blob: 1e60159f992c317830248930a06b6bdca92bf7d8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
@echo off
rem $Id: UnpackBlessedDrivers.cmd $
rem rem @file
rem Windows NT batch script for unpacking drivers after being signed.
rem
rem
rem Copyright (C) 2018-2022 Oracle and/or its affiliates.
rem
rem This file is part of VirtualBox base platform packages, as
rem available from https://www.virtualbox.org.
rem
rem This program is free software; you can redistribute it and/or
rem modify it under the terms of the GNU General Public License
rem as published by the Free Software Foundation, in version 3 of the
rem License.
rem
rem This program is distributed in the hope that it will be useful, but
rem WITHOUT ANY WARRANTY; without even the implied warranty of
rem MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
rem General Public License for more details.
rem
rem You should have received a copy of the GNU General Public License
rem along with this program; if not, see <https://www.gnu.org/licenses>.
rem
rem SPDX-License-Identifier: GPL-3.0-only
rem
setlocal ENABLEEXTENSIONS
setlocal
rem
rem Globals and Check for environment variables we need.
rem
if ".%KBUILD_DEVTOOLS%" == "." (echo KBUILD_DEVTOOLS is not set & goto end_failed)
set _MY_DRIVER_BASE_NAMES=VBoxSup VBoxNetAdp6 VBoxNetLwf VBoxUSB VBoxUSBMon
set _MY_GUEST_ADDITIONS_DRIVER_BASE_NAMES=VBoxVideo VBoxWddm VBoxGuest VBoxMouse
set _MY_UNZIP=%KBUILD_DEVTOOLS%\win.x86\bin\unzip.exe
if not exist "%_MY_UNZIP%" (echo "%_MY_UNZIP%" does not exist & goto end_failed)
rem
rem Parse arguments.
rem
set _MY_OPT_BINDIR=..\bin
set _MY_OPT_INPUT=
set _MY_OPT_SIGN_CAT=1
set _MY_OPT_SIGN_VERIFY=1
:argument_loop
if ".%1" == "." goto no_more_arguments
if ".%1" == ".-h" goto opt_h
if ".%1" == ".-?" goto opt_h
if ".%1" == "./h" goto opt_h
if ".%1" == "./H" goto opt_h
if ".%1" == "./?" goto opt_h
if ".%1" == ".-help" goto opt_h
if ".%1" == ".--help" goto opt_h
if ".%1" == ".-b" goto opt_b
if ".%1" == ".--bindir" goto opt_b
if ".%1" == ".-i" goto opt_i
if ".%1" == ".--input" goto opt_i
if ".%1" == ".-n" goto opt_n
if ".%1" == ".--no-sign-cat" goto opt_n
if ".%1" == ".-v" goto opt_v
if ".%1" == ".--no-sign-verify" goto opt_v
if ".%1" == ".--guest-additions" goto opt_ga
echo syntax error: Unknown option: %1
echo Try --help to list valid options.
goto end_failed
:argument_loop_next_with_value
shift
shift
goto argument_loop
:opt_b
if ".%~2" == "." goto syntax_error_missing_value
set _MY_OPT_BINDIR=%~2
goto argument_loop_next_with_value
:opt_h
echo This script unpacks the zip-file containing the blessed driver files from
echo Microsoft, replacing original files in the bin directory. The catalog files
echo will be signed again and the Microsoft signature merged with ours.
echo .
echo Usage: UnpackBlessedDrivers.cmd [-b bindir] [-n/--no-sign-cat] [-v/--no-sign-verify] -i input.zip
echo .
