win-pvdrivers

changeset 959:3f3cc40cb3ae 0.11.0.350

Updates to build scripts to better support real certificates
author James Harper <james.harper@bendigoit.com.au>
date Sat Dec 24 19:07:22 2011 +1100 (2011-12-24)
parents a37e4179f789
children 20cb40e054c2
files installer.wxs makedist.bat sign.bat sign_config.bat.template wix.bat
line diff
     1.1 --- a/installer.wxs	Sat Dec 24 18:09:16 2011 +1100
     1.2 +++ b/installer.wxs	Sat Dec 24 19:07:22 2011 +1100
     1.3 @@ -43,11 +43,13 @@
     1.4  		    Type="raw" />
     1.5      </Property>
     1.6  
     1.7 -    <?if $(env._BUILDARCH) = AMD64 ?>
     1.8 +    <?ifdef env.CERT_PUBLIC_FILENAME?>
     1.9 +    <?if $(env._BUILDARCH) = AMD64?>
    1.10        <Condition Message="Testsigning must be on for x64 when installing on Vista or newer.">
    1.11          <![CDATA[(VersionNT < 600) OR (SYSTEMSTARTOPTIONS >< "TESTSIGNING")]]>
    1.12        </Condition>
    1.13      <?endif ?>
    1.14 +    <?endif ?>
    1.15  
    1.16      <Directory Id='TARGETDIR' Name='SourceDir'>
    1.17        <Directory Id='ProgramFilesFolder' Name='PFiles'>
    1.18 @@ -117,19 +119,25 @@
    1.19              <?endif ?>
    1.20            </Directory>
    1.21          </Directory>
    1.22 +        <?ifdef env.CERT_PUBLIC_FILENAME?>
    1.23          <Component Id='Cert' Guid='11112EC8-8635-45fb-9AE8-C22310F1E82D'>
    1.24 -          <File Id='gplpv.cer' Name='gplpv.cer' DiskId='1' Source='gplpv.cer' />
    1.25 -          <iis:Certificate Id='gplpv.cer_root' Name='gplpv.cer' Request='no' BinaryKey='gplpv.cer' StoreLocation='localMachine' StoreName='root' Overwrite='no' />
    1.26 -          <iis:Certificate Id='gplpv.cer_trustedPublisher' Name='gplpv.cer' Request='no' BinaryKey='gplpv.cer' StoreLocation='localMachine' StoreName='trustedPublisher' Overwrite='no' />
    1.27 +          <File Id='$(env.CERT_PUBLIC_FILENAME)' Name='$(env.CERT_PUBLIC_FILENAME)' DiskId='1' Source='$(env.CERT_PUBLIC_FILENAME)' />
    1.28 +          <iis:Certificate Id='$(env.CERT_PUBLIC_FILENAME)_root' Name='$(env.CERT_PUBLIC_FILENAME)' Request='no' BinaryKey='$(env.CERT_PUBLIC_FILENAME)' StoreLocation='localMachine' StoreName='root' Overwrite='no' />
    1.29 +          <iis:Certificate Id='$(env.CERT_PUBLIC_FILENAME)_trustedPublisher' Name='$(env.CERT_PUBLIC_FILENAME)' Request='no' BinaryKey='$(env.CERT_PUBLIC_FILENAME)' StoreLocation='localMachine' StoreName='trustedPublisher' Overwrite='no' />
    1.30          </Component>
    1.31 +        <?endif ?>
    1.32        </Directory>
    1.33      </Directory>
    1.34  
    1.35 -    <Binary Id='gplpv.cer' SourceFile='gplpv.cer' />    
    1.36 +    <?ifdef env.CERT_PUBLIC_FILENAME?>
    1.37 +    <Binary Id='$(env.CERT_PUBLIC_FILENAME)' SourceFile='$(env.CERT_PUBLIC_FILENAME)' />
    1.38 +    <?endif ?>
    1.39  
    1.40 +    <?ifdef env.CERT_PUBLIC_FILENAME?>
    1.41      <Feature Id='Cert' Title='Install Certificate' Level='1' AllowAdvertise='no' InstallDefault='local' Absent='allow'>
    1.42        <ComponentRef Id='Cert' />
    1.43      </Feature>
    1.44 +    <?endif ?>
    1.45      <Feature Id='Docs' Title='Install Docs' Level='1' AllowAdvertise='no' InstallDefault='local' Absent='disallow'>
    1.46        <ComponentRef Id='Docs' />
    1.47      </Feature>
     2.1 --- a/makedist.bat	Sat Dec 24 18:09:16 2011 +1100
     2.2 +++ b/makedist.bat	Sat Dec 24 19:07:22 2011 +1100
     2.3 @@ -20,12 +20,20 @@ SET PV_DIR=%CD%
     2.4  
     2.5  SET SIGNTOOL=%DDK_PATH%\bin\x86\signtool.exe
     2.6  IF NOT EXIST %SIGNTOOL% SET SIGNTOOL=%DDK_PATH%\bin\selfsign\signtool.exe
     2.7 -SET CERT_NAME=GPLPV_Test_Cert
     2.8  
     2.9 -REM IF NOT EXIST SIGN_CONFIG.BAT GOTO DONT_SIGN
    2.10 -REM CALL SIGN_CONFIG.BAT
    2.11 -
    2.12 -IF NOT EXIST gplpv.cer "%DDK_PATH%"\bin\selfsign\x86\makecert -r -pe -ss PrivateCertStore -n "CN=GPLPV_Test_Cert" gplpv.cer
    2.13 +SET CERT_FILENAME=
    2.14 +SET CERT_PASSWORD=
    2.15 +SET CERT_CROSS_CERT_FILENAME=
    2.16 +SET CERT_PUBLIC_FILENAME=
    2.17 +IF NOT EXIST SIGN_CONFIG.BAT GOTO DONT_SIGN
    2.18 +CALL SIGN_CONFIG.BAT
    2.19 +IF EXIST %CERT_FILENAME% GOTO :DONT_SIGN
    2.20 +"%DDK_PATH%"\bin\x86\makecert -r -pe -ss PrivateCertStore -n "CN=GPLPV Test Cert" %CERT_PUBLIC_FILENAME%
    2.21 +IF DEFINED CERT_PASSWORD SET CERT_PASSWORD_FLAG=-p %CERT_PASSWORD%
    2.22 +certutil -exportpfx -user -privatekey %CERT_PASSWORD_FLAG% PrivateCertStore "GPLPV Test Cert" "%CERT_FILENAME%
    2.23 +SET CERT_CROSS_CERT_FLAG=
    2.24 +IF DEFINED CERT_CROSS_CERT_FILENAME SET CERT_CROSS_CERT_FLAG=/ac %CERT_CROSS_CERT_FILENAME%
    2.25 +:DONT_SIGN
    2.26  
    2.27  mkdir symbols\%GPLPV_VERSION%
    2.28  
     3.1 --- a/sign.bat	Sat Dec 24 18:09:16 2011 +1100
     3.2 +++ b/sign.bat	Sat Dec 24 19:07:22 2011 +1100
     3.3 @@ -1,4 +1,7 @@
     3.4  @ECHO OFF
     3.5 +
     3.6 +IF NOT EXIST SIGN_CONFIG.BAT GOTO DONT_SIGN
     3.7 +
     3.8  IF %_BUILDARCH%==x86 (SET BUILDDIR=obj%BUILD_ALT_DIR%\i386) ELSE (SET BUILDDIR=obj%BUILD_ALT_DIR%\amd64)
     3.9  IF %DDK_TARGET_OS%==Win2K SET SIGN_OS=2000
    3.10  IF %DDK_TARGET_OS%==WinXP SET SIGN_OS=XP_X86
    3.11 @@ -16,26 +19,26 @@ for /F %%x in ('DIR /B %BASEDIR%\redist\
    3.12  xcopy /D %BASEDIR%\redist\wdf\%_BUILDARCH%\%WDFFILENAME% xenpci\%BUILDDIR%
    3.13  xcopy /D %BASEDIR%\redist\wdf\%_BUILDARCH%\%WDFFILENAME% xenusb\%BUILDDIR%
    3.14  
    3.15 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenpci\%BUILDDIR%\xenpci.sys
    3.16 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenpci\%BUILDDIR%\xenpci.sys
    3.17  %DDK_PATH%\bin\selfsign\inf2cat /driver:xenpci\%BUILDDIR% /os:%SIGN_OS%
    3.18 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenpci\%BUILDDIR%\xenpci.cat
    3.19 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenpci\%BUILDDIR%\xenpci.cat
    3.20  
    3.21 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenvbd\%BUILDDIR%\xenvbd.sys
    3.22 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenvbd\%BUILDDIR%\xenvbd.sys
    3.23  %DDK_PATH%\bin\selfsign\inf2cat /driver:xenvbd\%BUILDDIR% /os:%SIGN_OS%
    3.24 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenvbd\%BUILDDIR%\xenvbd.cat
    3.25 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenvbd\%BUILDDIR%\xenvbd.cat
    3.26  
    3.27 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xennet\%BUILDDIR%\xennet.sys
    3.28 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xennet\%BUILDDIR%\xennet.sys
    3.29  %DDK_PATH%\bin\selfsign\inf2cat /driver:xennet\%BUILDDIR% /os:%SIGN_OS%
    3.30 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xennet\%BUILDDIR%\xennet.cat
    3.31 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xennet\%BUILDDIR%\xennet.cat
