Commit b9e4c0a8 authored by Thomas Bouffard's avatar Thomas Bouffard

doc(signtool): improve signtool settings

parent bdab91fa
......@@ -8,7 +8,8 @@ Provide a REST endpoint used by our CI to sign MacOs and windows binaries with o
* Up to date Windows OS
* Disable the screen saver and sleep mode !
* Install the [Windows SDK](https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk)
* Install the [Windows SDK](https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk) as the signing process
requires [signtool](https://docs.microsoft.com/en-us/windows/desktop/SecCrypto/signtool)
* Install a JDK 8 and configure your `Path` environment variable
* Install [SafeNetAuthenticationClient](http://drive.google.com/file/d/1nHMH36RMLGzBiJuwD6kZqTouE-yCb8dn/view?usp=sharing_eil&ts=5ad623b0)
* Ensure that `C:\Program Files (x86)\Windows Kits\10\App Certification Kit\` is in the `Path` environment variable (you should be able to run the command `signtool` in powershell)
......
......@@ -25,13 +25,22 @@ class WindowsCodeSign {
private val logger: Log = LogFactory.getLog(javaClass)
fun signWindowsProduct(file: File) : File {
val processBuilder = ProcessBuilder("signtool", "sign", "/tr", "http://timestamp.digicert.com",
"/td", "sha256", "/fd", "sha256", "/a", file.canonicalFile.absolutePath)
logger.info("Signing windows file...")
val signResult = processBuilder.inheritIO().start().waitFor()
// List of sign options available at https://docs.microsoft.com/en-us/windows/desktop/SecCrypto/signtool
val signResult = ProcessBuilder("signtool", "sign",
"/tr", "http://timestamp.digicert.com", //
"/td", "sha256", //
"/fd", "sha256", //
"/a", //
file.canonicalFile.absolutePath)
.inheritIO()
.start()
.waitFor()
logger.info("Signing result: $signResult")
if (signResult == 1) {
throw SignException("An error occurred while signing file.")
}
logger.info("Signing successfully completed")
return file
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment