Write used key id to manifest.

Components/ISSigFunc.pas

@@ -28,7 +28,10 @@ function ISSigCreateSignatureText(const AKey: TECDSAKey;
   const AFileSize: Int64; const AFileHash: TSHA256Digest): String;
 function ISSigVerifySignatureText(const AAllowedKeys: array of TECDSAKey;
   const AText: String; out AFileSize: Int64;
-  out AFileHash: TSHA256Digest): TISSigVerifySignatureResult;
+  out AFileHash: TSHA256Digest): TISSigVerifySignatureResult; overload;
+function ISSigVerifySignatureText(const AAllowedKeys: array of TECDSAKey;
+  const AText: String; out AFileSize: Int64;
+  out AFileHash: TSHA256Digest; out AKeyUsedID: String): TISSigVerifySignatureResult; overload;
 
 procedure ISSigExportPrivateKeyText(const AKey: TECDSAKey;
   var APrivateKeyText: String);
@@ -168,7 +171,7 @@ end;
 
 function ISSigVerifySignatureText(const AAllowedKeys: array of TECDSAKey;
   const AText: String; out AFileSize: Int64;
-  out AFileHash: TSHA256Digest): TISSigVerifySignatureResult;
+  out AFileHash: TSHA256Digest; out AKeyUsedID: String): TISSigVerifySignatureResult;
 var
   TextValues: record
     Format, FileSize, FileHash, KeyID, Sig_r, Sig_s: String;
@@ -221,11 +224,20 @@ begin
   if KeyUsed.VerifySignature(HashToSign, Sig) then begin
     AFileSize := UnverifiedFileSize;
     AFileHash := UnverifiedFileHash;
+    AKeyUsedID := TextValues.KeyID;
     Result := vsrSuccess;
   end else
     Result := vsrBadSignature;
 end;
 
+function ISSigVerifySignatureText(const AAllowedKeys: array of TECDSAKey;
+  const AText: String; out AFileSize: Int64;
+  out AFileHash: TSHA256Digest): TISSigVerifySignatureResult;
+begin
+  var KeyUsedID: String;
+  Result := ISSigVerifySignatureText(AAllowedKeys, AText, AFileSize, AFileHash, KeyUsedID);
+end;
+
 procedure ISSigExportPrivateKeyText(const AKey: TECDSAKey;
   var APrivateKeyText: String);
 begin

Projects/Src/Compiler.SetupCompiler.pas

@@ -316,6 +316,7 @@ type
     Flags: set of (floVersionInfoNotValid, floIsUninstExe, floApplyTouchDateTime,
       floSolidBreak, floISSigVerify);
     Sign: TFileLocationSign;
+    ISSigKeyID: String;
   end;
 
 var
@@ -7012,7 +7013,7 @@ var
             const SigText = ISSigLoadTextFromFile(SigFilename);
             var ExpectedFileSize: Int64;
             const VerifyResult = ISSigVerifySignatureText(ISSigKeys, SigText,
-              ExpectedFileSize, ExpectedFileHash);
+              ExpectedFileSize, ExpectedFileHash, FLExtraInfo.ISSigKeyID);
             if VerifyResult <> vsrSuccess then begin
               var VerifyResultAsString: String;
               case VerifyResult of
@@ -7347,6 +7348,7 @@ var
   var
     F: TTextFileWriter;
     FL: PSetupFileLocationEntry;
+    FLExtraInfo: PFileLocationEntryExtraInfo;
     S: String;
     I: Integer;
   begin
@@ -7356,11 +7358,13 @@ var
       S := 'Index' + #9 + 'SourceFilename' + #9 + 'TimeStamp' + #9 +
         'Version' + #9 + 'SHA256Sum' + #9 + 'OriginalSize' + #9 +
         'FirstSlice' + #9 + 'LastSlice' + #9 + 'StartOffset' + #9 +
-        'ChunkSuboffset' + #9 + 'ChunkCompressedSize' + #9 + 'Encrypted';
+        'ChunkSuboffset' + #9 + 'ChunkCompressedSize' + #9 + 'Encrypted' + #9 +
+        'ISSigKeyID';
       F.WriteLine(S);
 
       for I := 0 to FileLocationEntries.Count-1 do begin
         FL := FileLocationEntries[I];
+        FLExtraInfo := FileLocationEntryExtraInfos[I];
         S := IntToStr(I) + #9 + FileLocationEntryFilenames[I] + #9 +
           FileTimeToString(FL.SourceTimeStamp, floTimeStampInUTC in FL.Flags) + #9;
         if floVersionInfoValid in FL.Flags then
@@ -7374,7 +7378,8 @@ var
           IntToStr(FL.StartOffset) + #9 +
           Integer64ToStr(FL.ChunkSuboffset) + #9 +
           Integer64ToStr(FL.ChunkCompressedSize) + #9 +
-          EncryptedStrings[floChunkEncrypted in FL.Flags];
+          EncryptedStrings[floChunkEncrypted in FL.Flags] + #9 +
+          FLExtraInfo.ISSigKeyID;
         F.WriteLine(S);
       end;
     finally