Sign binaries script

2019-02-04 14:38:36 -08:00
parent 189e12c0fb
commit 0825a884ab
2 changed files with 33 additions and 0 deletions
--- a/res/SIGNATURES_README
+++ b/res/SIGNATURES_README
@@ -0,0 +1,8 @@
+This directory contains the hashes and signatures for zec-qt-wallet
+
+Verify the hashes by running
+sha256sum -c sha256sum-vX.Y.Z.txt
+
+Verify signatures by runnnig
+gpg --verify <filename.sig> <filename>
+
--- a/src/scripts/signbinaries.sh
+++ b/src/scripts/signbinaries.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+if [ -z $APP_VERSION ]; then echo "APP_VERSION is not set"; exit 1; fi
+
+# Store the hash and signatures here
+rm -rf release/signatures
+mkdir -p release/signatures 
+
+cd artifacts
+echo "[Signing Binaries]"
+
+# sha256sum the binaries
+gsha256sum *$APP_VERSION* > ../release/signatures/sha256sum-v$APP_VERSION.txt
+
+for i in $( ls *zec-qt-wallet-v$APP_VERSION*); do
+  echo "Signing" $i
+  gpg --batch --output ../release/signatures/$i.sig --detach-sig $i 
+done
+
+cp ../res/SIGNATURES_README ../release/signatures/README
+
+cd ../release/signatures
+tar -czf signatures-v$APP_VERSION.tar.gz *
+cp signatures-v$APP_VERSION.tar.gz ../../artifacts
+