diff --git a/CTestCustom.cmake.in b/CTestCustom.cmake.in
index f29ac70aee9ab45f542b0046b3534ac79628ee9a..d3cff518c5d1a34b9ca02cc8faa4b33dd0985c21 100644
--- a/CTestCustom.cmake.in
+++ b/CTestCustom.cmake.in
@@ -32,6 +32,7 @@ set(CTEST_CUSTOM_WARNING_EXCEPTION
"remark: .*LOOP WAS VECTORIZED"
"warning .980: wrong number of actual arguments to intrinsic function .std::basic_"
"LINK : warning LNK4089: all references to.*ADVAPI32.dll.*discarded by /OPT:REF"
+ "LINK : warning LNK4089: all references to.*CRYPT32.dll.*discarded by /OPT:REF"
"LINK : warning LNK4089: all references to.*PSAPI.DLL.*discarded by /OPT:REF"
"LINK : warning LNK4089: all references to.*RPCRT4.dll.*discarded by /OPT:REF"
"LINK : warning LNK4089: all references to.*SHELL32.dll.*discarded by /OPT:REF"
diff --git a/Source/CMakeLists.txt b/Source/CMakeLists.txt
index 1886519cf078e9ffe69c4adb585cec115906f8cd..16b9ea10b6ff0727c0be8a31b6b1a34771ef1b7f 100644
--- a/Source/CMakeLists.txt
+++ b/Source/CMakeLists.txt
@@ -558,7 +558,8 @@ endif()
if(WIN32 AND NOT UNIX)
# We need the rpcrt4 library on Windows.
- target_link_libraries(CMakeLib rpcrt4)
+ # We need the crypt32 library on Windows for crypto/cert APIs.
+ target_link_libraries(CMakeLib rpcrt4 crypt32)
endif()
#
diff --git a/Source/cmSystemTools.cxx b/Source/cmSystemTools.cxx
index a117238b16fb63b5cf50c653a63e186702b54f80..583e1d0ee1ffcf2607dfa987e80187d561c48d22 100644
--- a/Source/cmSystemTools.cxx
+++ b/Source/cmSystemTools.cxx
@@ -1013,6 +1013,94 @@ std::string cmSystemTools::ComputeStringMD5(const std::string& input)
#endif
}
+//----------------------------------------------------------------------------
+std::string cmSystemTools::ComputeCertificateThumbprint(
+ const std::string& source)
+{
+ std::string thumbprint;
+
+#ifdef _WIN32
+ BYTE* certData = NULL;
+ CRYPT_INTEGER_BLOB cryptBlob;
+ HCERTSTORE certStore = NULL;
+ PCCERT_CONTEXT certContext = NULL;
+
+ HANDLE certFile = CreateFile(cmsys::Encoding::ToWide(source.c_str()).c_str(),
+ GENERIC_READ,
+ FILE_SHARE_READ,
+ NULL,
+ OPEN_EXISTING,
+ FILE_ATTRIBUTE_NORMAL,
+ NULL);
+
+ if (certFile != INVALID_HANDLE_VALUE && certFile != NULL)
+ {
+ DWORD fileSize = GetFileSize(certFile, NULL);
+ if (fileSize != INVALID_FILE_SIZE)
+ {
+ certData = new BYTE[fileSize];
+ if (certData != NULL)
+ {
+ DWORD dwRead = 0;
+ if (ReadFile(certFile, certData, fileSize, &dwRead, NULL))
+ {
+ cryptBlob.cbData = fileSize;
+ cryptBlob.pbData = certData;
+
+ // Verify that this is a valid cert
+ if (PFXIsPFXBlob(&cryptBlob))
+ {
+ // Open the certificate as a store
+ certStore = PFXImportCertStore(
+ &cryptBlob, NULL, CRYPT_EXPORTABLE);
+ if (certStore != NULL)
+ {
+ // There should only be 1 cert.
