Error build SciLexer.dll with boost

andrecool-68 · May 10, 2019, 10:44 AM

@Ekopalypse The author himself will add a signature to the next build project … did I understand you correctly?

Ekopalypse · May 10, 2019, 11:00 AM

Yes, if you refer to the release build.
Debug builds will never have such a signature to allow code contributors to easily test there changes/modifications. That’s my understanding.

Edit: With release build I mean the binaries delivered by either the installation or a portable zip.

Ekopalypse · May 10, 2019, 11:08 AM

@andrecool-68

My lunch break is over - I will follow up later today.

andrecool-68 · May 10, 2019, 6:40 PM

@Ekopalypse Discussio mater veritas est

Ekopalypse · May 10, 2019, 6:40 PM

@andrecool-68 or better In vino veritas :-D

Ekopalypse · May 10, 2019, 8:33 PM

@andrecool-68
I found this commit and it looks like that this is the area
where one would need to hack around to create its own key but as said, I don’t really know how this certificates stuff work, yet.

andrecool-68 · May 11, 2019, 10:47 AM

@Ekopalypse

Interesting things, there is a GPG public key
https://github.com/notepad-plus-plus/notepad-plus-plus/blob/master/nppGpgPub.asc
But after building projects SciLexer.dll and notepad ++.exe

When starting notepad ++.exe an error appears
Authenticode check failed: signing certificate or hash is not recognized

Where is the truth hiding?

andrecool-68 · May 11, 2019, 11:58 AM

Maybe I have some components missing in Visual Studio 2017?

{
	"version": "1.0",
	"components": [
		"Microsoft.VisualStudio.Workload.NativeDesktop",
		"microsoft.visualstudio.component.vc.cmake.project",
		"microsoft.visualstudio.componentgroup.nativedesktop.win81",
		"microsoft.visualstudio.componentgroup.nativedesktop.winxp",
		"microsoft.visualstudio.component.vc.atlmfc",
		"microsoft.visualstudio.component.windows10sdk.10586",
		"microsoft.visualstudio.component.vc.140"
	]
}

Ekopalypse · May 11, 2019, 12:20 PM

@andrecool-68

I don’t think that you are missing something regarding the certification process.
It is expected that you cannot build a release version and use it with a non-signed scintilla dll.
Only debug builds can be used in this manner unless you change the code in the release build.

The way it works, as far as I understand, is like this.

You build a release version of scintilla.
You sign the scintilla dll with your private key.
You put the public key, which is one result from signing the dll, into notepad++ and build the release version.
Now on startup, I assume, it won’t report that error.

The exact details on how to do it, I haven’t figured out yet.
There are still too many open questions for me about the whole PKI thinggy.

andrecool-68 · May 11, 2019, 12:27 PM

@Ekopalypse
I did not understand where to put this key before building the project.

andrecool-68 · May 11, 2019, 12:33 PM

@Ekopalypse

https://github.com/notepad-plus-plus/notepad-plus-plus/blob/master/README.md
In the README file, I cannot understand what exactly needs to be done with this public key.