mirror of
https://github.com/Z3Prover/z3
synced 2025-11-04 05:19:11 +00:00
adding esrp feature
Signed-off-by: Nikolaj Bjorner <nbjorner@microsoft.com>
This commit is contained in:
Nikolaj Bjorner
parent
93c59ffbd9
commit
02f01fcef1
2 changed files with 84 additions and 5 deletions
|
|
@ -90,6 +90,7 @@ TRACE = False
|
|||
PYTHON_ENABLED=False
|
||||
DOTNET_ENABLED=False
|
||||
DOTNET_CORE_ENABLED=False
|
||||
ESRP_SIGN=False
|
||||
DOTNET_KEY_FILE=getenv("Z3_DOTNET_KEY_FILE", None)
|
||||
JAVA_ENABLED=False
|
||||
ML_ENABLED=False
|
||||
|
|
@ -706,14 +707,14 @@ def display_help(exit_code):
|
|||
# Parse configuration option for mk_make script
|
||||
def parse_options():
|
||||
global VERBOSE, DEBUG_MODE, IS_WINDOWS, VS_X64, ONLY_MAKEFILES, SHOW_CPPS, VS_PROJ, TRACE, VS_PAR, VS_PAR_NUM
|
||||
global DOTNET_ENABLED, DOTNET_CORE_ENABLED, DOTNET_KEY_FILE, JAVA_ENABLED, ML_ENABLED, JS_ENABLED, STATIC_LIB, STATIC_BIN, PREFIX, GMP, PYTHON_PACKAGE_DIR, GPROF, GIT_HASH, GIT_DESCRIBE, PYTHON_INSTALL_ENABLED, PYTHON_ENABLED
|
||||
global DOTNET_ENABLED, DOTNET_CORE_ENABLED, DOTNET_KEY_FILE, JAVA_ENABLED, ML_ENABLED, JS_ENABLED, STATIC_LIB, STATIC_BIN, PREFIX, GMP, PYTHON_PACKAGE_DIR, GPROF, GIT_HASH, GIT_DESCRIBE, PYTHON_INSTALL_ENABLED, PYTHON_ENABLED, ESRP_SIGN
|
||||
global LINUX_X64, SLOW_OPTIMIZE, USE_OMP, LOG_SYNC
|
||||
global GUARD_CF, ALWAYS_DYNAMIC_BASE
|
||||
try:
|
||||
options, remainder = getopt.gnu_getopt(sys.argv[1:],
|
||||
'b:df:sxhmcvtnp:gj',
|
||||
['build=', 'debug', 'silent', 'x64', 'help', 'makefiles', 'showcpp', 'vsproj', 'guardcf',
|
||||
'trace', 'dotnet', 'dotnetcore', 'dotnet-key=', 'staticlib', 'prefix=', 'gmp', 'java', 'parallel=', 'gprof', 'js',
|
||||
'trace', 'dotnet', 'dotnetcore', 'dotnet-key=', 'esrp', 'staticlib', 'prefix=', 'gmp', 'java', 'parallel=', 'gprof', 'js',
|
||||
'githash=', 'git-describe', 'x86', 'ml', 'optimize', 'noomp', 'pypkgdir=', 'python', 'staticbin', 'log-sync'])
|
||||
except:
|
||||
print("ERROR: Invalid command line option")
|
||||
|
|
@ -751,6 +752,8 @@ def parse_options():
|
|||
DOTNET_CORE_ENABLED = True
|
||||
elif opt in ('--dotnet-key'):
|
||||
DOTNET_KEY_FILE = arg
|
||||
elif opt in ('--esrp'):
|
||||
ESRP_SIGN = True
|
||||
elif opt in ('--staticlib'):
|
||||
STATIC_LIB = True
|
||||
elif opt in ('--staticbin'):
|
||||
|
|
@ -1922,10 +1925,76 @@ class DotNetCoreDLLComponent(Component):
|
|||
dotnetCmdLine.extend(['-o', path])
|
||||
|
||||
MakeRuleCmd.write_cmd(out, ' '.join(dotnetCmdLine))
|
||||
|
||||
out.write('\n')
|
||||
self.sign_esrp(out)
|
||||
out.write('\n')
|
||||
out.write('%s: %s\n\n' % (self.name, dllfile))
|
||||
|
||||
def sign_esrp(self, out):
|
||||
global ESRP_SIGNx
|
||||
print("esrp-sign", ESRP_SIGN)
|
||||
