build: More signatures, more better (ref #3420)

This commit is contained in:
Jakob Borg 2017-11-20 14:54:52 +01:00
parent 0901350087
commit 4a58196959

View File

@ -1098,27 +1098,39 @@ func macosCodesign(file string) {
func windowsCodesign(file string) { func windowsCodesign(file string) {
st := "signtool.exe" st := "signtool.exe"
args := []string{"sign", "/fd", "sha256"}
if path := os.Getenv("CODESIGN_SIGNTOOL"); path != "" { if path := os.Getenv("CODESIGN_SIGNTOOL"); path != "" {
st = path st = path
} }
if f := os.Getenv("CODESIGN_CERTIFICATE_FILE"); f != "" {
args = append(args, "/f", f)
}
if p := os.Getenv("CODESIGN_CERTIFICATE_PASSWORD"); p != "" {
args = append(args, "/p", p)
}
if tr := os.Getenv("CODESIGN_TIMESTAMP_SERVER"); tr != "" {
args = append(args, "/tr", tr, "/td", "sha256")
}
args = append(args, file)
bs, err := runError(st, args...) for i, algo := range []string{"sha1", "sha256"} {
if err != nil { args := []string{"sign", "/fd", algo}
log.Println("Codesign: signing failed:", string(bs)) if f := os.Getenv("CODESIGN_CERTIFICATE_FILE"); f != "" {
return args = append(args, "/f", f)
}
if p := os.Getenv("CODESIGN_CERTIFICATE_PASSWORD"); p != "" {
args = append(args, "/p", p)
}
if tr := os.Getenv("CODESIGN_TIMESTAMP_SERVER"); tr != "" {
switch algo {
case "sha256":
args = append(args, "/tr", tr, "/td", algo)
default:
args = append(args, "/t", tr)
}
}
if i > 0 {
args = append(args, "/as")
}
args = append(args, file)
bs, err := runError(st, args...)
if err != nil {
log.Println("Codesign: signing failed:", string(bs))
return
}
log.Println("Codesign: successfully signed", file, "using", algo)
} }
log.Println("Codesign: successfully signed", file)
} }
func metalint() { func metalint() {