cpython/Tools/msi/sdktools.psm1

function Find-Tool {
    param([string]$toolname)

    $kitroot = (gp 'HKLM:\SOFTWARE\Microsoft\Windows Kits\Installed Roots\').KitsRoot10
    $tool = (gci -r "$kitroot\Bin\*\x64\$toolname" | sort FullName -Desc | select -First 1)
    if (-not $tool) {
        throw "$toolname is not available"
    }
    Write-Host "Found $toolname at $($tool.FullName)"
    return $tool.FullName
}

Set-Alias SignTool (Find-Tool "signtool.exe") -Scope Script

function Sign-File {
    param([string]$certname, [string]$certsha1, [string]$certfile, [string]$description, [string[]]$files)

    if (-not $description) {
        $description = $env:SigningDescription;
        if (-not $description) {
            $description = "Python";
        }
    }
    if (-not $certsha1) {
        $certsha1 = $env:SigningCertificateSha1;
    }
    if (-not $certname) {
        $certname = $env:SigningCertificate;
    }
    if (-not $certfile) {
        $certfile = $env:SigningCertificateFile;
    }

    if (-not ($certsha1 -or $certname -or $certfile)) {
        throw "No signing certificate specified"
    }

    foreach ($a in $files) {
        if ($certsha1) {
            SignTool sign /sha1 $certsha1 /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a
        } elseif ($certname) {
            SignTool sign /a /n $certname /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a
        } elseif ($certfile) {
            SignTool sign /f $certfile /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a
        }
    }
}
bpo-34977: Add Windows App Store package (GH-11027) Also adds the PC/layout script for generating layouts on Windows. 2018-12-10 18:52:57 -08:00			`function Find-Tool {`
			`param([string]$toolname)`

			`$kitroot = (gp 'HKLM:\SOFTWARE\Microsoft\Windows Kits\Installed Roots\').KitsRoot10`
			`$tool = (gci -r "$kitroot\Bin\*\x64\$toolname" \| sort FullName -Desc \| select -First 1)`
			`if (-not $tool) {`
			`throw "$toolname is not available"`
			`}`
			`Write-Host "Found $toolname at $($tool.FullName)"`
			`return $tool.FullName`
			`}`

			`Set-Alias SignTool (Find-Tool "signtool.exe") -Scope Script`

			`function Sign-File {`
			`param([string]$certname, [string]$certsha1, [string]$certfile, [string]$description, [string[]]$files)`

			`if (-not $description) {`
			`$description = $env:SigningDescription;`
			`if (-not $description) {`
			`$description = "Python";`
			`}`
			`}`
Enable signing Windows builds with SHA1 environment variable (GH-11279) 2018-12-21 13:48:18 -08:00			`if (-not $certsha1) {`
			`$certsha1 = $env:SigningCertificateSha1;`
			`}`
bpo-34977: Add Windows App Store package (GH-11027) Also adds the PC/layout script for generating layouts on Windows. 2018-12-10 18:52:57 -08:00			`if (-not $certname) {`
			`$certname = $env:SigningCertificate;`
			`}`
			`if (-not $certfile) {`
			`$certfile = $env:SigningCertificateFile;`
			`}`

Allow Windows layout builds to fully skip code signing (GH-12808) 2019-04-12 11:24:15 -07:00			`if (-not ($certsha1 -or $certname -or $certfile)) {`
			`throw "No signing certificate specified"`
			`}`

bpo-34977: Add Windows App Store package (GH-11027) Also adds the PC/layout script for generating layouts on Windows. 2018-12-10 18:52:57 -08:00			`foreach ($a in $files) {`
			`if ($certsha1) {`
Enable signing of nuget.org packages and update to supported timestamp server (GH-23132) 2020-11-03 22:31:49 +00:00			`SignTool sign /sha1 $certsha1 /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a`
bpo-34977: Add Windows App Store package (GH-11027) Also adds the PC/layout script for generating layouts on Windows. 2018-12-10 18:52:57 -08:00			`} elseif ($certname) {`
Enable signing of nuget.org packages and update to supported timestamp server (GH-23132) 2020-11-03 22:31:49 +00:00			`SignTool sign /a /n $certname /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a`
bpo-34977: Add Windows App Store package (GH-11027) Also adds the PC/layout script for generating layouts on Windows. 2018-12-10 18:52:57 -08:00			`} elseif ($certfile) {`
Enable signing of nuget.org packages and update to supported timestamp server (GH-23132) 2020-11-03 22:31:49 +00:00			`SignTool sign /f $certfile /fd sha256 /tr http://timestamp.digicert.com/ /td sha256 /d $description $a`
bpo-34977: Add Windows App Store package (GH-11027) Also adds the PC/layout script for generating layouts on Windows. 2018-12-10 18:52:57 -08:00			`}`
			`}`
			`}`