From a5cea35069c9baa0203cad5a8e81b5b9d7d827e6 Mon Sep 17 00:00:00 2001
From: MrSphay <lefiwilkens@gmail.com>
Date: Sat, 16 May 2026 03:20:41 +0200
Subject: [PATCH] Add Linux signing helper payload

---
 scripts/Sign-MrTrustProjectLinux.sh | 71 +++++++++++++++++++++++++++++
 src/MrTrustLauncher.cs              |  2 -
 2 files changed, 71 insertions(+), 2 deletions(-)
 create mode 100644 scripts/Sign-MrTrustProjectLinux.sh

diff --git a/scripts/Sign-MrTrustProjectLinux.sh b/scripts/Sign-MrTrustProjectLinux.sh
new file mode 100644
index 0000000..b19510e
--- /dev/null
+++ b/scripts/Sign-MrTrustProjectLinux.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+if [ "$#" -lt 1 ]; then
+  echo "Usage: Sign-MrTrustProjectLinux.sh <artifact> [artifact...]" >&2
+  exit 2
+fi
+
+if [ -z "${MRTRUST_CODESIGN_PFX_BASE64:-}" ]; then
+  echo "MRTRUST_CODESIGN_PFX_BASE64 is required." >&2
+  exit 2
+fi
+
+if [ -z "${MRTRUST_CODESIGN_PFX_PASSWORD:-}" ]; then
+  echo "MRTRUST_CODESIGN_PFX_PASSWORD is required." >&2
+  exit 2
+fi
+
+if ! command -v osslsigncode >/dev/null 2>&1; then
+  if command -v apt-get >/dev/null 2>&1; then
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get install -y osslsigncode
+  else
+    echo "osslsigncode is not installed and apt-get is unavailable." >&2
+    exit 2
+  fi
+fi
+
+work_dir="$(mktemp -d)"
+trap 'rm -rf "$work_dir"' EXIT
+
+pfx_path="$work_dir/mrtrust-codesign.pfx"
+printf '%s' "$MRTRUST_CODESIGN_PFX_BASE64" | base64 -d > "$pfx_path"
+
+timestamp_url="${MRTRUST_TIMESTAMP_URL:-http://timestamp.digicert.com}"
+
+for artifact in "$@"; do
+  if [ ! -f "$artifact" ]; then
+    echo "Artifact not found: $artifact" >&2
+    exit 2
+  fi
+
+  case "${artifact##*.}" in
+    exe|EXE|msi|MSI|dll|DLL|cat|CAT)
+      ;;
+    *)
+      echo "Unsupported artifact for osslsigncode: $artifact" >&2
+      exit 2
+      ;;
+  esac
+
+  signed_path="$work_dir/$(basename "$artifact").signed"
+  args=(
+    sign
+    -pkcs12 "$pfx_path"
+    -pass "$MRTRUST_CODESIGN_PFX_PASSWORD"
+    -n "MrSphay"
+    -i "https://git.wilkensxl.de/MrSphay"
+    -in "$artifact"
+    -out "$signed_path"
+  )
+
+  if [ -n "$timestamp_url" ]; then
+    args+=( -t "$timestamp_url" )
+  fi
+
+  osslsigncode "${args[@]}"
+  mv "$signed_path" "$artifact"
+  echo "Signed $artifact"
+done
diff --git a/src/MrTrustLauncher.cs b/src/MrTrustLauncher.cs
index 5be5dcd..f5462b2 100644
--- a/src/MrTrustLauncher.cs
+++ b/src/MrTrustLauncher.cs
@@ -6,8 +6,6 @@ using System.Reflection;
 using System.Text;
 using System.Windows.Forms;
 
-#pragma warning disable CS8600, CS8602
-
 namespace MrTrust
 {
     internal static class MrTrustLauncher