|
1 # |
|
2 # Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 # All rights reserved. |
|
4 # This component and the accompanying materials are made available |
|
5 # under the terms of the License "Eclipse Public License v1.0" |
|
6 # which accompanies this distribution, and is available |
|
7 # at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 # |
|
9 # Initial Contributors: |
|
10 # Nokia Corporation - initial contribution. |
|
11 # |
|
12 # Contributors: |
|
13 # |
|
14 # Description: |
|
15 # This script was written as part the solution for DEF116697: Remove Security Test Certificates from CBR |
|
16 # The purpose of the defect was to stop the export of all test certificates that may not be Symbian owned. |
|
17 # To accomplish this the certificates were all moved to a new location which does not get put in the CBR. |
|
18 # This script is run in the ONB so that no new certificates are added to any directory that appears in the CBR. |
|
19 # (Note that the certificates in rootcerts are Symbian owned and so can be exported.) |
|
20 # This script takes 2 arguments |
|
21 # - directory to search for certificates (defaults to \common\generic\security) |
|
22 # - output file for result of test (defaults to $ENV{EPOCROOT}epoc32\\winscw\\c\\CheckLocationOfCertificatesLog.txt) |
|
23 # The script searches through the specified directory for any certificate files (files ending in .cer, .der and .crt). |
|
24 # It will print out the names of any files found. |
|
25 # |
|
26 |
|
27 |
|
28 use File::Find; |
|
29 |
|
30 # array holding the list of full path names to all the certificates found. |
|
31 @Certificates; |
|
32 |
|
33 |
|
34 sub FindCerts |
|
35 { |
|
36 # Check for certificates which are not in valid locations |
|
37 if (($File::Find::dir !~ m/\/switestfw\/testcertificates/) && ($File::Find::dir !~ m/\/rootcerts/) && ($File::Find::dir !~ m/\/testframework\/testcertificates/)) |
|
38 { |
|
39 if ($File::Find::name =~ m/\.cer$/i) |
|
40 { |
|
41 push @Certificates, $File::Find::name; |
|
42 } |
|
43 if ($File::Find::name =~ m/\.crt$/i) |
|
44 { |
|
45 push @Certificates, $File::Find::name; |
|
46 } |
|
47 if ($File::Find::name =~ m/\.der$/i) |
|
48 { |
|
49 push @Certificates, $File::Find::name; |
|
50 } |
|
51 if ($File::Find::name =~ m/\.pem$/i) |
|
52 { |
|
53 push @Certificates, $File::Find::name; |
|
54 } |
|
55 } |
|
56 |
|
57 } |
|
58 |
|
59 |
|
60 |
|
61 # Determine directory to search |
|
62 my $dirToSearch; |
|
63 if (@ARGV[0]) |
|
64 { |
|
65 $dirToSearch = $ARGV[0]; |
|
66 } |
|
67 else |
|
68 { |
|
69 $dirToSearch = "$ENV{'SECURITYSOURCEDIR'}"; |
|
70 } |
|
71 |
|
72 # Determine where to put the logs. This file will be parsed by the overnight build system. |
|
73 my $outputFile; |
|
74 if (@ARGV[1]) |
|
75 { |
|
76 $outputFile = $ARGV[1]; |
|
77 } |
|
78 else |
|
79 { |
|
80 die "EPOCROOT not defined, must specify directory" if !defined ($ENV{EPOCROOT}); |
|
81 my $emulatorLogDirectory = "$ENV{EPOCROOT}logs\\winscw\\c"; |
|
82 |
|
83 if ( ! -d $emulatorLogDirectory ) |
|
84 { |
|
85 system("md $ENV{EPOCROOT}logs\\winscw\\c"); |
|
86 } |
|
87 $outputFile = "$ENV{EPOCROOT}epoc32\\winscw\\c\\checklocationofcertificateslog.txt"; |
|
88 } |
|
89 |
|
90 unlink $outputFile; |
|
91 die "\nUnable to open log $outputFile\n" if( not open( SCANLOG, ">$outputFile" ) ); |
|
92 |
|
93 |
|
94 print SCANLOG "\nScanning $dirToSearch for incorrectly located certificate files.\n\n"; |
|
95 |
|
96 |
|
97 # Search for certificate files |
|
98 find { wanted => \&FindCerts, no_chdir => 1 }, $dirToSearch; |
|
99 |
|
100 my $count = scalar(@Certificates); |
|
101 |
|
102 if ($count eq 0) |
|
103 { |
|
104 print (SCANLOG "No certificates found in $dirToSearch. Test PASSED.\n\n"); |
|
105 print (SCANLOG "\nTests completed OK"); |
|
106 print (SCANLOG "\nRun: 1"); |
|
107 print (SCANLOG "\nPassed: 1"); |
|
108 print (SCANLOG "\n0 tests failed out of 1"); |
|
109 } |
|
110 else |
|
111 { |
|
112 foreach $certificatefile (@Certificates) |
|
113 { |
|
114 $certificatefile =~ s/\//\\/g; |
|
115 print (SCANLOG "Certificate: $certificatefile is in an invalid location. Should be moved to ......\\security\\installtestframework\\testcertificates\\...\n"); |
|
116 print (SCANLOG "Test for $certificatefile FAILED.\n\n"); |
|
117 } |
|
118 print (SCANLOG "\nTests completed OK"); |
|
119 print (SCANLOG "\nRun: 1"); |
|
120 print (SCANLOG "\nPassed: 0"); |
|
121 print (SCANLOG "\n1 tests failed out of 1"); |
|
122 } |
|
123 |
|
124 close(SCANLOG); |
|
125 |
|
126 |
|
127 |