Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(UWP) More Build Tweaks #15711

Merged
merged 5 commits into from
Jul 23, 2022
Merged

(UWP) More Build Tweaks #15711

merged 5 commits into from
Jul 23, 2022

Conversation

GABO1423
Copy link
Contributor

  • A dummy Package.appxmanifest file was added. This is needed for Visual Studio to allow the user to create a package, and is overwritten during build time by either PackageNormal.appxmanifest or PackageGold.appxmanifest. So there shouldn't be any changes to Cl builds.
  • The temporary key used to sign a finished package has been updated with one that expires at a later date. Also makes it simpler to make an installable package via Visual Studio.
  • As a result of the above, the old key file has been deleted. It wasn't used by anything, so no reason to keep it.
  • The version number in the PackageNormal and PackageGold manifests has been updated to PPSSPP's current version number.

For further clarification for the first change, here is the option in question:

image

@hrydgard hrydgard added this to the v1.13.0 milestone Jul 20, 2022
@hrydgard
Copy link
Owner

Thanks, looks good.

Would be nice if we could also document how to generate new temp keys easily..

@hrydgard hrydgard merged commit d2a3918 into hrydgard:master Jul 23, 2022
@GABO1423
Copy link
Contributor Author

GABO1423 commented Jul 23, 2022
edited
Loading

Thanks, looks good.

Would be nice if we could also document how to generate new temp keys easily..

I can tell you how I do so if it helps. When you choose "Create App Packages" in Visual Studio, you are then given a few options before the Package is generated. This includes how it will be signed, and this is where you can generate a new key. I don't know if there are other methods, but that one is what I use.

@unknownbrackets
Copy link
Collaborator

It'd be most ideal to have a GitHub Action (which runs on a X month schedule or manually) that updates the key and commits it to the repo, if it needs to be periodically updated. That'd require a command line method of generating it.

-[Unknown]

@GABO1423
Copy link
Contributor Author

Yeah, the key lasts a year before it expires. So it could be updated yearly. But I sadly don't know how to generate keys via a command line.

@unknownbrackets
Copy link
Collaborator

Looks like it's just a self-signed code signing cert:

       X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: critical
                Code Signing, 1.3.6.1.4.1.311.84.3.1

This doesn't seem to be exactly right, but what if you try this:

openssl req -x509 -nodes -newkey rsa:2048 -keyout key.pem -out cert.pem -days 7300 -subj "/CN=Henrik" -extensions v3_req -addext "extendedKeyUsage = codeSigning, 1.3.6.1.4.1.311.84.3.1"
openssl pkcs12 -export -out cert.pfx -in cert.pem -inkey key.pem -name "03d871fb-e260-4c26-bc87-c32adc53c8e6" -CSP "Microsoft Strong Cryptographic Provider" -passout pass:
rm cert.pem key.pem

If you use the cert.pfx that generates, does everything work? Here's an example in case you don't have openssl:
PPSSPP_TestKey.zip

-[Unknown]

@GABO1423
Copy link
Contributor Author

GABO1423 commented Jul 24, 2022
edited
Loading

Test key did not work sadly.

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Platform-specific (UWP)
Projects
None yet
Milestone
v1.13.0
Development

Successfully merging this pull request may close these issues.
3 participants
@GABO1423 @hrydgard @unknownbrackets