From de4230e0d0400663c3fdb8b7a1d18a1f45725af9 Mon Sep 17 00:00:00 2001
From: antelle <dmitryvit@gmail.com>
Date: Sun, 5 Apr 2020 22:13:06 +0200
Subject: [PATCH] code signing

---
 build/tasks/grunt-sign-exe.js | 28 +++++++++++++++++++---------
 package-lock.json             |  6 +++---
 package.json                  |  2 +-
 3 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/build/tasks/grunt-sign-exe.js b/build/tasks/grunt-sign-exe.js
index df81f776..d5b5b079 100644
--- a/build/tasks/grunt-sign-exe.js
+++ b/build/tasks/grunt-sign-exe.js
@@ -42,16 +42,26 @@ module.exports = function(grunt) {
             const taskResult = await runRemoteTask(opt.windows, zipContents);
             const signedFile = taskResult.file;
 
-            const res = spawnSync('osslsigncode', ['verify', signedFile]);
-            if (res.status) {
-                const hasCertHash = res.stdout.includes(`Serial : ${opt.certHash}`);
-                if (!hasCertHash) {
-                    grunt.warn(
-                        `Verify error ${file}: exit code ${res.status}.\n${res.stdout.toString()}`
-                    );
-                }
+            const res = spawnSync('signtool', ['verify', '/pa', '/sha1', opt.certHash, signedFile]);
+            console.log('res.status', res.status);
+
+            const res2 = spawnSync('signtool', [
+                'verify',
+                '/pa',
+                '/sha1',
+                opt.certHash.replace('1', '2'),
+                signedFile
+            ]);
+            console.log('res.status', res2.status);
+
+            if (!res.stdout.includes('Successfully verified')) {
+                grunt.warn(
+                    `Verify error ${file}: exit code ${res.status}.\n${res.stdout.toString()}`
+                );
             }
-            fs.renameSync(signedFile, file);
+
+            fs.unlinkSync(signedFile, file);
+            fs.writeFileSync(file, taskResult.data);
             grunt.log.writeln(`Signed ${file}: ${name}`);
         } catch (e) {
             grunt.warn(`Sign error ${file}: ${e}`);
diff --git a/package-lock.json b/package-lock.json
index 4b169e3b..05af7606 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -12386,9 +12386,9 @@
       }
     },
     "run-remote-task": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/run-remote-task/-/run-remote-task-0.1.0.tgz",
-      "integrity": "sha512-FiEaJDoRxCaPnYh73niWlFq96poLBQzR8gRkfWzKr1MoChwiGMe1+JBoY3xojxzjA4ESGwrsaxSfzvJ339rxjg==",
+      "version": "0.3.0",
+      "resolved": "https://registry.npmjs.org/run-remote-task/-/run-remote-task-0.3.0.tgz",
+      "integrity": "sha512-8dEOgb1wAXvWeCsQFUq6t3NgbUSO0Im78m4QTT1be0lkeYsU26R0kFGdbS/jvoBb0u5Q+MyuBOdZtgum6oyGhg==",
       "requires": {
         "minimist": "^1.2.5"
       },
diff --git a/package.json b/package.json
index 1db7b86d..20bb937c 100644
--- a/package.json
+++ b/package.json
@@ -78,7 +78,7 @@
         "prettier": "^1.19.1",
         "puppeteer": "^2.1.1",
         "raw-loader": "^4.0.0",
-        "run-remote-task": "^0.1.0",
+        "run-remote-task": "^0.3.0",
         "sass-loader": "^8.0.2",
         "stats-webpack-plugin": "0.7.0",
         "string-replace-webpack-plugin": "0.1.3",