| Steve Dower | 0cd6391 | 2018-12-10 18:52:57 -0800 | [diff] [blame] | 1 | function Find-Tool { |
| 2 | param([string]$toolname) |
| 3 | |
| 4 | $kitroot = (gp 'HKLM:\SOFTWARE\Microsoft\Windows Kits\Installed Roots\').KitsRoot10 |
| 5 | $tool = (gci -r "$kitroot\Bin\*\x64\$toolname" | sort FullName -Desc | select -First 1) |
| 6 | if (-not $tool) { |
| 7 | throw "$toolname is not available" |
| 8 | } |
| 9 | Write-Host "Found $toolname at $($tool.FullName)" |
| 10 | return $tool.FullName |
| 11 | } |
| 12 | |
| 13 | Set-Alias SignTool (Find-Tool "signtool.exe") -Scope Script |
| 14 | |
| 15 | function Sign-File { |
| 16 | param([string]$certname, [string]$certsha1, [string]$certfile, [string]$description, [string[]]$files) |
| 17 | |
| 18 | if (-not $description) { |
| 19 | $description = $env:SigningDescription; |
| 20 | if (-not $description) { |
| 21 | $description = "Python"; |
| 22 | } |
| 23 | } |
| 24 | if (-not $certname) { |
| 25 | $certname = $env:SigningCertificate; |
| 26 | } |
| 27 | if (-not $certfile) { |
| 28 | $certfile = $env:SigningCertificateFile; |
| 29 | } |
| 30 | |
| 31 | foreach ($a in $files) { |
| 32 | if ($certsha1) { |
| 33 | SignTool sign /sha1 $certsha1 /fd sha256 /t http://timestamp.verisign.com/scripts/timestamp.dll /d $description $a |
| 34 | } elseif ($certname) { |
| 35 | SignTool sign /n $certname /fd sha256 /t http://timestamp.verisign.com/scripts/timestamp.dll /d $description $a |
| 36 | } elseif ($certfile) { |
| 37 | SignTool sign /f $certfile /fd sha256 /t http://timestamp.verisign.com/scripts/timestamp.dll /d $description $a |
| 38 | } else { |
| 39 | SignTool sign /a /fd sha256 /t http://timestamp.verisign.com/scripts/timestamp.dll /d $description $a |
| 40 | } |
| 41 | } |
| 42 | } |
| 43 | |