在Inno Setup Installation上签署所有exe文件
[英]Sign all exe files on Inno Setup Installation
问题描述
I have a digital code sign certificate for the executables distributed by my company. 
我有一个由我公司分发的可执行文件的数字代码签名证书。
We use Inno Setup to make the installation executable, and it has a option to Sign the installer and uninstaller files, but I want to sign all the executable files inside the installer, is it possible using some script in Inno, as a preprocessor task? 我们使用Inno Setup来使安装可执行,并且它有一个选项来签署安装程序和卸载程序文件,但是我想在安装程序内签署所有可执行文件,是否可以使用Inno中的某些脚本作为预处理器任务?
I think I can use the ISPP to call the kSign tool to sign the files using the command Exec . 我想我可以使用ISPP调用kSign工具使用Exec命令对文件进行签名。
How can I call it only for .EXE files in installation? 如何在安装时仅为.EXE文件调用它?
How can I use the key value below in the command line: 如何在命令行中使用下面的键值:
SignTool=KSign /d $qAPP_NAME-$q /du $qhttp://www.app_site.com.br$q $f
3 个解决方案
解决方案1
6 已采纳 2016-05-10 12:38:22
使用[Files]部分中的sign或signonce标志。
解决方案2
2 2015-07-31 17:30:44
Ok I found a solution. 好的,我找到了解决方案。 Here is the way to sign your exe files with inno setup script. 以下是使用inno安装脚本对exe文件进行签名的方法。 Just add the following line to the beginning of your inno script: 只需将以下行添加到inno脚本的开头:
#expr Exec("C:\Program Files (x86)\Windows Kits\8.0\bin\x64\signtool.exe", "sign /n MyCertName /tr http://tsa.starfieldtech.com " + AddBackslash(SourcePath) + "MyFolder\MyFile.exe")
解决方案3
-2 2015-07-31 11:47:07
I´ll post some code from my batch script used to install the executables files, and the installer using: 我将从用于安装可执行文件的批处理脚本中发布一些代码,并使用以下命令安装程序:
KSignCMD from: http://support.ksoftware.net/support/solutions/articles/17169-how-do-i-automate-code-signing-with-innosetup-and-ksign- KSignCMD来自: http : //support.ksoftware.net/support/solutions/articles/17169-how-do-i-automate-code-signing-with-innosetup-and-ksign-
Inno Setup : http://www.jrsoftware.org/isdl.php Inno设置 : http : //www.jrsoftware.org/isdl.php
ComodoCertificate : http://support.ksoftware.net/support/solutions/25585 ComodoCertificate : http : //support.ksoftware.net/support/solutions/25585
The .bat file, is basically this: .bat文件基本上是这样的:
ECHO OFF
@ECHO OFF
CLS
:: Its just because my certificate file is in the root path
cd ..
SET PARENT_DIR=%CD%
:Inno_Path
SET INNOSetup=ERROR
if EXIST "%ProgramFiles%\Inno Setup 5\iscc.exe" SET INNOSetup="%ProgramFiles%\Inno Setup 5\iscc.exe"
if EXIST "%ProgramFiles(x86)%\Inno Setup 5\iscc.exe" SET INNOSetup="%ProgramFiles(x86)%\Inno Setup 5\iscc.exe"
if %INNOSetup% == ERROR goto error_innoSetup
:ksign_path
SET KSIGN=ERROR
if EXIST "%ProgramFiles%\kSign\kSignCMD.exe" SET KSIGN="%ProgramFiles%\kSign\kSignCMD.exe"
if EXIST "%ProgramFiles(x86)%\kSign\kSignCMD.exe" SET KSIGN="%ProgramFiles(x86)%\kSign\kSignCMD.exe"
if %KSIGN% == ERROR goto error_ksign
:: To sign an file, I just use this command
%KSIGN% /du "http://www.xxxxxxxxxx.com" /d "MyCompany - Software Description" /f ..\cert_comodo.p12 /p P@55W0rd! file.exe
:: Adjusting variables, removing "
SET KSIGN=%KSIGN:"=%
SET PARENT_DIR=%PARENT_DIR:"=%
:: The next command require the InnoSetup "Configure Sign Tools", configuration with name Standard, indicated below on /s parameter
:: Link to this configuration: http://www.jrsoftware.org/ishelp/index.php?topic=setup_signtool
%INNOSetup% "/sStandard=%KSIGN% /f %PARENT_DIR%\cert_comodo.p12 /p P@55W0rd! $p" MySoftwareInstaller.iss
if %ERRORLEVEL% GTR 0 goto iscc_error
:iscc_error
ECHO ISCC.EXE[ERRO(%ERRORLEVEL%)]: Error on generate installer.
goto end
:error_innoSetup
ECHO ISCC.exe not installed on: %ProgramFiles%\Inno Setup\ or %ProgramFiles(x86)%\Inno Setup\
ECHO Please install ISCC, from Inno Setup: - http://www.jrsoftware.org/isdl.php
goto end
:error_ksign
ECHO KSignCMD.exe not found on: %ProgramFiles%\kSign\ or %ProgramFiles(x86)%\kSign\
ECHO Please install KSign first: - http://codesigning.ksoftware.net/
goto end
:end
echo Press any key to continue....
pause
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.