-
Notifications
You must be signed in to change notification settings - Fork 0
/
VeriSum_Sign.bat
299 lines (226 loc) · 11.5 KB
/
VeriSum_Sign.bat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
@ECHO OFF
TITLE VeriSum - Sign (Running)
SETLOCAL ENABLEDELAYEDEXPANSION
MODE con:cols=125 lines=30
MODE 125,30
GOTO comment_end
-----------------------------------------------------------------------------------------------------
VeriSum > Sign
Supports signing an existing hash txt file in the output folder or an SHA
txt file can be dropped on top of this BAT.
Signed sig and asc will be placed in the specified output folder.
Supports: [ x ] Drag/Drop sha txt file on BAT
[ x ] Self activate BAT to sign sha txt in output folder
-----------------------------------------------------------------------------------------------------
:comment_end
ECHO.
:: -----------------------------------------------------------------------------------------------------
:: define: algorithm
:: sets the algorithm to use.
:: default = SHA256
::
:: If changing this, ensure you also change it in all files:
:: - VeriSum_GENERATE.BAT
:: - VeriSum_SIGN.BAT
:: - VeriSum_VERIFY.BAT
::
:: options: MD5
:: SHA1
:: SHA256
:: SHA384
:: SHA512
:: Streebog
:: Blake2s
:: Blake2b
:: Blake3
:: -----------------------------------------------------------------------------------------------------
SET algo=SHA256
:: -----------------------------------------------------------------------------------------------------
:: define: gpg library
:: -----------------------------------------------------------------------------------------------------
set gpg_lib=gpg
:: -----------------------------------------------------------------------------------------------------
:: define: directories
:: -----------------------------------------------------------------------------------------------------
SET dir_home=%~dp0
SET dir_lib=.lib
SET dir_output=checksums
:: -----------------------------------------------------------------------------------------------------
:: define: files
:: -----------------------------------------------------------------------------------------------------
SET file_sha_src=%algo%.txt
SET file_sig=%algo%.sig
SET file_ext=asc
SET file_cfg=cfg\config.ini
:: -----------------------------------------------------------------------------------------------------
:: define: libraries
:: DO NOT EDIT
:: -----------------------------------------------------------------------------------------------------
SET echo=%dir_lib%"\cecho.exe"
:: -----------------------------------------------------------------------------------------------------
:: define: GPG key id
:: set this to the GPG key_id you wish to use
::
:: if you are unsure of your GPG key id, open your command prompt / terminal
:: and execute the command:
:: gpg --list-keys --keyid-format SHORT
:: -----------------------------------------------------------------------------------------------------
SET gpg_keyid=
:: -----------------------------------------------------------------------------------------------------
:: config file
:: -----------------------------------------------------------------------------------------------------
for /F "tokens=*" %%I in (%file_cfg%) do set %%I
:: -----------------------------------------------------------------------------------------------------
:: define: gpg
:: check if environment var GPGhome detected
:: -----------------------------------------------------------------------------------------------------
IF [%GPGHOME%]==[] (
cls
%echo% {CF} ERROR {\n\n}{silver}
%echo% You are missing the environment variable {03}GPGHOME{#}{\n}
%echo% Make sure you have {fuchisa}GPG/Gpg4win{#} installed. {\n\n}
%echo% You can install {fuchisa}GPG/Gpg4win{#} by visiting the website:{\n\n}
%echo% {lime}https://gpg4win.org/{white}{\n\n\n}
%echo% You can view your defined Windows environment variables by clicking the{\n}
%echo% {03}Start button{white}, selecting {03}Run{white} and typing the command:{\n\n}
%echo% {lime}rundll32 sysdm.cpl,EditEnvironmentVariables{white}{\n}
%echo% {white}{\n\n\n\n}
TITLE GPGHOME Missing [Error]
%echo% {CF} Press any key to acknowledge error and try anyway ... {white}{\n\n\n\n}
PAUSE >nul
cls
)
:: -----------------------------------------------------------------------------------------------------
:: define: gpg
:: attempt to locate gpg via where command
:: -----------------------------------------------------------------------------------------------------
WHERE /Q %gpg_lib%
IF !ERRORLEVEL! NEQ 0 (
cls
%echo% {CF} ERROR {\n\n}{silver}
%echo% This script has detected that the command {03}%gpg_lib%{#} is not accessible.{\n\n}
%echo% You can install {fuchisa}GPG/Gpg4win{#} by visiting the website:{\n\n}
%echo% {lime}https://www.gpg4win.org/{white}{\n\n\n}
%echo% {white}{\n\n\n\n}
TITLE GPG Missing [Error]
%echo% {CF} Press any key to acknowledge error and try anyway ... {white}{\n\n\n\n}
PAUSE >nul
cls
)
:: -----------------------------------------------------------------------------------------------------
:: missing gpg key_id
::
:: give user a chance to manually input their gpg key if default gpg_keyid var missing.
:: if user fails to input on-the-fly keyid, then abort.
