VirtualBox

Ignore:
Timestamp:
Dec 16, 2016 11:47:16 PM (8 years ago)
Author:
vboxsync
Message:

Additions/win: Don't depend on the checked in certificate, but rather extract the code signing certificates from VBoxGuest.sys and VBoxCertUtil.exe.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Additions/Makefile.kmk

    r63489 r64935  
    242242ifdef VBOX_WITH_ADDITIONS_ISO.win.amd64
    243243 VBOX_PATH_ADDITIONS.win.amd64 = $(PATH_OUT_BASE)/win.amd64/$(KBUILD_TYPE)/bin/additions
     244 VBOX_PATH_ADDITIONS.win = $(VBOX_PATH_ADDITIONS.win.amd64)
    244245 GUESTADDITIONS_FILESPEC.win.amd64 = \
    245246        VBoxWindowsAdditions-amd64.exe=$(VBOX_PATH_ADDITIONS.win.amd64)/VBoxWindowsAdditions-amd64.exe
    246247 ifndef VBOX_WITH_ADDITIONS_ISO.win.x86
    247248  GUESTADDITIONS_FILESPEC.win.amd64 += \
    248         cert/oracle-vbox.cer=$(VBOX_PATH_ADDITIONS_SRC)/WINNT/tools/oracle-vbox.cer \
    249249        cert/VBoxCertUtil.exe=$(VBOX_PATH_ADDITIONS.win.amd64)/VBoxCertUtil.exe
    250250 endif
     
    253253ifdef VBOX_WITH_ADDITIONS_ISO.win.x86
    254254 VBOX_PATH_ADDITIONS.win.x86 = $(PATH_OUT_BASE)/win.x86/$(KBUILD_TYPE)/bin/additions
     255 VBOX_PATH_ADDITIONS.win = $(VBOX_PATH_ADDITIONS.win.x86)
    255256 GUESTADDITIONS_FILESPEC.win.x86 = \
    256257        VBoxWindowsAdditions-x86.exe=$(VBOX_PATH_ADDITIONS.win.x86)/VBoxWindowsAdditions-x86.exe \
     
