2018-12-11 02:52:57 +00:00
|
|
|
function Find-Tool {
|
|
|
|
param([string]$toolname)
|
|
|
|
|
|
|
|
$kitroot = (gp 'HKLM:\SOFTWARE\Microsoft\Windows Kits\Installed Roots\').KitsRoot10
|
|
|
|
$tool = (gci -r "$kitroot\Bin\*\x64\$toolname" | sort FullName -Desc | select -First 1)
|
|
|
|
if (-not $tool) {
|
|
|
|
throw "$toolname is not available"
|
|
|
|
}
|
|
|
|
Write-Host "Found $toolname at $($tool.FullName)"
|
|
|
|
return $tool.FullName
|
|
|
|
}
|
|
|
|
|
|
|
|
Set-Alias SignTool (Find-Tool "signtool.exe") -Scope Script
|
|
|
|
|
|
|
|
function Sign-File {
|
|
|
|
param([string]$certname, [string]$certsha1, [string]$certfile, [string]$description, [string[]]$files)
|
|
|
|
|
|
|
|
if (-not $description) {
|
|
|
|
$description = $env:SigningDescription;
|
|
|
|
if (-not $description) {
|
|
|
|
$description = "Python";
|
|
|
|
}
|
|
|
|
}
|
2018-12-21 21:48:18 +00:00
|
|
|
if (-not $certsha1) {
|
|
|
|
$certsha1 = $env:SigningCertificateSha1;
|
|
|
|
}
|
2018-12-11 02:52:57 +00:00
|
|
|
if (-not $certname) {
|
|
|
|
$certname = $env:SigningCertificate;
|
|
|
|
}
|
|
|
|
if (-not $certfile) {
|
|
|
|
$certfile = $env:SigningCertificateFile;
|
|
|
|
}
|
|
|
|
|
2019-04-12 18:24:15 +00:00
|
|
|
if (-not ($certsha1 -or $certname -or $certfile)) {
|
|
|
|
throw "No signing certificate specified"
|
|
|
|
}
|
|
|
|
|
2018-12-11 02:52:57 +00:00
|
|
|
foreach ($a in $files) {
|
|
|
|
if ($certsha1) {
|
2020-11-03 22:31:49 +00:00
|
|
|
SignTool sign /sha1 $certsha1 /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a
|
2018-12-11 02:52:57 +00:00
|
|
|
} elseif ($certname) {
|
2020-11-03 22:31:49 +00:00
|
|
|
SignTool sign /a /n $certname /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a
|
2018-12-11 02:52:57 +00:00
|
|
|
} elseif ($certfile) {
|
2020-11-03 22:31:49 +00:00
|
|
|
SignTool sign /f $certfile /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a
|
2018-12-11 02:52:57 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|