    3.32  
    3.33  IF %DDK_TARGET_OS%==Win2K GOTO DONT_SIGN
    3.34  
    3.35 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenscsi\%BUILDDIR%\xenscsi.sys
    3.36 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenscsi\%BUILDDIR%\xenscsi.sys
    3.37  %DDK_PATH%\bin\selfsign\inf2cat /driver:xenscsi\%BUILDDIR% /os:%SIGN_OS%
    3.38 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenscsi\%BUILDDIR%\xenscsi.cat
    3.39 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenscsi\%BUILDDIR%\xenscsi.cat
    3.40  
    3.41 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenusb\%BUILDDIR%\xenusb.sys
    3.42 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenusb\%BUILDDIR%\xenusb.sys
    3.43  %DDK_PATH%\bin\selfsign\inf2cat /driver:xenusb\%BUILDDIR% /os:%SIGN_OS%
    3.44 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll xenusb\%BUILDDIR%\xenusb.cat
    3.45 +%SIGNTOOL% sign /v %CERT_CROSS_CERT_FLAG% /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll xenusb\%BUILDDIR%\xenusb.cat
    3.46  
    3.47  :DONT_SIGN
     4.1 --- a/sign_config.bat.template	Sat Dec 24 18:09:16 2011 +1100
     4.2 +++ b/sign_config.bat.template	Sat Dec 24 19:07:22 2011 +1100
     4.3 @@ -1,6 +1,4 @@
     4.4 -SET CERT_NAME=friendly name of your certificate
     4.5 -
     4.6 -SET CA_CERT_NAME=friendly name of your CA cert
     4.7 -SET CA_CERT_STORE=store of your CA cert (maybe root)
     4.8 -SET CA_CERT_LOCATION=currentUser
     4.9 -REM SET CA_CERT_LOCATION=localMachine
    4.10 +SET CERT_FILENAME=pfx private certificate
    4.11 +SET CERT_PASSWORD=pfx password
    4.12 +SET CERT_CROSS_CERT=MS Cross Signing Certificate (if you have a proper authenticode cert)
    4.13 +SET CERT_PUBLIC_FILENAME=cer public certificate (if you _don't_ have a proper authenticode cert)
     5.1 --- a/wix.bat	Sat Dec 24 18:09:16 2011 +1100
     5.2 +++ b/wix.bat	Sat Dec 24 19:07:22 2011 +1100
     5.3 @@ -1,6 +1,6 @@
     5.4  @ECHO OFF
     5.5  
     5.6 -IF "%_BUILDARCH%"=="x86" (SET DIFXLIB=%WIX%bin\difxapp_x86.wixlib) ELSE (SET DIFXLIB=%WIX%bin\difxapp_x64.wixlib)
     5.7 +IF "%_BUILDARCH%"=="x86" (SET DIFXLIB="%WIX%bin\difxapp_x86.wixlib") ELSE (SET DIFXLIB="%WIX%bin\difxapp_x64.wixlib")
     5.8  
     5.9  IF "%_BUILDARCH%"=="x86" (SET MSIARCH=x32) ELSE (SET MSIARCH=x64)
    5.10  
    5.11 @@ -19,6 +19,6 @@ SET MSINAME=gplpv_%MSIOS%%MSIARCH%_%GPLP
    5.12  for /F %%x in ('DIR /B %BASEDIR%\redist\wdf\%_BUILDARCH%\WdfCoInstaller?????.dll') do set WDFFILENAME=%%x
    5.13  
    5.14  "%WIX%\bin\candle" installer.wxs -ext "%WIX%\bin\WixUIExtension.dll" -ext "%WIX%\bin\WixDifxAppExtension.dll" -ext "%WIX%\bin\WixIIsExtension.dll"
    5.15 -"%WIX%\bin\light.exe" -o %MSINAME% installer.wixobj "%DIFXLIB%" -ext "%WIX%\bin\WixUIExtension.dll" -ext "%WIX%\bin\WixDifxAppExtension.dll" -ext "%WIX%\bin\WixIIsExtension.dll"
    5.16 +"%WIX%\bin\light.exe" -o %MSINAME% installer.wixobj %DIFXLIB% -ext "%WIX%\bin\WixUIExtension.dll" -ext "%WIX%\bin\WixDifxAppExtension.dll" -ext "%WIX%\bin\WixIIsExtension.dll"
    5.17  
    5.18 -%SIGNTOOL% sign /v /s PrivateCertStore /n %CERT_NAME% /t http://timestamp.verisign.com/scripts/timestamp.dll %MSINAME%
    5.19 +%SIGNTOOL% sign /v /f %CERT_FILENAME% %CERT_PASSWORD_FLAG% /t http://timestamp.verisign.com/scripts/timestamp.dll %MSINAME%