#!/bin/sh
# Sign a file with Microsoft Commercial Code Signing purpose set for SPC_STATEMENT_TYPE_OBJID
# object ID numbers (OIDs) "1.3.6.1.4.1.311.2.1.11"
# changes default Microsoft Individual Code Signing:
# "0x30, 0x0c, x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15"
# sets Microsoft Commercial Code Signing:
# "0x30, 0x0c, x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x16"

. $(dirname $0)/../test_library
script_path=$(pwd)
test_nr=16

for file in ${script_path}/../logs/notsigned/*.*
  do
    name="${file##*/}"
    ext="${file##*.}"
    desc=""
    case $ext in
      "cat") filetype=CAT; format_nr=1 ;;
      "msi") filetype=MSI; format_nr=2 ;;
      "ex_") filetype=CAB; format_nr=3 ;;
      "exe") filetype=PE; format_nr=4 ;;
      "ps1")
        filetype=TXT
        if xxd -p -l 2 "notsigned/$name" | grep -q "fffe"; then
          format_nr=5
          desc=" UTF-16LE(BOM)"
        elif xxd -p -l 3 "notsigned/$name" | grep -q "efbbbf"; then
          format_nr=6
          desc=" UTF-8(BOM)"
        else
          format_nr=7
          desc=" UTF-8"
        fi ;;
    esac

    number="$test_nr$format_nr"
    test_name="Sign a $filetype$desc file with the common purpose set"
    printf "\n%03d. %s\n" "$number" "$test_name"

    ../../osslsigncode sign -h sha256 \
      -st "1556668800" \
      -comm \
      -certs "${script_path}/../certs/cert.pem" -key "${script_path}/../certs/key.pem" \
      -in "notsigned/$name" -out "test_$number.$ext"
    result=$?

    if test "$filetype" = "TXT" && ! cmp -l -n 3 "notsigned/$name" "test_$number.$ext"; then
      printf "%s\n" "Compare file prefix failed"
      test_result "1" "$number" "$test_name"
    else
      verify_signature "$result" "$number" "$ext" "success" "@2019-09-01 12:00:00" \
        "UNUSED_PATTERN" "Microsoft Commercial Code Signing" "UNUSED_PATTERN"
      test_result "$?" "$number" "$test_name"
    fi
  done

exit 0
