jellyfin/jellyfin-media-player
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin-media-player.git synced 2024-11-27 00:00:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
jellyfin-media-player/scripts/WindowsSign.cmd
Vincent Lang b283cda603 Update WindowsSign.cmd from PMS 
Fixes the Windows CI builds.
2016-10-19 15:48:24 +02:00

106 lines
3.4 KiB
Batchfile
Raw Permalink Blame History

@echo off
rem
rem Usage - Sign.cmd <target file>
rem
setlocal
echo --- BEGIN: sign.bat -------------------------------------
set TargetFile=%~1
if not exist "%TargetFile%" (
echo FATAL ERROR - %TargetFile% does not exist and cannot be signed
echo --- END: sign.bat -------------------------------------
exit /b 1
)
for %%i in ("%TargetFile%") do set TargetFileExtension="%%~xi"
if "%SigningCertSha256%" == "" (
set SigningCertSha256=%~dp0PlexOfficialSPC_sha256.pfx
)
if not exist "%SigningCertSha256%" (
set SigningCertSha256=%~dp0PlexTestSPC.pfx
)
echo Signing with %SigningCertSha256%
set TimestampErrors=0
rem Create timestamp server lists... All servers on this list support both RFC 3161 and non-RFC variants
set ServerListRfc3161=(http://timestamp.digicert.com,http://timestamp.globalsign.com/scripts/timestamp.dll,http://timestamp.comodoca.com)
rem Signing files SHA256 with the SHA256 cert
echo Adding SHA256 signature to %TargetFile%...
call :SignFile "%SigningCertSha256%" "%SigningCertPasswordSha256%" sha256 0 "%TargetFile%" "%ServerListRfc3161%" sha256
if errorlevel 1 goto SignFailed
echo Verifying signature...
signtool.exe verify /pa "%TargetFile%"
if errorlevel 1 (
echo FATAL ERROR - could not verify signature for %TargetFile%. There were %TimestampErrors% timestamping errors.
echo --- END: sign.bat ------------------------------------------------------------
exit /b 1
) else (
echo --- END: sign.bat ------------------------------------------------------------
exit /b 0
)
:SignFailed
REM return an error code...
echo FAILED: FATAL ERROR - signing %TargetFile% failed. There were %TimestampErrors% timestamping errors.
echo --- END: sign.bat -------------------------------------------------------------
exit /b 1
rem When timestamping a file, signtool will fail when the timestamp server doesn't respond. So we retry in a loop, in an attempt to reduce spurious failures.
rem When running signtool, we redirect output to null because signtool.exe may inadvertently output the word "error", causing msbuild to fail the build.
:SignFile
setlocal
set CertFilePath=%1
set CertPassword=%~2
set SignatureHashAlgorithm=%3
set AppendSignature=%4
set TargetFilePath=%5
set TimestampServerList=%~6
set Rfc3161HashAlgorithm=%7
rem Compute password args
if "%CertPassword%" neq "" (
set PasswordArgs=/p %CertPassword%
) else (
set PasswordArgs=
)
rem Compute append args
if "%AppendSignature%" == "1" (
set AppendSignatureArgs=/as
) else (
set AppendSignatureArgs=
)
rem Compute timestamp server args
set TimestampArg1=/tr
set TimestampArg2=/td %Rfc3161HashAlgorithm%
for /L %%a in (1,1,300) do (
for %%s in %TimestampServerList% do (
rem echo signtool.exe sign %AppendSignatureArgs% /fd %SignatureHashAlgorithm% %TimestampArg1% %%s %TimestampArg2% /f %CertFilePath% %PasswordArgs% %TargetFilePath%
signtool.exe sign %AppendSignatureArgs% /fd %SignatureHashAlgorithm% %TimestampArg1% %%s %TimestampArg2% /f %CertFilePath% %PasswordArgs% %TargetFilePath% > NUL 2>&1
if errorlevel 0 if not errorlevel 1 goto SignFileSuccess
echo Signing attempt %%a failed. Probably cannot find the timestamp server at %%s
set /a TimestampErrors+=1
)
echo Waiting 1 second...
choice /N /T:1 /D:Y >NUL
)
endlocal
exit /b 1
:SignFileSuccess
echo Signing succeeded
endlocal
exit /b 0
Reference in New Issue View Git Blame Copy Permalink