mirror of
https://github.com/goatcorp/Dalamud.git
synced 2025-12-11 01:37:24 +01:00
71 lines
2.3 KiB
PowerShell
71 lines
2.3 KiB
PowerShell
# Get the certificate and password from environment variables
|
|
$certificateBase64 = $env:CODESIGN_CERT_PFX
|
|
$certificatePassword = $env:CODESIGN_CERT_PASSWORD
|
|
|
|
# Write the certificate to a file
|
|
$certificatePath = Join-Path -Path $env:TEMP -ChildPath 'certificate.pfx'
|
|
$certificateBytes = [Convert]::FromBase64String($certificateBase64)
|
|
[System.IO.File]::WriteAllBytes($certificatePath, $certificateBytes)
|
|
|
|
# Define the function to find the path to signtool.exe
|
|
function Get-SignToolPath {
|
|
# Array of common installation directories for Windows SDK
|
|
$sdkInstallationDirs = @(
|
|
"$env:ProgramFiles (x86)\Windows Kits\10\bin\x64",
|
|
"$env:ProgramFiles\Windows Kits\10\bin\x64",
|
|
"$env:ProgramFiles (x86)\Windows Kits\10\App Certification Kit"
|
|
)
|
|
|
|
foreach ($dir in $sdkInstallationDirs) {
|
|
$path = Join-Path -Path $dir -ChildPath 'signtool.exe'
|
|
#Write-Host $path
|
|
if (Test-Path -Path $path) {
|
|
return $path
|
|
}
|
|
}
|
|
|
|
throw "Could not find signtool.exe. Make sure the Windows SDK is installed."
|
|
}
|
|
|
|
# Find the path to signtool.exe
|
|
$signtoolPath = Get-SignToolPath
|
|
|
|
# Define the function to code-sign a file
|
|
function Sign-File {
|
|
param (
|
|
[Parameter(Mandatory=$true)]
|
|
[String]$FilePath
|
|
)
|
|
|
|
# Check if the file is already code-signed
|
|
$signature = Get-AuthenticodeSignature -FilePath $FilePath -ErrorAction SilentlyContinue
|
|
if ($signature.status -ne "NotSigned") {
|
|
Write-Host "File '$FilePath' is already code-signed. Skipping."
|
|
return
|
|
}
|
|
|
|
# Code-sign the file using signtool
|
|
Write-Host "Code-signing file '$FilePath'..."
|
|
& $signtoolPath sign /tr http://timestamp.digicert.com /td sha256 /v /fd sha256 /f $certificatePath /p $certificatePassword $FilePath
|
|
}
|
|
|
|
# Define the function to recursively code-sign files in a directory
|
|
function Sign-FilesRecursively {
|
|
param (
|
|
[Parameter(Mandatory=$true)]
|
|
[String]$DirectoryPath
|
|
)
|
|
|
|
Write-Host $DirectoryPath
|
|
|
|
# Get all exe and dll files recursively
|
|
dir $DirectoryPath -recurse | where {$_.extension -in ".exe",".dll"} | ForEach-Object {
|
|
Sign-File -FilePath $_.FullName
|
|
}
|
|
}
|
|
|
|
# Usage: Provide the directory path as an argument to sign files recursively
|
|
Sign-FilesRecursively -DirectoryPath $args[0]
|
|
|
|
# Remove the temporary certificate file
|
|
Remove-Item -Path $certificatePath
|