GoaLitiuM/FlaxEngine
1
0
Fork 0
Code Issues Pull Requests Actions 7 Packages Projects Releases Wiki Activity

Update code signing to support sign with identity on Windows

Browse Source
This commit is contained in:
Wojtek Figat
2025-04-14 22:47:40 +02:00
parent cfc90d1ddf
commit b25881d55e
2 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Source/Tools/Flax.Build/Deploy/Deployer.cs
View File

@@ -36,15 +36,15 @@ namespace Flax.Build
public static bool DeployPlatforms; public static bool DeployPlatforms;
/// <summary> /// <summary>
/// Certificate file path for binaries signing. Or sign identity for Apple platforms. /// Certificate file path or signer identity for binaries code signing.
/// </summary> /// </summary>
[CommandLine("deployCert", "Certificate file path for binaries signing. Or sign identity for Apple platforms.")] [CommandLine("deployCert", "Certificate file path or signer identity for binaries code signing.")]
public static string DeployCert; public static string DeployCert;
/// <summary> /// <summary>
/// Certificate file password for binaries signing. /// Certificate password for binaries code signing.
/// </summary> /// </summary>
[CommandLine("deployCertPass", "Certificate file password for binaries signing.")] [CommandLine("deployCertPass", "Certificate password for binaries code signing.")]
public static string DeployCertPass; public static string DeployCertPass;
/// <summary> /// <summary>

25
Source/Tools/Flax.Build/Deploy/VCEnvironment.cs
View File

@@ -278,12 +278,14 @@ namespace Flax.Deploy
Utilities.Run(msBuild, cmdLine); Utilities.Run(msBuild, cmdLine);
} }
internal static void CodeSign(string file, string certificatePath, string certificatePass) internal static void CodeSign(string file, string certificate, string password)
{ {
if (!File.Exists(file)) if (!File.Exists(file))
throw new FileNotFoundException("Missing file to sign.", file); throw new FileNotFoundException("Missing file to sign.", file);
if (!File.Exists(certificatePath)) if (string.IsNullOrEmpty(certificate))
throw new FileNotFoundException("Missing certificate to sign with.", certificatePath); throw new Exception("Missing certificate to sign.");
// Get path to signtool
var sdks = WindowsPlatformBase.GetSDKs(); var sdks = WindowsPlatformBase.GetSDKs();
if (sdks.Count == 0) if (sdks.Count == 0)
throw new Exception("No Windows SDK found. Cannot sign file."); throw new Exception("No Windows SDK found. Cannot sign file.");
@@ -306,7 +308,22 @@ namespace Flax.Deploy
// Ignore version formatting exception // Ignore version formatting exception
} }
} }
var cmdLine = string.Format("sign /debug /f \"{0}\" /p \"{1}\" /tr http://timestamp.comodoca.com /td sha256 /fd sha256 \"{2}\"", certificatePath, certificatePass, file);
// Sign code
string cmdLine;
var time = "/tr http://time.certum.pl /td sha256";
if (File.Exists(certificate))
{
// Sign with certificate from file
cmdLine = $"sign /debug /f \"{certificate}\" {time} /fd sha256 \"{file}\"";
if (!string.IsNullOrEmpty(password))
cmdLine += $" /p \"{password}\"";
}
else
{
// Sign with identity
cmdLine = $"sign /debug /n \"{certificate}\" {time} /fd sha256 /v \"{file}\"";
}
Utilities.Run(signtool, cmdLine, null, null, Utilities.RunOptions.Default | Utilities.RunOptions.ThrowExceptionOnError); Utilities.Run(signtool, cmdLine, null, null, Utilities.RunOptions.Default | Utilities.RunOptions.ThrowExceptionOnError);
} }
} }