From 2f1340562733a258670ba2d4bfb499b1d2323b5b Mon Sep 17 00:00:00 2001
From: Todd Stewart <tstewart65@gmail.com>
Date: Wed, 4 Dec 2024 16:37:48 -0600
Subject: [PATCH 1/2] Adds two missing parameters for SignTool

\csp - Cryptographic Service Provider
\kc - Private Key Container Name
---
 .../Tools/SignTool/SignToolSignRunner.cs           | 14 ++++++++++++++
 .../Tools/SignTool/SignToolSignSettings.cs         | 10 ++++++++++
 2 files changed, 24 insertions(+)

diff --git a/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs b/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs
index e38ea4977d..624c49c116 100644
--- a/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs
+++ b/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs
@@ -241,6 +241,20 @@ private ProcessArgumentBuilder GetArguments(FilePath[] absoluteAssemblyPaths, Si
                 builder.Append("/sm");
             }
 
+            // Cryptographic Service Provider
+            if (!string.IsNullOrEmpty(settings.CspName))
+            {
+                builder.Append("/csp");
+                builder.AppendQuoted(settings.CspName);
+            }
+
+            // Private Key Container Name
+            if (!string.IsNullOrEmpty(settings.PrivateKeyContainerName))
+            {
+                builder.Append("/kc");
+                builder.AppendQuoted(settings.PrivateKeyContainerName);
+            }
+
             // open a specific certificate store
             if (!string.IsNullOrWhiteSpace(settings.StoreName))
             {
diff --git a/src/Cake.Common/Tools/SignTool/SignToolSignSettings.cs b/src/Cake.Common/Tools/SignTool/SignToolSignSettings.cs
index 36ab95680d..73c964df70 100644
--- a/src/Cake.Common/Tools/SignTool/SignToolSignSettings.cs
+++ b/src/Cake.Common/Tools/SignTool/SignToolSignSettings.cs
@@ -77,5 +77,15 @@ public sealed class SignToolSignSettings : ToolSettings
         /// Gets or sets the store to open when searching for the certificate.
         /// </summary>
         public string StoreName { get; set; }
+
+        /// <summary>
+        /// Gets or sets the cryptographic service provider (CSP) that contains the private key container.
+        /// </summary>
+        public string CspName { get; set; }
+
+        /// <summary>
+        /// Gets or sets the private key container name.
+        /// </summary>
+        public string PrivateKeyContainerName { get; set; }
     }
 }
\ No newline at end of file

From 2d3cbdbfedd029bcfc657aaa87d0758a420a3096 Mon Sep 17 00:00:00 2001
From: Todd Stewart <tstewart65@gmail.com>
Date: Thu, 5 Dec 2024 19:36:44 -0600
Subject: [PATCH 2/2] Added the requested tests.

Moved the new parameters to be just before the target assemblies.
---
 .../Tools/SignTool/SignToolSignRunnerTests.cs | 28 +++++++++++++++++++
 .../Tools/SignTool/SignToolSignRunner.cs      | 14 +++++-----
 2 files changed, 35 insertions(+), 7 deletions(-)

diff --git a/src/Cake.Common.Tests/Unit/Tools/SignTool/SignToolSignRunnerTests.cs b/src/Cake.Common.Tests/Unit/Tools/SignTool/SignToolSignRunnerTests.cs
index 1e9c2a049b..e9e2035768 100644
--- a/src/Cake.Common.Tests/Unit/Tools/SignTool/SignToolSignRunnerTests.cs
+++ b/src/Cake.Common.Tests/Unit/Tools/SignTool/SignToolSignRunnerTests.cs
@@ -480,6 +480,34 @@ public void Should_Call_Sign_Tool_With_Correct_Parameters_With_Use_Machine_Store
                 // Then
                 Assert.Equal("SIGN /f \"/Working/cert.pfx\" /p secret /sm /s \"Special Test Store\" \"/Working/a.dll\"", result.Args);
             }
+
+            [Fact]
+            public void Should_Call_Sign_Tool_With_Correct_Parameters_With_Cryptographic_Service_Provider()
+            {
+                // Given
+                var fixture = new SignToolSignRunnerFixture();
+                fixture.Settings.CspName = "Test Service Provider";
+
+                // When
+                var result = fixture.Run();
+
+                // Then
+                Assert.Equal("SIGN /f \"/Working/cert.pfx\" /p secret /csp \"Test Service Provider\" \"/Working/a.dll\"", result.Args);
+            }
+
+            [Fact]
+            public void Should_Call_Sign_Tool_With_Correct_Parameters_With_Private_Key_Container_Name()
+            {
+                // Given
+                var fixture = new SignToolSignRunnerFixture();
+                fixture.Settings.PrivateKeyContainerName = "[{{password}}]=TestContainerName";
+
+                // When
+                var result = fixture.Run();
+
+                // Then
+                Assert.Equal("SIGN /f \"/Working/cert.pfx\" /p secret /kc \"[{{password}}]=TestContainerName\" \"/Working/a.dll\"", result.Args);
+            }
         }
     }
 }
\ No newline at end of file
diff --git a/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs b/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs
index 624c49c116..d712951ae5 100644
--- a/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs
+++ b/src/Cake.Common/Tools/SignTool/SignToolSignRunner.cs
@@ -241,6 +241,13 @@ private ProcessArgumentBuilder GetArguments(FilePath[] absoluteAssemblyPaths, Si
                 builder.Append("/sm");
             }
 
+            // open a specific certificate store
+            if (!string.IsNullOrWhiteSpace(settings.StoreName))
+            {
+                builder.Append("/s");
+                builder.AppendQuoted(settings.StoreName);
+            }
+
             // Cryptographic Service Provider
             if (!string.IsNullOrEmpty(settings.CspName))
             {
@@ -255,13 +262,6 @@ private ProcessArgumentBuilder GetArguments(FilePath[] absoluteAssemblyPaths, Si
                 builder.AppendQuoted(settings.PrivateKeyContainerName);
             }
 
-            // open a specific certificate store
-            if (!string.IsNullOrWhiteSpace(settings.StoreName))
-            {
-                builder.Append("/s");
-                builder.AppendQuoted(settings.StoreName);
-            }
-
             // Target Assemblies to sign.
             foreach (var path in absoluteAssemblyPaths)
             {