From 90ad0a6c577c693cdc62fcb35ab818387f9169db Mon Sep 17 00:00:00 2001 From: Lex Li Date: Mon, 5 Aug 2024 20:50:53 -0400 Subject: [PATCH] Fixed signing steps. --- cert.txt | 1 - dist.nuget.bat | 2 +- release.ps1 | 23 +++-------------------- sign.assembly.ps1 | 19 ++++++------------- sign3.bat | 19 ------------------- sign3.ps1 | 24 ++++++++++++++++++++++++ 6 files changed, 34 insertions(+), 54 deletions(-) delete mode 100644 cert.txt delete mode 100644 sign3.bat create mode 100644 sign3.ps1 diff --git a/cert.txt b/cert.txt deleted file mode 100644 index 0308bb08..00000000 --- a/cert.txt +++ /dev/null @@ -1 +0,0 @@ -Cert:\CurrentUser\my\8ef9a86dfd4bd0b4db313d55c4be8b837efa7b77 diff --git a/dist.nuget.bat b/dist.nuget.bat index 627ab606..2e4eefc5 100644 --- a/dist.nuget.bat +++ b/dist.nuget.bat @@ -4,7 +4,7 @@ del *.nupkg del *.snupkg call build.release.bat IF %ERRORLEVEL% NEQ 0 exit /b 1 -call sign3.bat +powershell -ExecutionPolicy Bypass -file sign3.ps1 IF %ERRORLEVEL% NEQ 0 exit /b 1 copy SharpSnmpLib\bin\Release\*.nupkg . copy SharpSnmpLib\bin\Release\*.snupkg . diff --git a/release.ps1 b/release.ps1 index 78be3cf4..1b71f867 100644 --- a/release.ps1 +++ b/release.ps1 @@ -17,28 +17,11 @@ catch { Write-Host "MSBuild doesn't exist. Use VSSetup instead." - Install-Module VSSetup -Scope CurrentUser -Force - Update-Module VSSetup - $instance = Get-VSSetupInstance -All -Prerelease | Select-VSSetupInstance -Latest - $installDir = $instance.installationPath - Write-Host "Found VS in " + $installDir - $msBuild = $installDir + '\MSBuild\Current\Bin\MSBuild.exe' + $msbuild = & "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe" -latest -requires Microsoft.Component.MSBuild -find MSBuild\**\Bin\MSBuild.exe -products * -nologo | select-object -first 1 if (![System.IO.File]::Exists($msBuild)) { - $msBuild = $installDir + '\MSBuild\15.0\Bin\MSBuild.exe' - if (![System.IO.File]::Exists($msBuild)) - { - Write-Host "MSBuild doesn't exist. Exit." - exit 1 - } - else - { - Write-Host "Likely on Windows with VS2017." - } - } - else - { - Write-Host "Likely on Windows with VS2019 or VS2022." + Write-Host "MSBuild doesn't exist. Exit." + exit 1 } Write-Host "MSBuild found. Compile the projects." diff --git a/sign.assembly.ps1 b/sign.assembly.ps1 index 1a986e78..eae911e3 100644 --- a/sign.assembly.ps1 +++ b/sign.assembly.ps1 @@ -1,19 +1,12 @@ -$file = Join-Path $PSScriptRoot "cert.txt" -if (-not (Test-Path $file)) -{ - Write-Host "No certificate specified. Exit." - exit 0 -} +$cert = Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert | Select-Object -First 1 -$cert = Get-Content -Path $file -TotalCount 1 -$foundCert = Test-Certificate -Cert $cert -User -if(!$foundCert) -{ - Write-Host "Certificate doesn't exist. Exit." - exit 0 +if ($cert -eq $null) { + Write-Host "No code signing certificate found in MY store. Exit." + exit 1 } -$signtool="C:\Program Files (x86)\Windows Kits\10\bin\10.0.17134.0\x64\signtool.exe" +$signtool = Get-ChildItem -Path "C:\Program Files (x86)\Windows Kits" -Recurse -Filter "signtool.exe" | Select-Object -First 1 -ExpandProperty FullName +Write-host "Signtool path: $signtool" if (Test-Path $signtool) { Write-Output "sign the assembly" & $signtool sign /tr http://timestamp.digicert.com /td sha256 /fd sha256 /a $args[0] diff --git a/sign3.bat b/sign3.bat deleted file mode 100644 index 17109f7a..00000000 --- a/sign3.bat +++ /dev/null @@ -1,19 +0,0 @@ -set signtool="C:\Program Files (x86)\Windows Kits\10\bin\10.0.17134.0\x64\signtool.exe" -if exist %signtool% ( - mkdir .\SharpSnmpLib\bin\Release - cd .\SharpSnmpLib\bin\Release - for /r %%i in (*.exe *.dll) do ( - %signtool% verify /pa /q "%%i" - @IF %ERRORLEVEL% NEQ 0 PAUSE - ) - cd ..\..\.. - mkdir .\SharpSnmpLib.BouncyCastle\bin\Release - cd .\SharpSnmpLib.BouncyCastle\bin\Release - for /r %%i in (*.exe *.dll) do ( - %signtool% verify /pa /q "%%i" - @IF %ERRORLEVEL% NEQ 0 PAUSE - ) - cd ..\..\.. -) - -exit /b 0 diff --git a/sign3.ps1 b/sign3.ps1 new file mode 100644 index 00000000..135718f9 --- /dev/null +++ b/sign3.ps1 @@ -0,0 +1,24 @@ +$signtool = Get-ChildItem -Path "C:\Program Files (x86)\Windows Kits" -Recurse -Filter "signtool.exe" | Select-Object -First 1 -ExpandProperty FullName +Write-host "Signtool path: $signtool" +if (Test-Path $signtool) { + New-Item -ItemType Directory -Path ".\SharpSnmpLib\bin\Release" -Force | Out-Null + Set-Location -Path ".\SharpSnmpLib\bin\Release" + Get-ChildItem -Recurse -Include *.exe, *.dll | ForEach-Object { + & $signtool verify /pa /q $_.FullName + if ($LASTEXITCODE -ne 0) { + Read-Host "Press Enter to continue..." + } + } + Set-Location -Path "..\..\.." + New-Item -ItemType Directory -Path ".\SharpSnmpLib.BouncyCastle\bin\Release" -Force | Out-Null + Set-Location -Path ".\SharpSnmpLib.BouncyCastle\bin\Release" + Get-ChildItem -Recurse -Include *.exe, *.dll | ForEach-Object { + & $signtool verify /pa /q $_.FullName + if ($LASTEXITCODE -ne 0) { + Read-Host "Press Enter to continue..." + } + } + Set-Location -Path "..\..\.." +} + +Exit 0