Skip to content

Commit

Permalink
Add retries to make signing more reliable
Browse files Browse the repository at this point in the history
  • Loading branch information
@peterdettman
peterdettman committed Jan 31, 2024
1 parent 831a484 commit 0b52881
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 7 deletions.
3 changes: 2 additions & 1 deletion crypto/src/BouncyCastle.Crypto.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@
</PropertyGroup>
</Target>
<Target Name="SignAssemblies" AfterTargets="PostBuildEvent" Condition="'$(Configuration)'=='Publish'">
<Exec Command="call &quot;$(ProjectDir)..\..\signfile.bat&quot; &quot;$(TargetPath)&quot;" />
<Exec Command="call &quot;$(ProjectDir)..\..\signfile.bat&quot; &quot;$(TargetPath)&quot;"
IgnoreStandardErrorWarningFormat="true" />
</Target>
</Project>
17 changes: 11 additions & 6 deletions signfile.bat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,18 @@ set SignToolDir=C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64\
set SignTool=%SignToolDir%signtool.exe

echo Preparing to sign %Target%
echo "%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p "%CodesignPass%" %Target% || exit /b 1
echo Waiting for 20 seconds before issuing command (avoid timeserver rejection)
echo "%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p PASSWORD %Target

rem Timestamp server requires 15 seconds or more between signing requests
rem When publishing need to limit parallel build tasks to 1 in Tools|Options|Projects and Solutions|Build and Run
ping -n 20 127.0.0.1 >NUL
set attempts=10
:DoWhile
echo %attempts% attempts remaining
echo Waiting for 30 seconds before issuing command (avoid timeserver rejection)
ping -n 30 127.0.0.1 >NUL
"%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p "%CodesignPass%" %Target% && goto EndDoWhile
set /a attempts = %attempts% - 1
if %attempts% gtr 0 goto DoWhile
:EndDoWhile

"%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p "%CodesignPass%" %Target% || exit /b 1

"%SignTool%" verify /pa /tw %Target% || exit /b 1
"%SignTool%" verify /pa /tw %Target%

0 comments on commit 0b52881

Please sign in to comment.