if not ESRP_SIGN:
|
||||
return
|
||||
|
||||
import uuid
|
||||
guid = str(uuid.uuid4())
|
||||
path = BUILD_DIR
|
||||
assemblySignStr = """
|
||||
{
|
||||
"Version": "1.0.0",
|
||||
"SignBatches"
|
||||
:
|
||||
[
|
||||
{
|
||||
"SourceLocationType": "UNC",
|
||||
"SourceRootDirectory": "c:\\ESRP\\input",
|
||||
"DestinationLocationType": "UNC",
|
||||
"DestinationRootDirectory": "c:\\ESRP\\output",
|
||||
"SignRequestFiles": [
|
||||
{
|
||||
"CustomerCorrelationId": "%s",
|
||||
"SourceLocation": "%s\\libz3.dll",
|
||||
"DestinationLocation": "%s\\libz3.dll"
|
||||
},
|
||||
{
|
||||
"CustomerCorrelationId": "%s",
|
||||
"SourceLocation": "%s\\Microsoft.Z3.dll",
|
||||
"DestinationLocation": "%s\\Microsoft.Z3.dll"
|
||||
}
|
||||
],
|
||||
"SigningInfo": {
|
||||
"Operations": [
|
||||
{
|
||||
"KeyCode" : "CP-230012",
|
||||
"OperationCode" : "SigntoolSign",
|
||||
"Parameters" : {
|
||||
"OpusName": "Microsoft",
|
||||
"OpusInfo": "http://www.microsoft.com",
|
||||
"FileDigest": "/fd \"SHA256\"",
|
||||
"PageHash": "/NPH",
|
||||
"TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
|
||||
},
|
||||
"ToolName" : "sign",
|
||||
"ToolVersion" : "1.0"
|
||||
},
|
||||
{
|
||||
"KeyCode" : "CP-230012",
|
||||
"OperationCode" : "SigntoolVerify",
|
||||
"Parameters" : {},
|
||||
"ToolName" : "sign",
|
||||
"ToolVersion" : "1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
} """ % (guid, path, path, guid, path, path)
|
||||
assemblySign = os.path.join('dotnet', 'assembly-sign-input.json')
|
||||
with open(os.path.join(BUILD_DIR, assemblySign), 'w') as ous:
|
||||
ous.write(assemblySignStr)
|
||||
outputFile = os.path.join(BUILD_DIR, 'dotnet', "output.json")
|
||||
esrpCmdLine = ["esrpclient.exe", "sign", "-a", "C:\\esrp\\config\\authorization.json", "-p", "C:\\esrp\\config\\policy.json", "-i", assemblySign, "-o", outputFile]
|
||||
MakeRuleCmd.write_cmd(out, ' '.join(esrpCmdLine))
|
||||
|
||||
|
||||
def main_component(self):
|
||||
return is_dotnet_core_enabled()
|
||||
|
|
@ -1934,6 +2003,7 @@ class DotNetCoreDLLComponent(Component):
|
|||
# TBD: is this required for dotnet core given that version numbers are in z3.csproj file?
|
||||
return True
|
||||
|
||||
|
||||
def mk_win_dist(self, build_path, dist_path):
|
||||
if is_dotnet_core_enabled():
|
||||
mk_dir(os.path.join(dist_path, INSTALL_BIN_DIR))
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ DIST_DIR='dist'
|
|||
FORCE_MK=False
|
||||
DOTNET_ENABLED=True
|
||||
DOTNET_CORE_ENABLED=False
|
||||
ESRP_SIGN=False
|
||||
DOTNET_KEY_FILE=None
|
||||
JAVA_ENABLED=True
|
||||
GIT_HASH=False
|
||||
|
|
@ -65,6 +66,7 @@ def display_help():
|
|||
print(" --nodotnet do not include .NET bindings in the binary distribution files.")