+ certContext = CertEnumCertificatesInStore(certStore,
+ certContext);
+ if (certContext != NULL)
+ {
+ // The hash is 20 bytes
+ BYTE hashData[20];
+ DWORD hashLength = 20;
+
+ // Buffer to print the hash. Each byte takes 2 chars +
+ // terminating character
+ char hashPrint[41];
+ char *pHashPrint = hashPrint;
+ // Get the hash property from the certificate
+ if (CertGetCertificateContextProperty(certContext,
+ CERT_HASH_PROP_ID, hashData, &hashLength))
+ {
+ for (DWORD i = 0; i < hashLength; i++)
+ {
+ // Convert each byte to hexadecimal
+ sprintf(pHashPrint, "%02X", hashData[i]);
+ pHashPrint += 2;
+ }
+ *pHashPrint = '\0';
+ thumbprint = hashPrint;
+ }
+ CertFreeCertificateContext(certContext);
+ }
+ CertCloseStore(certStore, 0);
+ }
+ }
+ }
+ delete[] certData;
+ }
+ }
+ CloseHandle(certFile);
+ }
+#else
+ (void)source;
+ cmSystemTools::Message("ComputeCertificateThumbprint is not implemented",
+ "Error");
+#endif
+
+ return thumbprint;
+}
+
void cmSystemTools::Glob(const std::string& directory,
const std::string& regexp,
std::vector<std::string>& files)
diff --git a/Source/cmSystemTools.h b/Source/cmSystemTools.h
index fb58307d046f46be95a728ba9aee350a2d01640d..c12a1db969a7ed4f4d03af45a2d6cfd6cc3c6024 100644
--- a/Source/cmSystemTools.h
+++ b/Source/cmSystemTools.h
@@ -194,6 +194,9 @@ public:
/** Compute the md5sum of a string. */
static std::string ComputeStringMD5(const std::string& input);
+ ///! Get the SHA thumbprint for a certificate file
+ static std::string ComputeCertificateThumbprint(const std::string& source);
+
/**
* Run a single executable command
*
diff --git a/Source/cmVisualStudio10TargetGenerator.cxx b/Source/cmVisualStudio10TargetGenerator.cxx
index 80b8591e80195c5289eec04f2eafd2c3d76274c8..28a0425bd9a0525dffb7043ad3ed04f0dc2c898c 100644
--- a/Source/cmVisualStudio10TargetGenerator.cxx
+++ b/Source/cmVisualStudio10TargetGenerator.cxx
@@ -2893,7 +2893,7 @@ void cmVisualStudio10TargetGenerator::WriteWinRTPackageCertificateKeyFile()
(*this->BuildFileStream) << cmVS10EscapeXML(artifactDir) <<
"\\</AppxPackageArtifactsDir>\n";
this->WriteString("<ProjectPriFullPath>"
- "$(TargetDir)resources.pri</ProjectPriFullPath>", 2);
+ "$(TargetDir)resources.pri</ProjectPriFullPath>\n", 2);
// If we are missing files and we don't have a certificate and
// aren't targeting WP8.0, add a default certificate
@@ -2911,6 +2911,13 @@ void cmVisualStudio10TargetGenerator::WriteWinRTPackageCertificateKeyFile()
this->WriteString("<", 2);
(*this->BuildFileStream) << "PackageCertificateKeyFile>"
<< pfxFile << "</PackageCertificateKeyFile>\n";
+ std::string thumb = cmSystemTools::ComputeCertificateThumbprint(pfxFile);
+ if (!thumb.empty())
+ {
+ this->WriteString("<PackageCertificateThumbprint>", 2);
+ (*this->BuildFileStream) << thumb
+ << "</PackageCertificateThumbprint>\n";
+ }
this->WriteString("</PropertyGroup>\n", 1);
}
else if(!pfxFile.empty())
@@ -2919,6 +2926,13 @@ void cmVisualStudio10TargetGenerator::WriteWinRTPackageCertificateKeyFile()
this->WriteString("<", 2);
(*this->BuildFileStream) << "PackageCertificateKeyFile>"
<< pfxFile << "</PackageCertificateKeyFile>\n";
+ std::string thumb = cmSystemTools::ComputeCertificateThumbprint(pfxFile);
+ if (!thumb.empty())
+ {
+ this->WriteString("<PackageCertificateThumbprint>", 2);
+ (*this->BuildFileStream) << thumb
+ << "</PackageCertificateThumbprint>\n";
+ }
this->WriteString("</PropertyGroup>\n", 1);
}
}