55 lines
1.2 KiB
JavaScript
55 lines
1.2 KiB
JavaScript
const { execSync } = require('child_process');
|
|
|
|
const {
|
|
SIGN_TOOL_PATH = 'C:\\Program Files (x86)\\Windows Kits\\10\\bin\\x64\\signtool.exe',
|
|
TIMESTAMP_SERVER = 'http://timestamp.digicert.com'
|
|
} = process.env;
|
|
|
|
const SITE = 'https://actualbudget.com/';
|
|
|
|
const importPfx = (certPath, password) => {
|
|
const command = [
|
|
['certutil'],
|
|
['-f'],
|
|
['-p', `"${password}"`],
|
|
['-importPfx', 'My', `"${certPath}"`, 'NoRoot']
|
|
]
|
|
.map(sub => sub.join(' '))
|
|
.join(' ');
|
|
|
|
try {
|
|
execSync(command, { stdio: 'inherit' });
|
|
} catch {
|
|
console.error('Unable to import certificate');
|
|
}
|
|
};
|
|
|
|
const signBinary = (path, name) => {
|
|
const command = [
|
|
[`"${SIGN_TOOL_PATH}"`],
|
|
['sign'],
|
|
['/a'],
|
|
['/s', 'My'],
|
|
['/sm'],
|
|
['/t', `"${TIMESTAMP_SERVER}"`],
|
|
['/d', `"${name}"`],
|
|
['/du', `"${SITE}"`],
|
|
[`"${path}"`]
|
|
]
|
|
.map(sub => sub.join(' '))
|
|
.join(' ');
|
|
|
|
try {
|
|
execSync(command, { stdio: 'inherit' });
|
|
} catch {
|
|
console.error(`Signing ${path} failed`);
|
|
}
|
|
};
|
|
|
|
exports.default = ({ path, name, cscInfo: { file, password } = {} }) => {
|
|
if (!file) return;
|
|
|
|
importPfx(file, password);
|
|
signBinary(path, name, file);
|
|
};
|