如何通过在Delphi中包含exe的数字签名来自动化多个项目构建过程?
使用 Delphi (2009) 构建由 2 个项目组成的项目组后,我使用 InstallAware Code 签名(Delphi 2009 附带的一个 exe)对 2 个 exe 进行数字签名。
如何才能自动执行数字签名,因此在构建时我还可以附加数字签名。
对于数字签名,我使用 pvk(私钥)文件和 spc(Sw 发布者证书)文件。
子问题:此外,我创建了一个项目组,因为我有2个exe,但它们几乎相同,唯一改变的是应用程序图标和应用程序名称(一个是ProductOne.dpr,另一个是ProductTwo.dpr)。
实际上,我有 2 个品牌的同一产品,我有一个版本,但激活密钥详细信息激活其中一个,无论如何,现在我被要求更改图标和文件名,为此我需要构建 2 个项目,激活key 不足以区分这两个。无论如何,如果有一种方法可以从单个项目中做到这一点,那就更好了。
After building a project group of 2 projects with Delphi (2009) I digitally sign the 2 exes using InstallAware Code signing, an exe that shipped with Delphi 2009.
How is it possible to automize the digital signature, so when I build I can also attach digital signature.
For digital signing I use a pvk (private key) file and an spc (Sw publisher certificate) file.
Subquestion: Moreover I created a project group because I have 2 exes, but they are almost the same, the only thing that changes is the Application icon and the application name (one is ProductOne.dpr, the other is ProductTwo.dpr).
In practice I have 2 brands of the same product, I have a single build but activation keys details activate one or the other, anyway now I was asked to change the icon and the filename, and for this I need to build 2 projects, activation key is not enough anymore to distinguish between the 2. Anyway if there is a way to do this from a single project it would be better.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
第一部分:
我们使用 FinalBuilder 脚本操作对可执行文件进行代码签名,但也可以通过命令行实现相同的效果:
signtool 来自 MS Windows SDK,还可以使用来自本地计算机证书存储。请参阅链接的文档页面,了解不同形式的证书所需的细微更改。
我想这可以放在项目的构建后事件中。然后,每次您进行完整构建时,它都会运行。
不知道问题的第二点 - 尽管我想我会倾向于使用 FinalBuilder 之类的第三方工具(再次)来管理图标/资源等的交换并进行实际的构建。
For the first part:
We code sign our executables using a FinalBuilder script action but the same can be achieved with the command line:
signtool comes from the MS Windows SDK and can also work with certificates from the local machine certificate store. See the linked doc page for the slight changes required for the different forms of certificate.
I would guess this can be put in the post-build events of your project. It will then get run each time you do a full build.
Don't know about the second bit of the question - though I guess I would tend to use a third party tool like FinalBuilder (again) to manage the swapping of icons/resources etc and to do the actual build.
为了签署我的 exe,我使用“signtool”,并且您已经获得了从 shunty 签署您的 exe 的命令行。
为了更改 exe 的图标,我使用“ResHacker.exe”:它是一个小型免费软件应用程序,可以从命令行自动化,因此它可以与任何构建自动化软件一起使用。这是一个示例命令行:
不要省略任何逗号!
它工作得很好。对于自动化,我使用 FinalBUilder,并且我从一个脚本生成一个应用程序的 4(四)个版本,每次都重新构建,以便我可以使用不同的编译器指令,然后我更改图标以适应版本,签署所有内容,构建设置,签署设置,存档设置,最后将我的设置上传到我的“测试版”网站(不是我们的官方网站,而是只有一些人知道的其他网站)
For signing my exe's I'm using "signtool" and you've already got the command line to sign your exe from shunty.
For changing the exe's icon I'm using "ResHacker.exe": It's a small freeware application that can be automated from the command line, so it may be used with any build automation software. Here's a sample command line:
Don't ommit any of the commas!
It works absolutely fine. For automation I'm using FinalBUilder, and I'm generating 4 (four) versions of one application from one script, re-building every time so I can use different compiler directives, then I'm changing the icon to suite the version, signing everything, building setups, signing the setups, archiving the setups and finally uploading my setups to my "beta" web site (not our official web-site, an other web site that only some people know about)
我会使用 Kinook 的 Visual Build Pro(我认为他们是一个 SO 广告商)来自动化编译和签名。可以直接签名,无需SignTool。
第 2 部分听起来对 ResHacker< 来说是一份不错的工作/a>,可用于替换应用程序内的资源。这必须在签字之前完成。
I would use Visual Build Pro from Kinook (they're a SO advertiser, I think) to automate the compiling and signing. It can sign directly, no need for SignTool.
Part2 sounds like a good job for ResHacker, which can be used to replace resources within an app. That would have to be done before signing.