From 95996f89daa928dd2b6d8dccfc34cbb04d39730c Mon Sep 17 00:00:00 2001 From: Sam Xu Date: Tue, 6 Apr 2021 14:28:24 -0700 Subject: [PATCH] Update the ESRP code signing script --- azure-pipelines.yml | 140 ++++++++++++++++++-------------------------- 1 file changed, 56 insertions(+), 84 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d05a78d..ab2a0f9 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -117,90 +117,62 @@ steps: Pattern: '$(mainDll)' signConfigType: inlineSignParams inlineOperation: | - [ -   { -     "keyCode": "MSSharedLibSnKey", -     "operationSetCode": "StrongNameSign", -     "parameters": null, -     "toolName": "sn.exe", -     "toolVersion": "V4.6.1586.0" -   }, -   { -     "keyCode": "MSSharedLibSnKey", -     "operationSetCode": "StrongNameVerify", -     "parameters": null, -     "toolName": "sn.exe", -     "toolVersion": "V4.6.1586.0" -   }, -   { -     "keyCode": "CP-230012", -     "operationSetCode": "SigntoolSign", -     "parameters": [ -     { -       "parameterName": "OpusName", -       "parameterValue": "TestSign" -     }, -     { -       "parameterName": "OpusInfo", -       "parameterValue": "http://test" -     }, -     { -       "parameterName": "PageHash", -       "parameterValue": "/NPH" -     }, -     { -       "parameterName": "TimeStamp", -       "parameterValue": "/t \"http://ts4096.gtm.microsoft.com/TSS/AuthenticodeTS\"" -     } -     ], -     "toolName": "signtool.exe", -     "toolVersion": "6.2.9304.0" -   }, -   { -     "keyCode": "CP-230012", -     "operationSetCode": "SigntoolSign", -     "parameters": [ -     { -       "parameterName": "OpusName", -       "parameterValue": "TestSign" -     }, -     { -       "parameterName": "OpusInfo", -       "parameterValue": "http://test" -     }, -     { -       "parameterName": "Append", -       "parameterValue": "/AS" -     }, -     { -       "parameterName": "PageHash", -       "parameterValue": "/NPH" -     }, -     { -       "parameterName": "FileDigest", -       "parameterValue": "/fd sha256" -     }, -     { -       "parameterName": "TimeStamp", -       "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" -     } -     ], -     "toolName": "signtool.exe", -     "toolVersion": "6.2.9304.0" -   }, -   { -     "keyCode": "CP-230012", -     "operationSetCode": "SigntoolVerify", -     "parameters": [ -     { -       "parameterName": "VerifyAll", -       "parameterValue": "/all" -     } - ], -     "toolName": "signtool.exe", -     "toolVersion": "6.2.9304.0" -   } - ] + [ + { + "keyCode": "MSSharedLibSnKey", + "operationSetCode": "StrongNameSign", + "parameters": null, + "toolName": "sn.exe", + "toolVersion": "V4.6.1586.0" + }, + { + "keyCode": "MSSharedLibSnKey", + "operationSetCode": "StrongNameVerify", + "parameters": null, + "toolName": "sn.exe", + "toolVersion": "V4.6.1586.0" + }, + { + "keyCode": "CP-230012", + "operationSetCode": "SigntoolSign", + "parameters": [ + { + "parameterName": "OpusName", + "parameterValue": "Microsoft" + }, + { + "parameterName": "OpusInfo", + "parameterValue": "http://www.microsoft.com" + }, + { + "parameterName": "PageHash", + "parameterValue": "/NPH" + }, + { + "parameterName": "FileDigest", + "parameterValue": "/fd sha256" + }, + { + "parameterName": "TimeStamp", + "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256" + } + ], + "toolName": "signtool.exe", + "toolVersion": "6.2.9304.0" + }, + { + "keyCode": "CP-230012", + "operationSetCode": "SigntoolVerify", + "parameters": [ + { + "parameterName": "VerifyAll", + "parameterValue": "/all" + } + ], + "toolName": "signtool.exe", + "toolVersion": "6.2.9304.0" +   } + ] VerboseLogin: true - task: CopyFiles@2