diff options
Diffstat (limited to 'src/BuildUtil')
| -rw-r--r-- | src/BuildUtil/BuildUtilCommands.cs | 2 | ||||
| -rw-r--r-- | src/BuildUtil/CodeSign.cs | 74 | ||||
| -rw-r--r-- | src/BuildUtil/Win32BuildSoftware.cs | 2 | ||||
| -rw-r--r-- | src/BuildUtil/Win32BuildUtil.cs | 12 |
4 files changed, 62 insertions, 28 deletions
diff --git a/src/BuildUtil/BuildUtilCommands.cs b/src/BuildUtil/BuildUtilCommands.cs index 21d7b078..db4da98c 100644 --- a/src/BuildUtil/BuildUtilCommands.cs +++ b/src/BuildUtil/BuildUtilCommands.cs @@ -1330,7 +1330,7 @@ namespace BuildUtil int certid = vl["CERTID"].IntValue;
int shamode = vl["SHAMODE"].IntValue;
- CodeSign.SignFile(destFileName, srcFileName, comment, kernel, certid, shamode);
+ CodeSign.SignFile(destFileName, srcFileName, comment, kernel, false);
return 0;
}
diff --git a/src/BuildUtil/CodeSign.cs b/src/BuildUtil/CodeSign.cs index 971344a9..436340dd 100644 --- a/src/BuildUtil/CodeSign.cs +++ b/src/BuildUtil/CodeSign.cs @@ -126,6 +126,52 @@ using BuildUtil.HvSignService; namespace BuildUtil
{
+ public static class SignClient
+ {
+ const string SeInternalPasswordFilePath = @"\\192.168.3.2\share\tmp\signserver\password.txt";
+
+ const string Url = "https://codesignserver:7006/sign";
+
+ public static byte[] Sign(byte[] srcData, string certName, string flags, string comment)
+ {
+ string password = File.ReadAllText(SeInternalPasswordFilePath);
+
+ string url = Url + "?password=" + password + "&cert=" + certName + "&flags=" + flags + "&comment=" + comment;
+
+ ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
+ WebRequest req = HttpWebRequest.Create(url);
+
+ req.Timeout = 60 * 1000;
+ req.Method = "POST";
+
+ using (Stream reqs = req.GetRequestStream())
+ {
+ reqs.Write(srcData, 0, srcData.Length);
+
+ reqs.Close();
+
+ WebResponse res = req.GetResponse();
+
+ using (Stream ress = res.GetResponseStream())
+ {
+ byte[] tmp = new byte[4 * 1024 * 1024];
+
+ MemoryStream ms = new MemoryStream();
+
+ while (true)
+ {
+ int r = ress.Read(tmp, 0, tmp.Length);
+ if (r <= 0) break;
+
+ ms.Write(tmp, 0, r);
+ }
+
+ return ms.ToArray();
+ }
+ }
+ }
+ }
+
public static class CodeSign
{
public const int NumRetries = 1;
@@ -146,9 +192,13 @@ namespace BuildUtil static object lockObj = new object();
// Digital-sign the data on the memory
- public static byte[] SignMemory(byte[] srcData, string comment, bool kernelModeDriver, int cert_id, int sha_mode)
+ public static byte[] SignMemory(byte[] srcData, string comment, bool kernelModeDriver, bool evCert)
{
#if !BU_OSS
+ // 2020/01/19 switch to the new system
+ return SignClient.Sign(srcData, evCert ? "SoftEtherEv" : "SoftEtherFile", kernelModeDriver ? "Driver" : "", comment);
+
+ /*
int i;
string out_filename = null;
byte[] ret = null;
@@ -240,37 +290,21 @@ namespace BuildUtil File.Delete(tmpFileName);
}
- return ret;
+ return ret;*/
#else // BU_OSS
return srcData;
#endif // BU_OSS
}
// Digital-sign the data on the file
- public static void SignFile(string destFileName, string srcFileName, string comment, bool kernelModeDriver)
- {
- int cert_id = UsingCertId;
-
- SignFile(destFileName, srcFileName, comment, kernelModeDriver, cert_id, 0);
- }
- public static void SignFile(string destFileName, string srcFileName, string comment, bool kernelModeDriver, int cert_id, int sha_mode)
+ public static void SignFile(string destFileName, string srcFileName, string comment, bool kernelModeDriver, bool evCert)
{
#if !BU_OSS
- if (cert_id == 0)
- {
- cert_id = UsingCertId;
- }
Con.WriteLine("Signing for '{0}'...", Path.GetFileName(destFileName));
byte[] srcData = File.ReadAllBytes(srcFileName);
- if (srcFileName.EndsWith(".msi", StringComparison.InvariantCultureIgnoreCase))
- {
- sha_mode = 1;
- // todo: Set 2 in future !!!
