Amebis/ZRCola
Amebis/ZRCola
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 49 Wiki Activity

Digital signatures reverted to SHA-1 for Windows XP and Vista support

Browse Source
This commit is contained in:
Simon Rozman 2016-05-24 10:31:11 +02:00
parent 91c44c388f
commit 8f10cff923
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/Debug.props
View File

@ -41,7 +41,13 @@
<ItemGroup />
<Target Name="Sign" Condition="'$(ManifestCertificateThumbprint)' != '' and ('$(ConfigurationType)' == 'Application' or '$(ConfigurationType)' == 'DynamicLibrary')" AfterTargets="_Manifest" BeforeTargets="RegisterOutput" Inputs="$(OutDir)$(TargetName)$(TargetExt)" Outputs="$(IntDir)$(TargetName).sign">
<Message Text="Signing output file..." />
<SignFile CertificateThumbprint="$(ManifestCertificateThumbprint)" SigningTarget="$(OutDir)$(TargetName)$(TargetExt)" />
<!--
To make Windows XP and Vista compliant signatures, the binaries have to be signed using SHA1.
<SignFile> switches to SHA256 if the signing certificate is SHA256.
Reverted to signtool.exe until we can drop Windows XP and Vista support.
-->
<!--<SignFile CertificateThumbprint="$(ManifestCertificateThumbprint)" SigningTarget="$(OutDir)$(TargetName)$(TargetExt)" />-->
<Exec Command="signtool.exe sign /du &quot;http://www.amebis.si&quot; /sha1 &quot;%ManifestCertificateThumbprint%&quot; /fd sha1 /q &quot;$(TargetPath)&quot;" />
<Touch Files="$(IntDir)$(TargetName).sign" AlwaysCreate="true" />
</Target>
</Project>

8
include/Release.props
View File

@ -61,7 +61,13 @@
<ItemGroup />
<Target Name="Sign" Condition="'$(ManifestCertificateThumbprint)' != '' and ('$(ConfigurationType)' == 'Application' or '$(ConfigurationType)' == 'DynamicLibrary')" AfterTargets="_Manifest" BeforeTargets="RegisterOutput" Inputs="$(OutDir)$(TargetName)$(TargetExt)" Outputs="$(IntDir)$(TargetName).sign">
<Message Text="Signing output file..." />
<SignFile CertificateThumbprint="$(ManifestCertificateThumbprint)" TimestampUrl="$(ManifestTimestampUrl)" SigningTarget="$(OutDir)$(TargetName)$(TargetExt)" />
<!--
To make Windows XP and Vista compliant signatures, the binaries have to be signed using SHA1.
<SignFile> switches to SHA256 if the signing certificate is SHA256.
Reverted to signtool.exe until we can drop Windows XP and Vista support.
-->
<!--<SignFile CertificateThumbprint="$(ManifestCertificateThumbprint)" TimestampUrl="$(ManifestTimestampUrl)" SigningTarget="$(OutDir)$(TargetName)$(TargetExt)" />-->
<Exec Command="signtool.exe sign /du &quot;http://www.amebis.si&quot; /sha1 &quot;%ManifestCertificateThumbprint%&quot; /fd sha1 /t &quot;%ManifestTimestampUrl%&quot; /q &quot;$(TargetPath)&quot;" />
<Touch Files="$(IntDir)$(TargetName).sign" AlwaysCreate="true" />
</Target>
</Project>