
using namespace System
using namespace System.Collections.Generic

function Format-SignToolArgumentList {
    param (






        [switch]$AppendSignature = $false,




        [switch]$GenerateDigestXml = $false,


        [switch]$SignDigest = $false,

        [switch]$GeneratePageHashes = $false,

        [switch]$SuppressPageHashes = $false,

        [switch]$GeneratePkcs7 = $false,




    $result = [List[string]]::new()


    if ($TimestampRfc3161) {

    if ($TimestampDigest) {



    if ($AppendSignature) {

    if ($Description) {

    if ($DescriptionUrl) {

    if ($GenerateDigestPath) {

    if ($GenerateDigestXml) {

    if ($IngestDigestPath) {

    if ($SignDigest) {

    if ($GeneratePageHashes) {

    if ($SuppressPageHashes) {

    if ($GeneratePkcs7) {

    if ($Pkcs7Options) {

    if ($Pkcs7Oid) {

    if ($EnhancedKeyUsage) {


    return $result

function Invoke-SignTool {
    param (



    $signToolPath = Join-Path -Path $SignToolFolderPath -ChildPath "signtool.exe"

    $startProcessParams = @{
        FilePath = $signToolPath
        ArgumentList = $SignToolArguments
        NoNewWindow = $true
        PassThru = $true
    $process = Start-Process @startProcessParams

    try {
        Wait-Process -InputObject $process -Timeout $Timeout
    } catch [TimeoutException] {
        $timeoutError = "The Azure Code Signing service could not finish the request within the"
        $timeoutError += " allotted time of $Timeout seconds. This may happen if you are signing"
        $timeoutError += " a large number of files. You can try to increase the value of the"
        $timeoutError += " 'Timeout' parameter which is 300 seconds by default."
        throw $timeoutError

    if ($process.ExitCode -eq 0) {
        return "Azure Code Signing completed successfully"
    } else {
        throw "SignTool failed with exit code $($process.ExitCode)"