changeset 1071:fc4e1fe4e4d4

(issue116) Sign binaries with test certificate if RELESE_BUILD option is not used
author Andre Heinecke <andre.heinecke@intevation.de>
date Wed, 10 Sep 2014 17:52:11 +0200
parents f110a3f6e387
children 1e429faf7c84
files CMakeLists.txt cinst/CMakeLists.txt ui/CMakeLists.txt ui/tests/CMakeLists.txt
diffstat 4 files changed, 49 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/CMakeLists.txt	Wed Sep 10 16:41:36 2014 +0200
+++ b/CMakeLists.txt	Wed Sep 10 17:52:11 2014 +0200
@@ -38,6 +38,12 @@
 
 find_package(Qt5Widgets)
 
+find_program(OSSLSIGNCODE_EXECUTABLE osslsigncode)
+
+if (WIN32 AND NOT OSSLSIGNCODE_EXECUTABLE)
+   message (STATUS "WARNING: osslsigncode not found. Code verification and code verification tests will fail.")
+endif()
+
 if (NOT WIN32)
    find_package(NSS)
 else ()
--- a/cinst/CMakeLists.txt	Wed Sep 10 16:41:36 2014 +0200
+++ b/cinst/CMakeLists.txt	Wed Sep 10 17:52:11 2014 +0200
@@ -36,6 +36,17 @@
       POST_BUILD
       COMMAND ${CMAKE_STRIP} cinst.exe
    )
+   if (NOT RELEASE_BUILD)
+      add_custom_command(
+         TARGET cinst
+         POST_BUILD
+         COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.pem
+         -key ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.key
+         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/cinst.exe
+         -out ${CMAKE_CURRENT_BINARY_DIR}/cinst-signed.exe &&
+         mv ${CMAKE_CURRENT_BINARY_DIR}/cinst-signed.exe ${CMAKE_CURRENT_BINARY_DIR}/cinst.exe
+         )
+    endif()
 else()
    add_custom_command(
       TARGET cinst
@@ -68,6 +79,17 @@
          POST_BUILD
          COMMAND ${CMAKE_STRIP} mozilla.exe
       )
+      if (NOT RELEASE_BUILD)
+         add_custom_command(
+            TARGET mozilla
+            POST_BUILD
+            COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.pem
+            -key ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.key
+            -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/mozilla.exe
+            -out ${CMAKE_CURRENT_BINARY_DIR}/mozilla-signed.exe &&
+            mv ${CMAKE_CURRENT_BINARY_DIR}/mozilla-signed.exe ${CMAKE_CURRENT_BINARY_DIR}/mozilla.exe
+            )
+       endif()
    else()
       add_custom_command(
          TARGET mozilla
--- a/ui/CMakeLists.txt	Wed Sep 10 16:41:36 2014 +0200
+++ b/ui/CMakeLists.txt	Wed Sep 10 17:52:11 2014 +0200
@@ -236,6 +236,27 @@
       POST_BUILD
       COMMAND ${CMAKE_STRIP} trustbridge-admin.exe
    )
+   if (NOT RELEASE_BUILD)
+      message("Status will sign.")
+      add_custom_command(
+         TARGET trustbridge
+         POST_BUILD
+         COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.pem
+         -key ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.key
+         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/trustbridge.exe
+         -out ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-signed.exe &&
+         mv ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-signed.exe ${CMAKE_CURRENT_BINARY_DIR}/trustbridge.exe
+         )
+      add_custom_command(
+         TARGET trustbridge-admin
+         POST_BUILD
+         COMMAND ${OSSLSIGNCODE_EXECUTABLE} sign -certs ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.pem
+         -key ${CMAKE_SOURCE_DIR}/ui/tests/data/codesign/codesigning.key
+         -h sha256 -in ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-admin.exe
+         -out ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-admin-signed.exe &&
+         mv ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-admin-signed.exe ${CMAKE_CURRENT_BINARY_DIR}/trustbridge-admin.exe
+         )
+    endif()
 else()
    add_custom_command(
       TARGET trustbridge
--- a/ui/tests/CMakeLists.txt	Wed Sep 10 16:41:36 2014 +0200
+++ b/ui/tests/CMakeLists.txt	Wed Sep 10 17:52:11 2014 +0200
@@ -15,7 +15,6 @@
 find_package(Qt5Test)
 include_directories(${Qt5Test_INCLUDE_DIRS})
 find_program(HIAWATHA_EXECUTABLE hiawatha)
-find_program(OSSLSIGNCODE_EXECUTABLE osslsigncode)
 find_program(OPENSSL_EXECUTABLE openssl)
 
 if (NOT HIAWATHA_EXECUTABLE)
@@ -24,10 +23,6 @@
   add_definitions(-DHIAWATHA_EXECUTABLE="${HIAWATHA_EXECUTABLE}")
 endif()
 
-if (WIN32 AND NOT OSSLSIGNCODE_EXECUTABLE)
-   message (STATUS "WARNING: osslsigncode not found. Authenticode tests will not be run.")
-endif()
-
 if (UNIX AND NOT OPENSSL_EXECUTABLE)
    message (STATUS "WARNING: openssl (the tool) not found. Binary verification tests will not be run.")
 endif()

http://wald.intevation.org/projects/trustbridge/