRD64Qay7vB9k2jQ7xSL8UAiEAynSg+OWp3oSC06GRQFUg/znGY3aGiSq5TztTykAqxKs=
// @SCRIPT-SIGNATURE-V1: yk-r1.ES256.20250123T001551+08:00.MEQCIAS0qLGvA++l+8EeA2/t
// qHUZ1JtPfjExH1VAfN2ka4WyAiB+m2tkiwR8iK8a7DL96dr1HVC8MtYiPA5P9qJCPv3dJA==

1029
script-verify-rs/Cargo.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff

9
script-verify-rs/Cargo.toml Normal file
View File

@@ -0,0 +1,9 @@
[package]
name = "script-verify-rs"
version = "0.1.1"
edition = "2021"
[dependencies]
clap = { version = "4.5", features = ["derive"] }
rust_util = "0.6"
script-sign = "0.1"

8
script-verify-rs/README.md Normal file
View File

@@ -0,0 +1,8 @@
# script-verify
Signature format (last line):
```plain
// @SCRIPT-SIGNATURE-V1: <key-id>.<algotirhm>.<time>.<signature-value-in-base64>
```

84
script-verify-rs/src/main.rs Executable file
View File

@@ -0,0 +1,84 @@
#!/usr/bin/env runrs
//! ```cargo
//! [dependencies]
//! clap = { version = "4.5", features = ["derive"] }
//! rust_util = "0.6"
//! script-sign = "0.1"
//! ```
use clap::Parser;
use rust_util::{failure, information, success, warning};
use script_sign::{KeyMap, Script};
use std::fs;
use std::path::PathBuf;
/// Script signing tool
#[derive(Parser, Debug)]
#[command(version, about, long_about = None, bin_name = "script-verify.rs")]
struct Args {
/// Script file path
scripts: Vec<PathBuf>,
}
fn main() {
let args = Args::parse();
let key_map = KeyMap::system();
let total_scripts = args.scripts.len();
if total_scripts == 0 {
warning!("No scripts assigned.");
return;
}
for (i, script_path) in args.scripts.iter().enumerate() {
information!(
"Verifying {}/{}: {}",
(i + 1),
total_scripts,
script_path.display()
);
if !script_path.is_file() {
warning!("Not a file: {}", script_path.display());
continue;
}
let script_content = match fs::read_to_string(script_path) {
Ok(script_content) => script_content,
Err(e) => {
warning!("Read script: {} failed: {}", script_path.display(), e);
continue;
}
};
let script = match Script::parse(&script_content) {
Ok(script) => script,
Err(e) => {
warning!("Read script: {} failed: {}", script_path.display(), e);
continue;
}
};
if let Some(signature) = &script.signature {
match script.verify(&key_map) {
Ok(true) => {
success!(
"Verify script success: {}, key ID: {}, sign date: {}",
script_path.display(),
signature.key_id,
signature.time
);
}
Ok(false) => {
failure!("Verify script failed: {}", script_path.display());
}
Err(e) => {
warning!("Verify script: {} failed: {}", script_path.display(), e);
}
}
} else {
warning!("Script is not signed: {}", script_path.display());
}
}
}

4
script-verify-rs/test.js Normal file
View File

@@ -0,0 +1,4 @@
console.log('hello world');
// @SCRIPT-SIGNATURE-V1: yk-r1.ES256.20250123T001551+08:00.MEQCIAS0qLGvA++l+8EeA2/t
// qHUZ1JtPfjExH1VAfN2ka4WyAiB+m2tkiwR8iK8a7DL96dr1HVC8MtYiPA5P9qJCPv3dJA==