Skip to content

Commit cba7bf0

Browse files
charlypacharlypa
committed
feat: signtool for ev code sign using tauri
1 parent 5102725 commit cba7bf0

8 files changed

Lines changed: 160 additions & 0 deletions

File tree

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
/target

.idea/.gitignore

Lines changed: 5 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.idea/modules.xml

Lines changed: 8 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.idea/signtool.iml

Lines changed: 14 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.idea/vcs.xml

Lines changed: 6 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.lock

Lines changed: 39 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
[package]
2+
name = "signtool"
3+
version = "0.1.0"
4+
edition = "2021"
5+
6+
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
7+
8+
[dependencies]
9+
#serde = { version = "1.0.164", features = ["derive"] }
10+
serde_json = "1.0"

src/main.rs

Lines changed: 77 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
use std::env;
2+
use std::process::{Command, exit};
3+
use std::fs::File;
4+
use std::io::{BufReader};
5+
use serde_json::{Value};
6+
7+
fn read_secrets() -> Value {
8+
let binding = env::current_dir().unwrap();
9+
let path = binding.to_str().unwrap();
10+
let file_full_path = path.to_owned() + "\\..\\secrets.json";
11+
let file = File::open(file_full_path).unwrap();
12+
let reader = BufReader::new(file);
13+
let u = serde_json::from_reader(reader).unwrap();
14+
return u;
15+
}
16+
17+
18+
fn sign(file_name: &str, time_stamp_url: &str) {
19+
println!("started signing");
20+
21+
let secrets = read_secrets();
22+
23+
let cert_name = secrets["AZURE_CERT_NAME"].to_string().replace("\"", "");
24+
let client_id = secrets["AZURE_CLIENT_ID"].to_string().replace("\"", "");
25+
26+
let client_secret = secrets["AZURE_CLIENT_SECRET"].to_string().replace("\"", "");
27+
28+
let key_vault_uri = secrets["AZURE_KEY_VAULT_URI"].to_string().replace("\"", "");
29+
30+
let tenant_id = secrets["AZURE_TENANT_ID"].to_string().replace("\"", "");
31+
let company_name = secrets["AZURE_COMPANY_NAME"].to_string().replace("\"", "");
32+
33+
let output = Command::new("AzureSignTool")
34+
.arg("sign")
35+
.arg("-kvu")
36+
.arg(key_vault_uri)
37+
.arg("-kvi")
38+
.arg(client_id)
39+
.arg("-kvt")
40+
.arg(tenant_id)
41+
.arg("-kvs")
42+
.arg(client_secret)
43+
.arg("-kvc")
44+
.arg(cert_name)
45+
.arg("-tr")
46+
.arg(time_stamp_url)
47+
.arg("-v")
48+
.arg(file_name)
49+
.arg("-d")
50+
.arg(company_name)
51+
.output()
52+
.expect("failed to execute process");
53+
if !output.stderr.is_empty() {
54+
eprint!("{}", String::from_utf8_lossy(&output.stderr));
55+
}
56+
if !output.stdout.is_empty() {
57+
eprint!("{}", String::from_utf8_lossy(&output.stdout));
58+
}
59+
println!("completed signing");
60+
}
61+
62+
fn main() {
63+
let args: Vec<String> = env::args().collect();
64+
for (i, arg) in args.iter().enumerate() {
65+
println!("Argument {} : {}", i, arg);
66+
}
67+
println!("length {}", args.len());
68+
if args.len() <= 10 {
69+
exit(1)
70+
}
71+
let time_stamp_url = &args[9];
72+
let file_name_to_sign = &args[10];
73+
println!("signing {}", file_name_to_sign);
74+
sign(file_name_to_sign, time_stamp_url);
75+
}
76+
77+

0 commit comments

Comments
 (0)