Портал документации Рутокен

Page tree

Versions Compared

Old Version 16

changes.mady.by.user Кийко Алексей

Saved on

compared with

New Version Current

changes.mady.by.user Кийко Алексей

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Обратите внимание, что путь к signtool может отличаться в зависимости от версии установленного Windows SDK (в примере ниже, этот путь - signtoolPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x64\signtool.exe").
Так же, в самой команде подписания sign, необходимо указывать отпечаток вашего сертификата (в примере ниже, это - sign /debug /sha1 f90be6d6ba25c388a384189ba5cd7975a3a04389 /v /td fd SHA256 $filePath).
Более подробно о том, как узнать отпечаток сертификата, можно прочитать в статье "Подпись файлов в Windows с помощью сертификата на Рутокен".

...

# Path and filter settings
$path = "C:\sign"
$filter = "*.*"

# Ensure the path exists
if (!(Test-Path $path)) { 
    Write-Host "Path '$path' does not exist!" 
    return 
}

# The script block called when files are created
$action = { 
    $signtoolPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.1904122621.0\x64\signtool.exe"
    $filePath = $Event.SourceEventArgs.FullPath
    #$arguments = "sign /sha1 9bc6207999c596a4bc198c0a6df92e8049d01e96 /fd SHA256 `"$filePath`""
    $arguments = "sign /debug /sha1 f90be6d6ba25c388a384189ba5cd7975a3a04389 9bc6207999c596a4bc198c0a6df92e8049d01e96 /v /td fd SHA256 $filePath"

    # Delay to ensure file copy has completed
    Start-Sleep -Seconds 10

    # Check if the file is still being copied by monitoring the size
    $previousSize = (Get-Item $filePath).length
    Start-Sleep -Seconds 2
    $newSize = (Get-Item $filePath).length

    while ($previousSize -ne $newSize) {
        Write-Host "File '$filePath' is still being copied..."
        Start-Sleep -Seconds 2
        $previousSize = $newSize
        $newSize = (Get-Item $filePath).length
    }

    Write-Host "Signing file '$filePath'"
    #Starttry {
        Start-Process -FilePath $signtoolPath -ArgumentList $arguments -Wait -NoNewWindow -PassThru
    Invoke-Expression "& '$signtoolPath' $arguments"    Write-Host "File '$filePath' signed successfully."
    } catch {
        Write-Host "Failed to sign file '$filePath'. Error: $_"
    }
}

$sourceIdentifier = "FileCreated"

# Unregister the event if it is already registered
try {
    $existingEvent = Get-EventSubscriber -SourceIdentifier $sourceIdentifier -ErrorAction Stop
    if ($null -ne $existingEvent) {
        Unregister-Event -SourceIdentifier $sourceIdentifier
    }
}
catch {
    Write-Host "Event not found. Registering the event."
}

# Create the FileSystemWatcher
$fsw = New-Object IO.FileSystemWatcher $path, $filter
$fsw.EnableRaisingEvents = $true
$job = Register-ObjectEvent $fsw Created -SourceIdentifier $sourceIdentifier -Action $action

# Validate if the event is actually registered
if (Get-EventSubscriber | Where-Object { $_.SourceIdentifier -eq $sourceIdentifier })
{
    Write-Host "Event has been registered successfully."
}
else
{
    Write-Host "Failed to register event."
}

Write-Host "Script is now monitoring $path."

# Copy test.exe to the sign folder
$testExePath = "C:\test.exe"
if (Test-Path $testExePath) {
    Copy-Item $testExePath -Destination $path
    Write-Host "test.exe copied to $path."
} else {
    Write-Host "Could not find $testExePath."
}

# Prevent the console from closing immediately
do {
    Start-Sleep -Seconds 1
} while ($true)


...