CodeSigning/Invoke-SignFile.ps1
|
<# .Synopsis Signs an app file .Description Signs an app file with the provided code sign certificate .Parameter ContainerName Name of the container. Can be provided in the settings.sjon .Parameter FileName Path to the app file to be signed .Parameter pfxFile Path to the code sign certificate .Parameter pfxPassword Password for the code sign certificate .Example Invoke-SignFile -FileName "C:\test.app" -pfxFile "C:\pfx.pfx" -pfxPassword (ConvertTo-SecureString "P@ssword1" -AsPlainText -Force) #> function Invoke-SignFile { Param( [Parameter(Mandatory=$false)] [string] $ContainerName, [Parameter(Mandatory=$true)] [string] $FileName, [Parameter(Mandatory=$false)] [securestring] $pfxFile = $null, [Parameter(Mandatory=$false)] [string] $pfxCertificate = $null, [Parameter(Mandatory=$true)] [securestring] $pfxPassword ) $ContainerName = Get-NewContainerName -ContainerName $ContainerName $signParameters = @{ containerName = $ContainerName pfxPassword = $pfxPassword } if ($null -ne $pfxFile) { $signParameters.Add('pfxFile', ([System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pfxFile)))) } else { if ($null -ne $pfxCertificate) { $signParameters.Add('pfxFile', $pfxCertificate) } } $signParameters.Add("timeStampServer", 'http://timestamp.digicert.com') # Copy file to container path $ContainerPath = (Join-Path (Join-Path "C:\ProgramData\BcContainerHelper\Extensions" $containerName) "my") $ContainerPath = (Join-Path $ContainerPath (Split-Path $FileName -Leaf)) Copy-Item $FileName $ContainerPath -Force | Out-Null #Sign Sign-BcContainerApp -appFile $ContainerPath @signParameters # Copy file back Copy-Item $ContainerPath $FileName -Force | Out-Null Remove-Item $ContainerPath -Force | Out-Null } |