File: SignFiles.cmake.in

package info (click to toggle)
ausweisapp2 2.4.1-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 23,632 kB
  • sloc: cpp: 114,622; python: 2,833; xml: 1,426; java: 923; sh: 186; makefile: 7
file content (126 lines) | stat: -rw-r--r-- 3,903 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
 
cmake_minimum_required(VERSION 3.25)

if(APPLE AND NOT IOS)
	string(FIND "${CMAKE_BINARY_DIR}" "DragNDrop" IS_DMG)
	if(IS_DMG EQUAL -1)
		message("Using AppStore certificate")
		set(SIGNTOOL_PARAMS -s "3rd Party Mac Developer Application: Governikus GmbH & Co. KG (G7EQCJU4BR)" @SIGNTOOL_PARAMS@)
	else()
		message("Using Distribution certificate")
		set(SIGNTOOL_PARAMS -s "Developer ID Application: Governikus GmbH & Co. KG (G7EQCJU4BR)" @SIGNTOOL_PARAMS@)
	endif()
else()
	set(SIGNTOOL_PARAMS @SIGNTOOL_PARAMS@)
endif()

function(IS_SIGNED _result _file)
	if(APPLE)
		execute_process(COMMAND "@SIGNTOOL_CMD@" ${SIGNTOOL_PARAMS} --dryrun ${_file}
						ERROR_VARIABLE _output
						OUTPUT_QUIET
						WORKING_DIRECTORY "${CMAKE_BINARY_DIR}")
		set(_success "is already signed")

	elseif(WIN32)
		execute_process(COMMAND "@SIGNTOOL_CMD@" verify /pa ${file}
						OUTPUT_VARIABLE _output
						ERROR_QUIET
						WORKING_DIRECTORY "${CMAKE_BINARY_DIR}")
		set(_success "Successfully verified: ")

	else()
		message(FATAL_ERROR "Platform not supported")
	endif()

	if("${_output}" MATCHES "${_success}")
		set(${_result} TRUE PARENT_SCOPE)
	else()
		set(${_result} FALSE PARENT_SCOPE)
	endif()
endfunction()


function(CREATE_PARAMETER _output_param _output_remain _input)
	set(param)
	set(remain)

	foreach(file ${_input})
		unset(signed)
		IS_SIGNED(signed "${file}")
		if(signed)
			message(STATUS "File is already signed: ${file}")
			continue()
		endif()

		# Avoid max parameter length
		# Windows has a limit of 8191
		string(LENGTH "${param} ${file}" len)
		if(len LESS 7500)
			list(APPEND param ${file})
		else()
			list(APPEND remain ${file})
		endif()
	endforeach()

	set(${_output_param} ${param} PARENT_SCOPE)
	set(${_output_remain} ${remain} PARENT_SCOPE)
endfunction()



if(APPLE)
	set(FILE_EXTENSIONS *.dylib ${SIGN_EXT})
elseif(WIN32)
	set(FILE_EXTENSIONS *.dll ${SIGN_EXT})
else()
	message(FATAL_ERROR "Platform not supported")
endif()

message(STATUS "Sign in directory: ${CMAKE_BINARY_DIR}")
file(GLOB_RECURSE FILES RELATIVE "${CMAKE_BINARY_DIR}" ${FILE_EXTENSIONS})
if(APPLE)
	list(APPEND FILE_EXTENSIONS *.framework)
	file(GLOB_RECURSE DIRECTORIES LIST_DIRECTORIES true RELATIVE "${CMAKE_BINARY_DIR}" *)
	foreach(entry ${DIRECTORIES})
		if(${entry} MATCHES ".framework$")
			list(APPEND FILES ${entry})
		endif()
	endforeach()
endif()
message(STATUS "Sign extensions: ${FILE_EXTENSIONS}")
message(STATUS "Sign: ${FILES}")


while(FILES)
	CREATE_PARAMETER(param remain "${FILES}")

	if(param)
		message(STATUS "Call signtool with files: ${param}")
		execute_process(COMMAND "@SIGNTOOL_CMD@" ${SIGNTOOL_PARAMS} ${param} RESULT_VARIABLE _result  WORKING_DIRECTORY "${CMAKE_BINARY_DIR}")
		if(NOT ${_result} EQUAL 0)
			message(FATAL_ERROR "Cannot sign: ${param}")
		endif()
	else()
		message(WARNING "Every file is already signed")
		break()
	endif()

	set(FILES ${remain})
endwhile()

if(APPLE AND NOT IOS)
	set(BUNDLE_APPLE_CODESIGN_PARAMETER -o runtime --force ${SIGNTOOL_PARAMS})
	if(OSX_TIMESTAMP)
		set(BUNDLE_APPLE_CODESIGN_PARAMETER ${BUNDLE_APPLE_CODESIGN_PARAMETER} --timestamp)
	else()
		set(BUNDLE_APPLE_CODESIGN_PARAMETER ${BUNDLE_APPLE_CODESIGN_PARAMETER} --timestamp=none)
	endif()

	file(GLOB_RECURSE AUTOSTART_HELPER_BINARY ${CMAKE_BINARY_DIR}/*/@AUTOSTART_HELPER_FULL_NAME@)
	message("Signing autostart helper bundle: ${AUTOSTART_HELPER_BINARY}")
	execute_process(COMMAND "@SIGNTOOL_CMD@" ${BUNDLE_APPLE_CODESIGN_PARAMETER} --entitlements @PACKAGING_DIR@/macos/autostart_helper/@AUTOSTART_HELPER_NAME@.entitlements -i @AUTOSTART_HELPER_BUNDLE_ID@ ${AUTOSTART_HELPER_BINARY})

	file(GLOB_RECURSE APP_BINARY ${CMAKE_BINARY_DIR}/*/@PROJECT_NAME@)
	message("Signing app bundle: ${APP_BINARY}")
	execute_process(COMMAND "@SIGNTOOL_CMD@" ${BUNDLE_APPLE_CODESIGN_PARAMETER} --entitlements @CMAKE_BINARY_DIR@/entitlements.plist -i @BUNDLE_IDENTIFIER@ ${APP_BINARY})
endif()