    259260        32Bit/Readme.txt=$(VBOX_PATH_ADDITIONS_SRC)/WINNT/Installer/ISO/ReadmeDrivers.txt \
    260261        64Bit/Readme.txt=$(VBOX_PATH_ADDITIONS_SRC)/WINNT/Installer/ISO/ReadmeDrivers.txt \
    261         cert/oracle-vbox.cer=$(VBOX_PATH_ADDITIONS_SRC)/WINNT/tools/oracle-vbox.cer \
    262262        cert/VBoxCertUtil.exe=$(VBOX_PATH_ADDITIONS.win.x86)/VBoxCertUtil.exe
    263263endif # win.x86
    264264
     265if defined(VBOX_WITH_ADDITIONS_ISO.win.amd64) || defined(VBOX_WITH_ADDITIONS_ISO.win.x86)
     266 ifndef VBOX_SIGNING_MODE
     267 GUESTADDITIONS_FILESPEC.win = cert/oracle-vbox.cer=$(VBOX_PATH_ADDITIONS_SRC)/WINNT/tools/oracle-vbox.cer
     268 else if "$(VBOX_WITH_CORP_CODE_SIGNING)" == "all" || (!defined(VBOX_CERTIFICATE_SHA2_SUBJECT_NAME) && !defined(VBOX_WITH_CORP_CODE_SIGNING))
     269 GUESTADDITIONS_FILESPEC.win = cert/oracle-vbox.cer=$(VBOX_PATH_ADDITIONS.win)/oracle-vbox.cer
     270 else
     271  GUESTADDITIONS_FILESPEC.win = \
     272        cert/oracle-vbox1.cer=$(VBOX_PATH_ADDITIONS.win)/oracle-vbox1.cer \
     273        cert/oracle-vbox256.cer=$(VBOX_PATH_ADDITIONS.win)/oracle-vbox256.cer
     274  if defined(VBOX_CERTIFICATE_SHA2_SUBJECT_NAME) && defined(VBOX_WITH_CORP_CODE_SIGNING)
     275   GUESTADDITIONS_FILESPEC.win += cert/oracle-vbox256-r3.cer=$(VBOX_PATH_ADDITIONS.win)/oracle-vbox256-r3.cer
     276  endif
     277 endif
     278
     279endif
     280  $$(VBoxStub_0_OUTDIR)/VBoxStubPublicCert.h:  | $$(dir $$@) $(VBOX_RTSIGNTOOL) $(PATH_STAGE_SYS)/VBoxDrv.sys
     281        $(RM) -f -- "$@" "[email protected]" "[email protected]" "[email protected]" "[email protected]"
     282
     283        $(VBOX_RTSIGNTOOL) extract-exe-signer-cert --signature-index 0 --exe "$(PATH_STAGE_SYS)/VBoxDrv.sys" --output "[email protected]" --der
     284        $(VBOX_BIN2C) -ascii --append VBoxStubTrustedCert0 "[email protected]" $@
     285        $(APPEND) "[email protected]" "    { g_abVBoxStubTrustedCert0, sizeof(g_abVBoxStubTrustedCert0) }, "
     286  if defined(VBOX_CERTIFICATE_SHA2_SUBJECT_NAME) && (!defined(VBOX_WITH_CORP_CODE_SIGNING) || "$(VBOX_WITH_CORP_CODE_SIGNING)" != "all")
     287        $(VBOX_RTSIGNTOOL) extract-exe-signer-cert --signature-index 1 --exe "$(PATH_STAGE_SYS)/VBoxDrv.sys" --output "[email protected]" --der
     288        $(VBOX_BIN2C) -ascii --append VBoxStubTrustedCert1 "[email protected]" $@
     289        $(APPEND) "[email protected]" "    { g_abVBoxStubTrustedCert1, sizeof(g_abVBoxStubTrustedCert1) }, "
     290  endif
     291  if defined(VBOX_WITH_CORP_CODE_SIGNING) && "$(VBOX_WITH_CORP_CODE_SIGNING)" != "all" && "$(VBOX_SIGNING_MODE)" == "release"
     292        $(VBOX_RTSIGNTOOL) extract-exe-signer-cert --signature-index 1 --exe "$(VBOX_RTSIGNTOOL)" --output "[email protected]" --der
     293        $(VBOX_BIN2C) -ascii --append g_abVBoxStubTrustedCert2 "[email protected]" $@
     294        $(APPEND) "[email protected]" "    { g_abVBoxStubTrustedCert2, sizeof(g_abVBoxStubTrustedCert2) }, "
     295  endif
     296        $(APPEND) -n "$@" \
     297                "" \
     298                "struct { uint8_t const *pab; uint32_t cb; }" "g_aVBoxStubTrustedCerts[] = " \
     299               "{"
     300        $(SED) --append "$@" -e "" "[email protected]"
     301        $(APPEND) -n "$@" \
     302               "};"
     303        $(RM) -f -- "[email protected]" "[email protected]" "[email protected]" "[email protected]"
     304
     305  VBoxStubPublicCert.h:: $$(VBoxStub_0_OUTDIR)/VBoxStubPublicCert.h
     306
     307
     308# haiku
    265309ifdef VBOX_WITH_ADDITIONS_ISO.haiku.x86
    266310 VBOX_PATH_ADDITIONS.haiku.x86 = $(PATH_OUT_BASE)/haiku.x86/$(KBUILD_TYPE)/bin/additions
     
    278322                $(filter-out %=deleteme=,\
    279323                        $(subst =,=deleteme= ,\
     324                                $(GUESTADDITIONS_FILESPEC.win) \
    280325                                $(GUESTADDITIONS_FILESPEC.win.x86) \
    281326                                $(GUESTADDITIONS_FILESPEC.win.amd64) \
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette