neobytes/contrib/gitian-descriptors/gitian-win-signer.yml
Cory Fields d08cfc2bd7 gitian: add a gitian-win-signer descriptor
This is exactly like the current OSX signing process.

osslsigncode has been patched to detach and re-attach Windows signatures.
The changes can be seen here: https://github.com/theuni/osslsigncode/commits/attach-signature

There's a pull-request open upstream for the changes:
https://sourceforge.net/p/osslsigncode/osslsigncode/merge-requests/3/

This work has been back-ported to the stable 1.7.1 release of osslsigncode, so
that a smaller patch can be reviewed.
2015-06-18 18:17:36 -04:00

35 lines
1.2 KiB
YAML

---
name: "bitcoin-win-signer"
suites:
- "precise"
architectures:
- "amd64"
packages:
- "libssl-dev"
- "autoconf"
reference_datetime: "2015-06-01 00:00:00"
remotes:
- "url": "https://github.com/bitcoin/bitcoin-detached-sigs.git"
"dir": "signature"
files:
- "osslsigncode-1.7.1.tar.gz"
- "osslsigncode-Backports-to-1.7.1.patch"
- "bitcoin-win32-setup.exe"
- "bitcoin-win64-setup.exe"
script: |
BUILD_DIR=`pwd`
SIGDIR=${BUILD_DIR}/signature/win
echo "f9a8cdb38b9c309326764ebc937cba1523a3a751a7ab05df3ecc99d18ae466c9 osslsigncode-1.7.1.tar.gz" | sha256sum -c
echo "a8c4e9cafba922f89de0df1f2152e7be286aba73f78505169bc351a7938dd911 osslsigncode-Backports-to-1.7.1.patch" | sha256sum -c
tar xf osslsigncode-1.7.1.tar.gz
cd osslsigncode-1.7.1
patch -p1 < ${BUILD_DIR}/osslsigncode-Backports-to-1.7.1.patch
./configure --without-gsf --without-curl --disable-dependency-tracking
make
./osslsigncode attach-signature -in ${BUILD_DIR}/bitcoin-win32-setup.exe -out ${OUTDIR}/bitcoin-win32-setup-signed.exe -sigin ${SIGDIR}/bitcoin-win32-setup.exe.pem
./osslsigncode attach-signature -in ${BUILD_DIR}/bitcoin-win64-setup.exe -out ${OUTDIR}/bitcoin-win64-setup-signed.exe -sigin ${SIGDIR}/bitcoin-win64-setup.exe.pem