forked from bcgit/bc-csharp
-
Notifications
You must be signed in to change notification settings - Fork 9
/
signfile.bat
31 lines (25 loc) · 1.21 KB
/
signfile.bat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
@echo off
set BatchDir=%~dp0
set Target=%1
set CodesignFile=%BatchDir%BC_codesign.p12
set PasswordFile=%BatchDir%BC_password.txt
set TimestampUrl=http://timestamp.comodoca.com
rem set TimestampUrl=http://timestamp.sectigo.com
set /p CodesignPass=<"%PasswordFile%"
rem TODO Figure out how to locate this automatically, or somehow use the developer command prompt
set SignToolDir=C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64\
set SignTool=%SignToolDir%signtool.exe
echo Preparing to sign %Target%
echo "%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p PASSWORD %Target
rem Timestamp server requires 15 seconds or more between signing requests
rem When publishing need to limit parallel build tasks to 1 in Tools|Options|Projects and Solutions|Build and Run
set attempts=10
:DoWhile
echo %attempts% attempts remaining
echo Waiting for 30 seconds before issuing command (avoid timeserver rejection)
ping -n 30 127.0.0.1 >NUL
"%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p "%CodesignPass%" %Target% && goto EndDoWhile
set /a attempts = %attempts% - 1
if %attempts% gtr 0 goto DoWhile
:EndDoWhile
"%SignTool%" verify /pa /tw %Target%