[Help:] Please, how to sign all (EXE, DLL, CAB) files in directory and subdirectories

Discussion in 'Scripting' started by moderate, Nov 30, 2016.

  1. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    #1 moderate, Nov 30, 2016
    Last edited by a moderator: Apr 20, 2017
    Hello,

    I use this to sign single file with my certificate:

    Code:
    C:\Program Files (x86)\Windows Kits\10\bin\x64/signtool.exe sign /v /sm /s Root /n WRTJBCert /tr http://tsa.starfieldtech.com /ph /fd sha256 C:\Directory\File.exe
    
    But now, I need something, which will sign all (EXE, DLL, CAB) files in C:\Directory and all sub-directories.

    So for example:

    C:\Directory\File.dll
    C:\Directory\File2.dll
    C:\Directory\File.exe
    C:\Directory\Subdirectory1\File.cab
    C:\Directory\Subdirectory2\File.cab
    C:\Directory\Subdirectory3\File.cab
    C:\Directory\Subdirectory3\File.dll
    C:\Directory\Subdirectory3\File.exe
    C:\Directory\Subdirectory3\File2.exe
    etc...

    Could anybody hint me a script for this?
    Thanks.
     
  2. abbodi1406

    abbodi1406 MDL KB0000001

    Feb 19, 2011
    16,141
    84,319
    340
    #2 abbodi1406, Nov 30, 2016
    Last edited by a moderator: Apr 20, 2017
    Code:
    @echo off
    set "signer=C:\Program Files (x86)\Windows Kits\10\bin\x64\signtool.exe"
    cd /d "%~dp0"
    for /f "delims=" %%A in ('dir /b /s *.cab') do (call :sign %%A)
    for /f "delims=" %%A in ('dir /b /s *.dll') do (call :sign %%A)
    for /f "delims=" %%A in ('dir /b /s *.exe') do (call :sign %%A)
    goto :fin
    
    :sign
    "%signer%" sign /v /sm /s Root /n WRTJBCert /tr http://tsa.starfieldtech.com /ph /fd sha256 %1
    goto :eof
    
    :fin
    echo.
    echo.
    echo Press any key to Exit
    pause >nul
    goto :eof
    
     
  3. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    great!
    I knew you will help me.
    thanks.

    so I will run it within the directory, which contains the files, which need to be signed (and subdirs with such files)
     
  4. moderate

    moderate MDL Guru

    Aug 31, 2009
    3,355
    2,479
    120
    IT IS WORKING!!!

    I just replaced:
    (call :sign %%A)

    with
    (call :sign "%%A")

    because there are [SPACE]s in the directory structure.