-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsign-package.ps1
More file actions
108 lines (92 loc) · 3.48 KB
/
Copy pathsign-package.ps1
File metadata and controls
108 lines (92 loc) · 3.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Sign NuGet Package Script
# This script signs the TileCanvas NuGet package using the CodingConnected code signing certificate
param(
[Parameter(Mandatory=$false)]
[string]$PackagePath = "",
[Parameter(Mandatory=$false)]
[string]$OutputDirectory = "",
[Parameter(Mandatory=$false)]
[switch]$Overwrite
)
# Certificate details - auto-detect by subject name
$CertificateSubjectName = "CodingConnected e.U."
$TimestampServer = "http://timestamp.sectigo.com" # Required for NuGet packages
# Find package if not specified
if ([string]::IsNullOrEmpty($PackagePath)) {
$PackagePath = Get-ChildItem -Recurse -Filter "*.nupkg" |
Where-Object { $_.Name -like "CodingConnected.WPF.TileCanvas.*" } |
Select-Object -First 1 -ExpandProperty FullName
if ([string]::IsNullOrEmpty($PackagePath)) {
Write-Error "No package found. Please build the package first or specify -PackagePath"
exit 1
}
}
Write-Host "Package to sign: $PackagePath" -ForegroundColor Green
Write-Host "Signing method: Store" -ForegroundColor Green
Write-Host "Searching for certificate: $CertificateSubjectName" -ForegroundColor Green
# Find certificate by subject name (auto-detect thumbprint)
$cert = Get-ChildItem Cert:\CurrentUser\My | Where-Object {
$_.Subject -like "*$CertificateSubjectName*" -and
$_.HasPrivateKey -and
$_.NotAfter -gt (Get-Date)
} | Sort-Object NotAfter -Descending | Select-Object -First 1
if (-not $cert) {
Write-Error "No valid certificate found with subject name '$CertificateSubjectName' in CurrentUser\My store"
Write-Host "Available certificates:" -ForegroundColor Yellow
Get-ChildItem Cert:\CurrentUser\My | Where-Object { $_.HasPrivateKey } | ForEach-Object {
Write-Host " - $($_.Subject) (expires: $($_.NotAfter))" -ForegroundColor Gray
}
exit 1
}
$CertificateThumbprint = $cert.Thumbprint
Write-Host "Found certificate: $($cert.Subject)" -ForegroundColor Green
Write-Host "Thumbprint: $CertificateThumbprint" -ForegroundColor Green
Write-Host "Valid until: $($cert.NotAfter)" -ForegroundColor Green
# Build nuget sign command based on method
$signArgs = @(
"sign"
"`"$PackagePath`""
"-Timestamper"
$TimestampServer
"-HashAlgorithm"
"SHA256"
"-TimestampHashAlgorithm"
"SHA256"
"-Verbosity"
"detailed"
)
$signArgs += @(
"-CertificateFingerprint"
$CertificateThumbprint
)
if (-not [string]::IsNullOrEmpty($OutputDirectory)) {
$signArgs += @("-OutputDirectory", "`"$OutputDirectory`"")
}
if ($Overwrite) {
$signArgs += "-Overwrite"
}
# Execute signing
Write-Host "Executing: nuget $($signArgs -join ' ')" -ForegroundColor Yellow
Write-Host ""
try {
& nuget $signArgs
if ($LASTEXITCODE -eq 0) {
Write-Host ""
Write-Host "Package signed successfully!" -ForegroundColor Green
# Verify the signature
Write-Host "Verifying signature..." -ForegroundColor Yellow
$verifyResult = & nuget verify -Signatures $PackagePath 2>&1
if ($LASTEXITCODE -eq 0) {
Write-Host "Signature verification successful!" -ForegroundColor Green
} else {
Write-Host "Signature verification had issues:" -ForegroundColor Yellow
Write-Host $verifyResult
}
} else {
Write-Host "Package signing failed with exit code $LASTEXITCODE" -ForegroundColor Red
exit $LASTEXITCODE
}
} catch {
Write-Host "Error signing package: $_" -ForegroundColor Red
exit 1
}