Last active
October 26, 2018 14:29
-
-
Save realslacker/994dcc0ea9697ac095fa16a1cc3af91a to your computer and use it in GitHub Desktop.
Detects and uses the 'signtool.exe' from the Windows SDK/ADK to sign a file with your code signing certificate when you drag and drop file(s) onto the batch file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @ECHO OFF | |
| REM Note that I have issues getting the Windows 10 SDK version of signtool to run, | |
| REM so I usually install the Windows 7.1 SDK version of signtool. | |
| REM | |
| REM Download: https://www.microsoft.com/en-us/download/details.aspx?id=8279 | |
| REM Install Feature: Windows Native Code Development\Tools | |
| REM | |
| REM NOTE: If you have problems installing the Windows 7.1 SDK it may be because | |
| REM you already have the VC++ 2010 runtime libraries installed. | |
| REM | |
| REM If you run into issues: | |
| REM | |
| REM 1. Remove the run VC++ 2010 runtimes | |
| REM 2. Install the SDK, excluding the runtimes | |
| REM 3. Install this patch: | |
| REM http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=4422 | |
| REM 4. Reinstall the VC++ 2010 runtimes: | |
| REM x86 - http://www.microsoft.com/en-us/download/details.aspx?id=5555 | |
| REM x64 - http://www.microsoft.com/en-us/download/details.aspx?id=14632 | |
| REM path to signtool.exe | |
| IF EXIST "%ProgramFiles(x86)%\Windows Kits\10\bin\x64\signtool.exe" ( | |
| SET signtoolpath="%ProgramFiles(x86)%\Windows Kits\10\bin\x64\signtool.exe" | |
| GOTO SIGNFILE | |
| ) | |
| IF EXIST "%ProgramFiles(x86)%\Windows Kits\10\bin\x86\signtool.exe" ( | |
| SET signtoolpath="%ProgramFiles(x86)%\Windows Kits\10\bin\x64\signtool.exe" | |
| GOTO SIGNFILE | |
| ) | |
| IF EXIST "%ProgramFiles%\Microsoft SDKs\Windows\v7.1\Bin\signtool.exe" ( | |
| SET signtoolpath="%ProgramFiles%\Microsoft SDKs\Windows\v7.1\Bin\signtool.exe" | |
| GOTO SIGNFILE | |
| ) | |
| :TOOLERROR | |
| ECHO Could not find 'signtool.exe', please make sure you have installed the Windows SDK. | |
| GOTO EXITERROR | |
| :NOFILEERROR | |
| ECHO You must supply a file as an argument to this script. | |
| GOTO EXITERROR | |
| :MISSINGERROR | |
| ECHO The file '%1' doesn't exist! | |
| GOTO EXITERROR | |
| :SIGNERROR | |
| ECHO There was an error signing the file '%1'! | |
| GOTO EXITERROR | |
| :EXITERROR | |
| ECHO. | |
| PAUSE | |
| EXIT 1 | |
| :SIGNFILE | |
| IF [%1] == [] GOTO NOFILEERROR | |
| REM the signing digest to use, windows 10 like sha256+ best | |
| SET signingdigest=sha256 | |
| REM the time stamp server to use | |
| SET timestampserver=http://timestamp.digicert.com | |
| SET timestampdigest=sha256 | |
| ECHO Signtool: %signtoolpath% | |
| ECHO Signing Digest: %signingdigest% | |
| ECHO Timestamp Server: %timestampserver% | |
| ECHO Timestamp Digest: %timestampdigest% | |
| ECHO. | |
| :SIGNLOOP | |
| REM check that the file exists | |
| IF NOT EXIST %1 GOTO MISSINGERROR | |
| ECHO Signing File: %1 | |
| %signtoolpath% sign /tr %timestampserver% /td %timestampdigest% /fd %signingdigest% %1 > NUL 2>&1 | |
| IF %ERRORLEVEL% GTR 0 GOTO SIGNERROR | |
| SHIFT | |
| IF NOT [%1] == [] GOTO SIGNLOOP | |
| :FINISHED | |
| ECHO. | |
| PAUSE |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment