Security-57336.1.9.tar.gz

[apple/security.git] / OSX / libsecurity_codesigning / gke / gkmerge

diff --git a/OSX/libsecurity_codesigning/gke/gkmerge b/OSX/libsecurity_codesigning/gke/gkmerge
new file mode 100755 (executable)
index 0000000..bef6c2a
--- /dev/null
+++ b/OSX/libsecurity_codesigning/gke/gkmerge
@@ -0,0 +1,50 @@
+#!/usr/bin/python
+#
+# gkmerge - merge Gatekeeper whitelist snippets
+#
+# gkmerge [--output name] files...
+#      Takes GKE data from all files, merges it together, and writes it to a new snippet file 'output'.
+#
+import sys
+import os
+import signal
+import errno
+import subprocess
+import argparse
+import plistlib
+import uuid
+
+
+#
+# Usage and fail
+#
+def fail(whatever):
+       print >>sys.stderr, "%s: %s" % (sys.argv[0], whatever)
+       sys.exit(1)
+
+
+#
+# Argument processing
+#
+parser = argparse.ArgumentParser()
+parser.add_argument("--output", default="./snippet.gke", help="name of output file")
+parser.add_argument('source', nargs='+', help='files generated by the gkrecord command')
+args = parser.parse_args()
+
+
+#
+# Merge all the plist data from the input files, overriding with later files
+#
+gkedict = { }
+for source in args.source:
+       data = plistlib.readPlist(source)
+       gkedict.update(data)
+
+
+#
+# Write it back out as a snippet file
+#
+plistlib.writePlist(gkedict, args.output)
+print "Wrote %d authority records + %d signatures to %s" % (
+       len(gkedict["authority"]), len(gkedict["signatures"]), args.output
+)