|
||||
print(" --dotnetcore build for dotnet core.")
|
||||
print(" --dotnet-key=<file> sign the .NET assembly with the private key in <file>.")
|
||||
print(" --esrp sign with esrp.")
|
||||
print(" --nojava do not include Java bindings in the binary distribution files.")
|
||||
print(" --nopython do not include Python bindings in the binary distribution files.")
|
||||
print(" --githash include git hash in the Zip file.")
|
||||
|
|
@ -74,7 +76,7 @@ def display_help():
|
|||
|
||||
# Parse configuration option for mk_make script
|
||||
def parse_options():
|
||||
global FORCE_MK, JAVA_ENABLED, GIT_HASH, DOTNET_ENABLED, DOTNET_CORE_ENABLED, DOTNET_KEY_FILE, PYTHON_ENABLED, X86ONLY, X64ONLY
|
||||
global FORCE_MK, JAVA_ENABLED, GIT_HASH, DOTNET_ENABLED, DOTNET_CORE_ENABLED, DOTNET_KEY_FILE, PYTHON_ENABLED, X86ONLY, X64ONLY, ESRP_SIGN
|
||||
path = BUILD_DIR
|
||||
options, remainder = getopt.gnu_getopt(sys.argv[1:], 'b:hsf', ['build=',
|
||||
'help',
|
||||
|
|
@ -84,6 +86,7 @@ def parse_options():
|
|||
'nodotnet',
|
||||
'dotnetcore',
|
||||
'dotnet-key=',
|
||||
'esrp',
|
||||
'githash',
|
||||
'nopython',
|
||||
'x86-only',
|
||||
|
|
@ -109,6 +112,8 @@ def parse_options():
|
|||
PYTHON_ENABLED = False
|
||||
elif opt == '--dotnet-key':
|
||||
DOTNET_KEY_FILE = arg
|
||||
elif opt == '--esrp':
|
||||
ESRP_SIGN = True
|
||||
elif opt == '--nojava':
|
||||
JAVA_ENABLED = False
|
||||
elif opt == '--githash':
|
||||
|
|
@ -142,6 +147,8 @@ def mk_build_dir(path, x64):
|
|||
opts.append('--java')
|
||||
if x64:
|
||||
opts.append('-x')
|
||||
if ESRP_SIGN:
|
||||
opts.append('--esrp')
|
||||
if GIT_HASH:
|
||||
opts.append('--githash=%s' % mk_util.git_hash())
|
||||
opts.append('--git-describe')
|
||||
|
|
@ -210,6 +217,7 @@ def get_z3_name(x64):
|
|||
return 'z3-%s.%s.%s-%s-win' % (major, minor, build, platform)
|
||||
|
||||
def mk_dist_dir(x64):
|
||||
global ESRP_SIGN
|
||||
if x64:
|
||||
platform = "x64"
|
||||
build_path = BUILD_X64_DIR
|
||||
|
|
@ -218,6 +226,7 @@ def mk_dist_dir(x64):
|
|||
build_path = BUILD_X86_DIR
|
||||
dist_path = os.path.join(DIST_DIR, get_z3_name(x64))
|
||||
mk_dir(dist_path)
|
||||
mk_util.ESRP_SIGN = ESRP_SIGN
|
||||
if DOTNET_CORE_ENABLED:
|
||||
mk_util.DOTNET_CORE_ENABLED = True
|
||||
else:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue