From 0b5288188c1e08323161f4e4c2510f077a148d42 Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Wed, 31 Jan 2024 15:43:31 +0700
Subject: Add retries to make signing more reliable

---
 crypto/src/BouncyCastle.Crypto.csproj |  3 ++-
 signfile.bat                          | 17 +++++++++++------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/crypto/src/BouncyCastle.Crypto.csproj b/crypto/src/BouncyCastle.Crypto.csproj
index 963f22188..a6a4f2788 100644
--- a/crypto/src/BouncyCastle.Crypto.csproj
+++ b/crypto/src/BouncyCastle.Crypto.csproj
@@ -113,6 +113,7 @@
     </PropertyGroup>
   </Target>
   <Target Name="SignAssemblies" AfterTargets="PostBuildEvent" Condition="'$(Configuration)'=='Publish'">
-    <Exec Command="call &quot;$(ProjectDir)..\..\signfile.bat&quot; &quot;$(TargetPath)&quot;" />
+    <Exec Command="call &quot;$(ProjectDir)..\..\signfile.bat&quot; &quot;$(TargetPath)&quot;"
+          IgnoreStandardErrorWarningFormat="true" />
   </Target>
 </Project>
diff --git a/signfile.bat b/signfile.bat
index ddf09a054..351926c2f 100644
--- a/signfile.bat
+++ b/signfile.bat
@@ -14,13 +14,18 @@ set SignToolDir=C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64\
 set SignTool=%SignToolDir%signtool.exe
 
 echo Preparing to sign %Target%
-echo "%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p "%CodesignPass%" %Target% || exit /b 1
-echo Waiting for 20 seconds before issuing command (avoid timeserver rejection)
+echo "%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p PASSWORD %Target
 
 rem Timestamp server requires 15 seconds or more between signing requests
 rem When publishing need to limit parallel build tasks to 1 in Tools|Options|Projects and Solutions|Build and Run
-ping -n 20 127.0.0.1 >NUL
+set attempts=10
+:DoWhile
+    echo %attempts% attempts remaining
+    echo Waiting for 30 seconds before issuing command (avoid timeserver rejection)
+    ping -n 30 127.0.0.1 >NUL
+    "%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p "%CodesignPass%" %Target% && goto EndDoWhile
+    set /a attempts = %attempts% - 1
+    if %attempts% gtr 0 goto DoWhile
+:EndDoWhile
 
-"%SignTool%" sign /f "%CodesignFile%" /fd sha256 /tr "%TimestampUrl%" /td sha256 /p "%CodesignPass%" %Target% || exit /b 1
-
-"%SignTool%" verify /pa /tw %Target% || exit /b 1
+"%SignTool%" verify /pa /tw %Target%
-- 
cgit 1.4.1