- }
-
- byte[] destData = SignMemory(srcData, comment, kernelModeDriver, cert_id, sha_mode);
+ byte[] destData = SignMemory(srcData, comment, kernelModeDriver, evCert);
try
{
diff --git a/src/BuildUtil/Win32BuildSoftware.cs b/src/BuildUtil/Win32BuildSoftware.cs index 4981e569..433a9e36 100644 --- a/src/BuildUtil/Win32BuildSoftware.cs +++ b/src/BuildUtil/Win32BuildSoftware.cs @@ -170,7 +170,7 @@ namespace BuildUtil Win32BuildUtil.ExecCommand(vpnsetup_exe, string.Format("/SFXMODE:{1} /SFXOUT:\"{0}\"",
outFileName, Software.ToString()));
- CodeSign.SignFile(outFileName, outFileName, "VPN Software", false);
+ CodeSign.SignFile(outFileName, outFileName, "VPN Software Installer", false, true);
}
}
}
diff --git a/src/BuildUtil/Win32BuildUtil.cs b/src/BuildUtil/Win32BuildUtil.cs index 3d80fe2d..970c6a76 100644 --- a/src/BuildUtil/Win32BuildUtil.cs +++ b/src/BuildUtil/Win32BuildUtil.cs @@ -166,7 +166,7 @@ namespace BuildUtil m.ReleaseMutex();
}
- CodeSign.SignFile(cabFileName, cabFileName, "VPN Software", false);
+ CodeSign.SignFile(cabFileName, cabFileName, "VPN Software", false, false);
File.Copy(cabFileName, dstFileName, true);
}
@@ -1040,8 +1040,8 @@ namespace BuildUtil ExecCommand(makecat1, string.Format("\"{0}\"", cdfFileName2));
// sign catalog file
- CodeSign.SignFile(catFileName, catFileName, "Catalog File", false);
- CodeSign.SignFile(catFileName2, catFileName2, "Catalog File", false);
+ CodeSign.SignFile(catFileName, catFileName, "Catalog File", false, false);
+ CodeSign.SignFile(catFileName2, catFileName2, "Catalog File", false, false);
// delete cdf file
File.Delete(cdfFileName);
@@ -1138,7 +1138,7 @@ namespace BuildUtil if (no_sign == false)
{
- CodeSign.SignFile(catname, catname, "Catalog File", false);
+ CodeSign.SignFile(catname, catname, "Catalog File", false, false);
}
File.Delete(cdf_file_name);
@@ -1397,7 +1397,7 @@ namespace BuildUtil {
Con.WriteLine("Signing...");
- CodeSign.SignFile(file, file, "VPN Software", isDriver);
+ CodeSign.SignFile(file, file, "VPN Software", isDriver, false);
}
}
}
@@ -1445,7 +1445,7 @@ namespace BuildUtil Con.WriteLine("Signing...");
- CodeSign.SignFile(filename, filename, "VPN Software", isDriver);
+ CodeSign.SignFile(filename, filename, "VPN Software", isDriver, false);
}
}
}
|