Added multiple files support to the Ant task

Vzor- · ebourg · commit b79a60aeff0a · 2021-08-28T12:06:08.000+02:00
diff --git a/README.md b/README.md
@@ -42,6 +42,7 @@ See https://ebourg.github.io/jsign for more information.
 
 #### Version 4.1 (in development)
 
+* The Ant task can now sign multiple files by defining a fileset (contributed by Kyle Berezin)
 * Fixed the _"Map failed"_ OutOfMemoryError when signing large MSI files
 
 #### Version 4.0 (2021-08-09)
diff --git a/TODO.txt b/TODO.txt
@@ -5,7 +5,6 @@ TODO
 - Support private keys exported with PKCS#8 
 - Detect the type of the keystore automatically (guess from the extension and try all the other types as a fallback)
 - Support unauthenticated blobs
-- Sign multiple files (fileset)
 - Support generating MsiDigitalSignatureEx entries when signing MSI files (requires access to the streams metadata in POI)
 - load password from the environment (CLI syntax: env:VARIABLE_NAME)
 - AWS KMS integration
diff --git a/jsign-ant/src/main/java/net/jsign/JsignTask.java b/jsign-ant/src/main/java/net/jsign/JsignTask.java
@@ -20,6 +20,7 @@
 
 import org.apache.tools.ant.BuildException;
 import org.apache.tools.ant.Task;
+import org.apache.tools.ant.types.FileSet;
 
 /**
  * Ant task for signing files with Authenticode.
@@ -32,6 +33,9 @@ public class JsignTask extends Task {
     /** The file to be signed. */
     private File file;
 
+    /** The set of files to be signed. */
+    private FileSet fileset;
+
     /** The program name embedded in the signature. */
     private String name;
 
@@ -87,6 +91,10 @@ public void setFile(File file) {
         this.file = file;
     }
 
+    public void addFileset(FileSet fileset) {
+        this.fileset = fileset;
+    }
+
     public void setName(String name) {
         this.name = name;
     }
@@ -177,8 +185,14 @@ public void execute() throws BuildException {
             helper.replace(replace);
             helper.encoding(encoding);
             helper.detached(detached);
-            
-            helper.sign(file);
+
+            if (fileset != null) {
+                for(String fileElement : fileset.getDirectoryScanner().getIncludedFiles()) {
+                    helper.sign(new File(fileset.getDir(), fileElement));
+                }
+            } else {
+                helper.sign(file);
+            }
         } catch (Exception e) {
             throw new BuildException(e.getMessage(), e, getLocation());
         }
diff --git a/jsign-ant/src/test/java/net/jsign/JsignTaskTest.java b/jsign-ant/src/test/java/net/jsign/JsignTaskTest.java
@@ -187,6 +187,37 @@ public void testSigning() throws Exception {
         }
     }
 
+    @Test
+    public void testSigningMultipleFiles() throws Exception {
+        FileUtils.copyFile(sourceFile, targetFile);
+
+        project.executeTarget("signing-multiple-files");
+
+        File targetFile2 = new File("target/test-classes/wineyes-multiple-files-test.exe");
+
+        assertTrue("The file " + targetFile + " wasn't changed", SOURCE_FILE_CRC32 != FileUtils.checksumCRC32(targetFile));
+        assertTrue("The file " + targetFile2 + " wasn't changed", SOURCE_FILE_CRC32 != FileUtils.checksumCRC32(targetFile2));
+
+        try (PEFile peFile = new PEFile(targetFile)) {
+            List<CMSSignedData> signatures = peFile.getSignatures();
+            assertNotNull(signatures);
+            assertEquals(1, signatures.size());
+
+            CMSSignedData signature = signatures.get(0);
+
+            assertNotNull(signature);
+        }
+        try (PEFile peFile = new PEFile(targetFile2)) {
+            List<CMSSignedData> signatures = peFile.getSignatures();
+            assertNotNull(signatures);
+            assertEquals(1, signatures.size());
+
+            CMSSignedData signature = signatures.get(0);
+
+            assertNotNull(signature);
+        }
+    }
+
     @Test
     public void testSigningPowerShell() throws Exception {
         File sourceFile = new File("target/test-classes/hello-world.ps1");
diff --git a/jsign-ant/src/test/resources/testbuild.xml b/jsign-ant/src/test/resources/testbuild.xml
@@ -88,6 +88,22 @@
              keypass="${keypass}"/>
   </target>
 
+  <target name="signing-multiple-files">
+    <copy file="wineyes.exe" tofile="wineyes-multiple-files-test.exe" overwrite="true"/>
+    <jsign name="WinEyes"
+           url="http://www.steelblue.com/WinEyes"
+           alg="SHA-1"
+           keystore="${keystore}"
+           alias="${alias}"
+           keypass="${keypass}"
+           tsmode="authenticode">
+      <fileset dir="./">
+        <include name="wineyes-multiple-files-test.exe"/>
+        <include name="wineyes-signed-with-ant.exe"/>
+      </fileset>
+    </jsign>
+  </target>
+
   <target name="signing-powershell">
     <jsign file="hello-world-signed-with-ant.ps1"
            alg="SHA-1"
