Retry strategy for DigitalSignature

[marcobeninca71]

Hello Oleg Actually I'm having some issues on the availability of the timestamp servers during the digital signature. In other application where I'm doing the signature manually (C++ code) I've developed a script where I use a retry strategy with a maximum number of retries and a waiting time of 500 ms. Further I give an alternative server url in case the first one is not available at the moment. Is it possible to implement a similar strategy inside the function

WixSharp.CommonTasks.Task.DigitalySign

Thanks in advance Marco

[oleg-shilo]

Hi Mrco,

Updating the generic implementation of the build step with such a specific retry algorithm.

Though you can easily extend the existing API

class DigitasSignatureExtensions
{
    public static int ApplyWithRetry(this DigitalSignature signature, string fileToSign)
    {
        var retValue = signature.Apply(fileToSign);

        var count = 0;
        while(retValue != 0 && ++count < 3)
        {

            Console.WriteLine("Retrying applying DigitalSignature);
            Thread.Sleep(1000);
            retValue = signature.Apply(fileToSign);
    }

        return retValue;
    }
}
. . .
var signingReturnCode = project.DigitalSignature.Apply(msiFilePath);

Or with more conservative approach:

class DigitasSignatureEx : DigitalSignature
{
    public override int Apply(string fileToSign)
    {
        var retValue = base.Apply(fileToSign);

        var count = 0;
        while(retValue != 0 && ++count < 3)
        {
            Console.WriteLine("Retrying applying DigitalSignature);
            Thread.Sleep(1000);
            retValue = base.Apply(fileToSign);
    }

        return retValue;
    }
}

[marcobeninca71]

Dear Oleg thanks for your reply. Of course I've already did this extension method. It was just to ask you if you think it could be useful to add to the base implementation.

My version is as follow

  class DigitasSignatureEx : DigitalSignature
  {
      public List<Uri> TimeUrls { get; set; } = new List<Uri>();

      public int MaxTimeUrlRetry { get; set; } = 3;

      public int UrlRetrySleep { get; set; } = 500;

      public override int Apply(string fileToSign)
      {
          Console.WriteLine("Signing with DigitasSignatureEx");
          var retValue = base.Apply(fileToSign);

          foreach (Uri uri in TimeUrls)
          {
              var count = 0;
              while (retValue != 0 && ++count < MaxTimeUrlRetry)
              {
                  Console.WriteLine("Retrying applying DigitalSignature");

                  this.TimeUrl = uri;    

                  Thread.Sleep(UrlRetrySleep);
                  retValue = base.Apply(fileToSign);
              }
              if (retValue == 0)
                  break;
          }

          return retValue;
      }
  }

Thanks Marco

[oleg-shilo]

I see. I missed the point that you are trying to introduce multiple time urls. Without TimeUrl -> TimeUrls API update managing RetrySleep and RetryMaxCount outside of the Apply signature would be a bit of a stretch. One does not want the method logic (e.g. retry algorithm) to leak outside of the method (e.g. retry defaults).

But in case of multiple time URLs the time context is already outside of the method (in properties) so extending its context to two extra settings seems like an acceptable option.

Will do.

[oleg-shilo]

Marco, just sharing... :)

On github, if you want to inject a code snippet in your message you need to decorate it like this:

```c#
class DigitasSignatureEx : DigitalSignature
{
}

This will produce:
```c#
class DigitasSignatureEx : DigitalSignature
{
}

I have fixed your message already

[oleg-shilo]

Done. Waiting fro the release

[marcobeninca71]

Thanks a lot Oleg