csharp/msbuild/ice.sign.targets


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

<?xml version="1.0" encoding="utf-8"?>
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
    <Import Project="$(MSBuildThisFileDirectory)/../../config/ice.common.sign.targets" />
    <PropertyGroup Condition="'$(PUBLIC_KEYFILE)' != '' Or '$(KEYFILE)' != ''">
        <SignAssembly>true</SignAssembly>
        <!-- If PUBLIC_KEYFILE is set we use delay sign to sign the assembly -->
        <DelaySign>true</DelaySign>
        <AssemblyOriginatorKeyFile Condition="'$(PUBLIC_KEYFILE)' != ''">$(PUBLIC_KEYFILE)</AssemblyOriginatorKeyFile>

        <!-- If PUBLIC_KEYFILE is not set sign the assembly using KEYFILE -->
        <DelaySign Condition="'$(PUBLIC_KEYFILE)' == ''">false</DelaySign>
        <AssemblyOriginatorKeyFile Condition="'$(PUBLIC_KEYFILE)' == ''">$(KEYFILE)</AssemblyOriginatorKeyFile>
    </PropertyGroup>

  <Target Name="SignPackage"
          BeforeTargets="CopyFilesToOutputDirectory"
          Condition="'$(OS)' == 'Windows_NT' and Exists('$(SIGN_CERTIFICATE)') and (!Exists('$(IntermediateOutputPath)sign.log') or $([System.IO.File]::GetLastWriteTime('$(IntermediateOutputPath)$(TargetName)$(TargetExt)').Ticks) &gt; $([System.IO.File]::GetLastWriteTime('$(IntermediateOutputPath)sign.log').Ticks))">
    <Message Text="Signing $(IntermediateOutputPath)$(TargetName)$(TargetExt)" />

    <!-- If both KEYFILE and PUBLIC_KEYFILE are set we re-sign the assembly using KEYFILE after it has been build -->
    <Exec Command="sn -Ra &quot;$(IntermediateOutputPath)$(TargetName)$(TargetExt)&quot; &quot;$(KEYFILE)&quot;"
          Condition="'$(KEYFILE)' != '' and '$(PUBLIC_KEYFILE)' != ''" />

    <!-- Authenticode signing -->
    <SignTask
        WorkingDirectory="$(IntermediateOutputPath)"
        AdditionalOptions="$(SignCommandSHA1)"
        Files="$(TargetName)$(TargetExt)"/>

    <SignTask
        WorkingDirectory="$(IntermediateOutputPath)"
        AdditionalOptions="$(SignCommandSHA256)"
        Files="$(TargetName)$(TargetExt)"/>

    <WriteLinesToFile File                = "$(IntermediateOutputPath)sign.log"
                      Encoding            = "Unicode"
                      Overwrite           = "true"
                      Lines               = "Signing $(IntermediateOutputPath)$(TargetName)$(TargetExt)"/>
  </Target>

  <Target Name="SignPackageClean" AfterTargets="Clean" Condition="'$(OS)' == 'Windows_NT' ">
     <Delete Files="$(IntermediateOutputPath)sign.log" />
  </Target>

  <PropertyGroup>
      <BuildDependsOn>
          $(BuildDependsOn);
          SignPackage
      </BuildDependsOn>
  </PropertyGroup>
</Project>