Revert using issigverify on Compil32.exe.

build-ce.bat

@@ -69,15 +69,13 @@ echo Found all, waiting 2 seconds more...
 timeout /t 2 /nobreak >nul
 echo Compiling Inno Setup done
 
-set signfiles=files\compil32.exe files\iscmplr.dll files\ispp.dll
-
 if exist .\setup-presign.bat (
   echo - Presigning
-  call .\setup-presign.bat %signfiles%
+  call .\setup-presign.bat Files\ISCmplr.dll Files\ISPP.dll
   echo Presign done
 )
 
-call .\issig.bat sign %signfiles%
+call .\issig.bat sign
 if errorlevel 1 goto failed
 echo ISSigTool sign done
 pause

build.bat

@@ -63,15 +63,13 @@ call .\compile.bat
 if errorlevel 1 goto failed
 echo Compiling Inno Setup done
 
-set signfiles=files\compil32.exe files\iscmplr.dll files\ispp.dll
-
 if exist .\setup-presign.bat (
   echo - Presigning
-  call .\setup-presign.bat %signfiles%
+  call .\setup-presign.bat Files\ISCmplr.dll Files\ISPP.dll
   echo Presign done
 ) 
 
-call .\issig.bat sign %signfiles%
+call .\issig.bat sign
 if errorlevel 1 goto failed
 echo ISSigTool sign done
 pause

issig.bat

@@ -8,7 +8,7 @@ rem
 rem  Batch file to embed the public key in TrustFunc.AllowedPublicKeys.inc (before compilation) or to create ISCmplr.dll.issig and ISPP.dll.issig (after compilation)
 rem  Also generates a new private key if needed
 
-setlocal enabledelayedexpansion
+setlocal
 
 cd /d %~dp0
 
@@ -27,6 +27,9 @@ if "%ISSIGTOOL_KEY_FILE%"=="" goto compilesettingserror
 
 rem -------------------------------------------------------------------------
 
+cd Files
+if errorlevel 1 goto failed
+
 if not exist "%ISSIGTOOL_KEY_FILE%" (
   echo Missing key file
   ISSigTool.exe generate-private-key
@@ -40,34 +43,30 @@ if "%1"=="sign" goto sign
 if not "%1"=="" goto failed
 
 :embed
-set publickeyfile=Files\_temp.ispublickey
-Files\ISSigTool.exe export-public-key "%publickeyfile%"
+set publickeyfile=_temp.ispublickey
+ISSigTool.exe export-public-key "%publickeyfile%"
 if errorlevel 1 goto failed
 if not exist "%publickeyfile%" goto failed
-set targetfile=Components\TrustFunc.AllowedPublicKeys.inc
+set targetfile=..\Components\TrustFunc.AllowedPublicKeys.inc
 if not exist "%targetfile%" goto failed
 powershell.exe -NoProfile -Command "$filePath = '%targetfile%'; $replacementFilePath = '%publickeyfile%'; $startMarker = 'AllowedPublicKey2Text :='; $endMarker = ';'; try { $content = Get-Content -Raw -Path $filePath; $replacementText = Get-Content -Raw -Path $replacementFilePath; $replacementText = $replacementText -replace \"`r`n\", \"' + #13#10 +`r`n'\"; $replacementText = \"'\" + $replacementText + \"'\"; $replacementText = $replacementText -replace \" \+`r`n''\", \"\"; [string] $pattern = '(?s)' + [regex]::Escape($startMarker) + '.*?' + [regex]::Escape($endMarker); if ($content -match $pattern) { $replacement = $startMarker + \"`r`n\" + $replacementText  + $endMarker; $newContent = $content -replace $pattern, $replacement; $utf8NoBomEncoding = New-Object System.Text.UTF8Encoding($false); [System.IO.File]::WriteAllText($filePath, $newContent, $utf8NoBomEncoding); Write-Host \"Embedded public key in $filePath.\"; } else { Write-Host \"Pattern not found in $filePath.\"; exit 1; } } catch { Write-Error (\"Error: $_.Exception.Message\"); exit 1; }"
 if errorlevel 1 goto failed
-set targetfile=setup.allowedpublickeys.iss
+set targetfile=..\setup.allowedpublickeys.iss
 if not exist "%targetfile%" goto failed
 powershell.exe -NoProfile -Command "$filePath = '%targetfile%'; $replacementFilePath = '%publickeyfile%'; $startMarker = 'Name: mykey2; '; try { $content = Get-Content -Raw -Path $filePath; $replacementText = Get-Content -Raw -Path $replacementFilePath; $replacementText = $replacementText -replace \"`r`n\", \"; \"; $replacementText = $replacementText.Substring(0, $replacementText.Length - 2); $replacementText = $replacementText -replace 'format issig-public-key; key-id', 'KeyID:'; $replacementText = $replacementText -replace 'public-x', 'PublicX:'; $replacementText = $replacementText -replace 'public-y', 'PublicY:'; [string] $pattern = [regex]::Escape($startMarker) + '.*?$'; if ($content -match $pattern) { $replacement = $startMarker + $replacementText; $newContent = $content -replace $pattern, $replacement; $utf8NoBomEncoding = New-Object System.Text.UTF8Encoding($false); [System.IO.File]::WriteAllText($filePath, $newContent, $utf8NoBomEncoding); Write-Host \"Embedded public key in $filePath.\"; } else { Write-Host \"Pattern not found in $filePath.\"; exit 1; } } catch { Write-Error (\"Error: $_.Exception.Message\"); exit 1; }"
 if errorlevel 1 goto failed
 del "%publickeyfile%"
 if errorlevel 1 goto failed
+cd ..
+if errorlevel 1 goto failed
 
 echo Success!
 goto exit
 
 :sign
-set signfiles=
-shift  
-:signfilesloop  
-if "%1"=="" goto signfilesdone  
-set "signfiles=!signfiles! %1"  
-shift  
-goto signfilesloop
-:signfilesdone
-Files\ISSigTool.exe sign %signfiles%
+ISSigTool.exe sign ISCmplr.dll ISPP.dll
+if errorlevel 1 goto failed
+cd ..
 if errorlevel 1 goto failed
 
 echo Success!

setup.iss

@@ -118,7 +118,7 @@ Type: files; Name: "{app}\ISCrypt.dll"
 Source: "license.txt"; DestDir: "{app}"; Flags: ignoreversion touch
 Source: "files\ISetup.chm"; DestDir: "{app}"; Flags: ignoreversion touch
 Source: "files\ISetup-dark.chm"; DestDir: "{app}"; Flags: ignoreversion touch
-Source: "files\Compil32.exe"; DestDir: "{app}"; Flags: ignoreversion issigverify signcheck touch
+Source: "files\Compil32.exe"; DestDir: "{app}"; Flags: ignoreversion signonce touch
 Source: "files\isscint.dll"; DestDir: "{app}"; Flags: ignoreversion issigverify signcheck touch
 Source: "files\isscint.dll.issig"; DestDir: "{app}"; Flags: ignoreversion touch
 #ifndef isccexe