echo Warning! This script should normally be invoked from the repack directory
goto end_failed
:opt_i
if ".%~2" == "." goto syntax_error_missing_value
set _MY_OPT_INPUT=%~2
goto argument_loop_next_with_value
:opt_n
set _MY_OPT_SIGN_CAT=0
shift
goto argument_loop
:opt_v
set _MY_OPT_SIGN_VERIFY=0
shift
goto argument_loop
:opt_ga
set _MY_DRIVER_BASE_NAMES=%_MY_GUEST_ADDITIONS_DRIVER_BASE_NAMES%
shift
goto argument_loop
:syntax_error_missing_value
echo syntax error: missing or empty option value after %1
goto end_failed
:error_bindir_does_not_exist
echo syntax error: Specified BIN directory does not exist: "%_MY_OPT_BINDIR%"
goto end_failed
:error_input_not_found
echo error: Input file does not exist: "%_MY_OPT_INPUT%"
goto end_failed
:no_more_arguments
rem validate specified options
if not exist "%_MY_OPT_BINDIR%" goto error_bindir_does_not_exist
rem figure defaults here: if ".%_MY_OPT_INPUT%" == "." if exist "%_MY_OPT_BINDIR%\x86" set _MY_OPT_INPUT=VBoxDrivers-amd64.cab
rem figure defaults here: if ".%_MY_OPT_INPUT%" == "." set _MY_OPT_INPUT=VBoxDrivers-x86.cab
if not exist "%_MY_OPT_INPUT%" goto error_input_not_found
rem
rem Unpack the stuff.
rem We ignore error level 1 here as that is what unzip returns on warning (slashes).
rem
"%_MY_UNZIP%" -o -j "%_MY_OPT_INPUT%" -d "%_MY_OPT_BINDIR%" && goto unzip_okay
if NOT ERRORLEVEL 1 goto end_failed
:unzip_okay
if ".%_MY_OPT_SIGN_VERIFY%" == ".0" goto no_sign_verify
rem
rem Verify it against the PreW10 catalog files we saved.
rem
set _MY_SIGNTOOL=%KBUILD_DEVTOOLS%\win.x86\sdk\v8.1\bin\x86\signtool.exe
if not exist "%_MY_SIGNTOOL%" set _MY_SIGNTOOL=%KBUILD_DEVTOOLS%\win.x86\selfsign\r3\signtool.exe
for %%d in (%_MY_DRIVER_BASE_NAMES%) do (
@echo * Verifying %%d against %%d.cat...
"%_MY_SIGNTOOL%" verify /kp /c "%_MY_OPT_BINDIR%\%%d.cat" "%_MY_OPT_BINDIR%\%%d.inf" || goto end_failed
"%_MY_SIGNTOOL%" verify /kp /c "%_MY_OPT_BINDIR%\%%d.cat" "%_MY_OPT_BINDIR%\%%d.sys" || goto end_failed
rem The following is disabled because signtool.exe does not accept these
rem signatures because it fails to look at the timestamp. Eventually should
rem replace this by doing out own signature verification in RTSignTool.
rem @echo * Verifying %%d against %%d-PreW10.cat...
rem "%_MY_SIGNTOOL%" verify /kp /c "%_MY_OPT_BINDIR%\%%d-PreW10.cat" "%_MY_OPT_BINDIR%\%%d.inf" || goto end_failed
rem "%_MY_SIGNTOOL%" verify /kp /c "%_MY_OPT_BINDIR%\%%d-PreW10.cat" "%_MY_OPT_BINDIR%\%%d.sys" || goto end_failed
)
:no_sign_verify
rem
rem Modify the catalog signatures.
rem
if "%_MY_OPT_SIGN_CAT%" == "0" goto no_sign_cat
set PATH=%PATH%;%_MY_OPT_BINDIR%
for %%d in (%_MY_DRIVER_BASE_NAMES%) do (
copy /y "%_MY_OPT_BINDIR%\%%d.cat" "%_MY_OPT_BINDIR%\%%d.cat.ms" || goto end_failed
call sign-dual.cmd "%_MY_OPT_BINDIR%\%%d.cat" || goto end_failed
"%_MY_OPT_BINDIR%\tools\RTSignTool.exe" add-nested-cat-signature -v "%_MY_OPT_BINDIR%\%%d.cat" "%_MY_OPT_BINDIR%\%%d.cat.ms" || goto end_failed
)
:no_sign_cat
goto end
:end_failed
@echo failed (%ERRORLEVEL%)
@endlocal
@endlocal
@exit /b 1
:end
@endlocal
@endlocal
|