:: -----------------------------------------------------------------------------------------------------
IF [%gpg_keyid%]==[] (
%echo% Please open {03}%file_cfg%{#} in notepad and assign a gpg key id to gpg_keyid {white}{\n\n}
%echo% {white} You can obtain your key id by installing {03}GPG/Gpg4win{#}.{white}{\n}
%echo% {white} Then open {03}Windows Terminal{#} or {03}Command Prompt{#} and execute the command: {white}{\n\n}
%echo% {white} gpg --list-secret-keys --keyid-format=short{white}{\n\n\n}
%echo% {08} Example:{white}{\n\n}
%echo% {white} {0C}SET{#} gpg_keyid={A0} BD3DC629 {white}{\n\n\n}
%echo% {06}
set /P v_input_keyid="Enter Key ID: "
%echo% {#}{\n\n}
if [!v_input_keyid!]==[] (
%echo% {CF}No GPG keyid provided, aborting ...{white}{\n\n\n\n}
%echo% {08}Press any key to close utility {white}{\n}
PAUSE >nul
Exit /B 0
)
SET gpg_keyid=!v_input_keyid!
GOTO NEXT
) else (
GOTO NEXT
)
:: -----------------------------------------------------------------------------------------------------
:: func: NEXT
:: called when code can progress
:: -----------------------------------------------------------------------------------------------------
:NEXT
TITLE VeriSum - Sign (RUNNING)
:: -----------------------------------------------------------------------------------------------------
:: remove trailing slash
:: -----------------------------------------------------------------------------------------------------
IF %dir_home:~-1%==\ SET dir_home=%dir_home:~0,-1%
:: -----------------------------------------------------------------------------------------------------
:: header
:: -----------------------------------------------------------------------------------------------------
%echo% {gray}-----------------------------------------------------------------------------------------------------{\n}{\n}
%echo% {lime}
%echo% %algo% - Sign{\n\n}{silver}
%echo% Takes an existing {03}%file_sha_src%{#} file and signs it with a GPG key.{\n}
%echo% Program will output a {03}%file_sig%{#} and {03}%file_sig%.%file_ext%{#}{\n\n}
%echo% Open this file in notepad if you want to change the {03}algorithm{#} you wish to use{\n\n}
%echo% Requires {fuchisa}Gpg4win{#} to be installed and {fuchisa}environment variables{#} setup.{\n}
%echo% {white}{\n}
%echo% {gray}-----------------------------------------------------------------------------------------------------{\n}{\n\n}{white}
:: -----------------------------------------------------------------------------------------------------
:: check if folder dragged/dropped on bat OR
:: existing hash.txt file in the defined output folder
:: -----------------------------------------------------------------------------------------------------
if "%~1" == "" (
if exist %dir_output%\%file_sha_src% (
SET file_sha_src=%dir_output%\%file_sha_src%
%echo% Using existing file {lime}%dir_output%\%file_sha_src%{white}{\n\n\n}
goto NEXT
) else (
goto FAIL
)
) else (
SET file_sha_src=%~1
%echo% Using dragged file {lime}!file_sha_src!{white}{\n\n\n}
goto NEXT
)
endlocal
:: -----------------------------------------------------------------------------------------------------
:: func: FAIL
:: called if no folder dragged onto bat
:: -----------------------------------------------------------------------------------------------------
:FAIL
%echo% {white}
%echo% {CF} ERROR {white} File {D7} %file_sha_src% {white} not found {white}{\n\n\n\n\n\n\n}{gray}
PAUSE
Exit /B 0
:: -----------------------------------------------------------------------------------------------------
:: func: NEXT
:: continue script
:: -----------------------------------------------------------------------------------------------------
:NEXT
:: -----------------------------------------------------------------------------------------------------
:: Replace \ with / for paths
:: -----------------------------------------------------------------------------------------------------
%echo% {green}[ x ]{gray} Replacing slash characters {\n}
(
FOR /f "usebackqdelims=" %%a IN ("%file_sha_src%") DO (
SET "line=%%a"
SET "line=!line:\=/!"
ECHO !line!
)
)>"%dir_output%\%file_sig%"
timeout /t 1 /nobreak >nul
:: -----------------------------------------------------------------------------------------------------
:: Convert file.sig from CRLF (Windows) to LF (Unix)
:: -----------------------------------------------------------------------------------------------------
%echo% {green}[ x ]{gray} CRLF to LF {blue}%dir_output%\%file_sig%{white}{\n}
call %dir_lib%\dos2unix.exe -q "%dir_output%\%file_sig%"
timeout /t 1 /nobreak >nul
:: -----------------------------------------------------------------------------------------------------
:: Create GPG signature
:: -----------------------------------------------------------------------------------------------------
%echo% {green}[ x ]{gray} Generating armored GPG file {blue}%dir_output%\%file_sig%.%file_ext%{\n}
%echo% {green}[ x ]{gray} Signing file with key id {blue}%gpg_keyid%{\n}
gpg --batch --yes -q --default-key "%gpg_keyid%" --clearsign "%dir_output%\%file_sig%"
timeout /t 2 /nobreak >nul
:: -----------------------------------------------------------------------------------------------------
:: Convert file.sig.asc from CRLF (Windows) to LF (Unix)
:: -----------------------------------------------------------------------------------------------------
%echo% {green}[ x ]{gray} CRLF to LF {blue}%dir_output%\%file_sig%.%file_ext%{white}{\n}
call %dir_lib%\dos2unix.exe -q "%dir_output%\%file_sig%.%file_ext%"
%echo% {\n\n}{yellow} Process has completed. Make sure no errors have appeared above.{gray}{\n\n\n\n}
timeout /t 2 /nobreak >nul
TITLE VeriSum - Sign (Complete)
%echo% {CF} Press any key to close utility {white}{\n}
PAUSE >nul
Exit /B 0