Sign all binaries with both signatures and update Zazzles to check those

FOGProject · Jan 26, 2020 · 0852325 · 0852325
1 parent 5794dee
commit 0852325
Show file tree

Hide file tree

Showing 3 changed files with 67 additions and 6 deletions.
diff --git a/BuildTools/SignCodeSec.cmd b/BuildTools/SignCodeSec.cmd
@@ -0,0 +1,7 @@
+@ECHO OFF
+REM sign the file...
+REM https://support.globalsign.com/customer/en/portal/articles/2958314-dual-code-signing
+REM Using signtool.exe from http://cdn1.ksoftware.net/signtool_8.1.zip or full SDK for Win 8.1
+BuildTools\signtool\signtool.exe sign /as /n "FOG Project - Sebastian Roth" /td SHA256 /fd SHA256 %1
+echo SignCodeSec.bat exit code is 0.
+exit /b 0
diff --git a/build.ps1 b/build.ps1
@@ -12,6 +12,7 @@ param(
 	[string]$plink   = "$PSScriptRoot\BuildTools\plink.exe",
 	[string]$pscp    = "$PSScriptRoot\BuildTools\pscp.exe",
 	[string]$signer  = "$PSScriptRoot\BuildTools\SignCode.cmd",
+	[string]$signerSec = "$PSScriptRoot\BuildTools\SignCodeSec.cmd",
 	[string]$sshKey  = "$PSScriptRoot\BuildTools\auth.ppk",
 	[string]$netPath = "C:\Windows\Microsoft.NET\Framework64\v4.0.30319"
 )
@@ -44,6 +45,7 @@ $msiConfig       = "$PSScriptRoot\MSI\MSI.wixproj $buildMode"
 $trayConfig      = "$PSScriptRoot\Tray\Tray.csproj"
 $toSign          = "Zazzles.dll", "Modules.dll", "FOGService.exe", "FOGShutdownGUI.exe", "FOGUpdateHelper.exe", "FOGUpdateWaiter.exe", "FOGUserService.exe", "FOGTray.exe"
 $signExec        = "cmd.exe /c ""$signer"" ""$PSScriptRoot\"
+$signSecExec     = "cmd.exe /c ""$signerSec"" ""$PSScriptRoot\"
 
 $plinkConfig     = "-i ""$sshKey"" $user@$server mkdir $path" + "$channel" + "/" + "$name"
 $pscpConfig      = "-i ""$sshKey"" -r $PSScriptRoot\out\* $user" + "@" + "$server" + ":" + "$path$channel" + "/" + "$name"
@@ -68,6 +70,7 @@ $toZip = "EngineIoClientDotNet.dll", "FOGService.exe", "FOGService.exe.config",
 			"SuperSocket.SocketEngine.dll", "SuperWebSocket.dll", "themes.xml", `
 			"WebSocket4Net.dll", "Zazzles.dll", "Quartz.dll", "Common.Logging.dll", `
 			"Common.Logging.Core.dll", "ICSharpCode.SharpZipLib.dll", "de", "fr", "nl", "no", "eu", "es", "hu", "pt", "cs"
+
 ##################################################
 # Initial Build
 ##################################################
@@ -93,11 +96,24 @@ Copy-Item "$PSScriptRoot\themes.xml" "$PSScriptRoot\bin\themes.xml"
 # Build Installers
 ##################################################
 if ($sign) {
-	Write-Host "Signing Binaries"
+	$currDate = Get-Date
+	$signDate = $currDate.AddDays(-550)
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$signDate'`"";
+	}
+	Write-Host "Signing Binaries with time $signDate"
 	foreach ($file in $toSign) {
 		Write-Host "--> $file"
 		Invoke-Expression($signExec + "bin\$file""") | out-null
 	}
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$currDate'`"";
+	}
+	Write-Host "Signing Binaries with time $currDate"
+	foreach ($file in $toSign) {
+		Write-Host "--> $file"
+		Invoke-Expression($signSecExec + "bin\$file""") | out-null
+	}
 }
 
 Write-Host "Zipping Build for installer"
@@ -120,23 +136,41 @@ Write-Host "Building MSI"
 Invoke-Expression ($msbuild + $msiConfig) | out-null
 $InstallerMSI = "$PSScriptRoot\UniversalInstaller\Scripts\FOGService.msi"
 if ($sign) {
-	Write-Host "Signing MSI"
+	$currDate = Get-Date
+	$signDate = $currDate.AddDays(-550)
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$signDate'`"";
+	}
+	Write-Host "Signing MSI with time $signDate"
 	Invoke-Expression($signExec + "bin\FOGService.msi""") | out-null
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$currDate'`"";
+	}
 }
+
 if (Test-Path $InstallerMSI) { Remove-Item $InstallerMSI }
 Copy-Item "$PSScriptRoot\bin\FOGService.msi" $InstallerMSI
 Copy-Item "$PSScriptRoot\bin\FOGService.msi" "$PSScriptRoot\out\FOGService.msi"
 
 Write-Host "Building Smart Installer"
 Invoke-Expression ($msbuild + $installerConfig) | out-null
 
-
 Write-Host "ILMerging Smart Installer"
 Invoke-Expression ($ilMerge + $smartInstallerMerge )
 
 if ($sign) {
-	Write-Host "Signing Smart Installer"
+	$currDate = Get-Date
+	$signDate = $currDate.AddDays(-550)
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$signDate'`"";
+	}
+	Write-Host "Signing Smart Installer with time $signDate"
 	Invoke-Expression($signExec + "out\SmartInstaller.exe""") | out-null
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$currDate'`"";
+	}
+	Write-Host "Signing Smart Installer with time $currDate"
+	Invoke-Expression($signSecExec + "out\SmartInstaller.exe""") | out-null
 }
 
 ##################################################
@@ -146,8 +180,18 @@ Write-Host "ILMerging Debugger"
 Invoke-Expression ($ilMerge + $debuggerMerge)
 
 if ($sign) {
-	Write-Host "Signing Debugger"
+	$currDate = Get-Date
+	$signDate = $currDate.AddDays(-550)
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$signDate'`"";
+	}
+	Write-Host "Signing Debugger with time $signDate"
 	Invoke-Expression($signExec + "out\Debugger.exe""") | out-null
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$currDate'`"";
+	}
+	Write-Host "Signing Debugger with time $currDate"
+	Invoke-Expression($signSecExec + "out\Debugger.exe""") | out-null
 }
 
 ##################################################
@@ -157,8 +201,18 @@ Write-Host "ILMerging PrinterManagerHelper"
 Invoke-Expression ($ilMerge + $printerMerge)
 
 if ($sign) {
-	Write-Host "Signing PrinterManager Helper"
+	$currDate = Get-Date
+	$signDate = $currDate.AddDays(-550)
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$signDate'`"";
+	}
+	Write-Host "Signing PrinterManager Helper with time $signDate"
 	Invoke-Expression($signExec + "out\PrinterManagerHelper.exe""") | out-null
+	if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+		Start-Process powershell -Verb RunAs -Wait "-NoProfile -ExecutionPolicy Bypass -Command `"Set-Date -Date '$currDate'`"";
+	}
+	Write-Host "Signing PrinterManager Helper with time $currDate"
+	Invoke-Expression($signSecExec + "out\PrinterManagerHelper.exe""") | out-null
 }
 
 

diff --git a/libs/Zazzles.dll b/libs/Zazzles.dll