build: add a deterministic dmg signer
This commit is contained in:
Cory Fields
53
contrib/macdeploy/detached-sig-apply.sh
Executable file
53
contrib/macdeploy/detached-sig-apply.sh
Executable file
@@ -0,0 +1,53 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
UNSIGNED=$1
|
||||
SIGNATURE=$2
|
||||
ARCH=x86_64
|
||||
ROOTDIR=dist
|
||||
BUNDLE=${ROOTDIR}/Bitcoin-Qt.app
|
||||
TEMPDIR=signed.temp
|
||||
OUTDIR=signed-app
|
||||
|
||||
if [ -z "$UNSIGNED" ]; then
|
||||
echo "usage: $0 <unsigned app> <signature>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "$SIGNATURE" ]; then
|
||||
echo "usage: $0 <unsigned app> <signature>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm -rf ${TEMPDIR} && mkdir -p ${TEMPDIR}
|
||||
tar -C ${TEMPDIR} -xf ${UNSIGNED}
|
||||
tar -C ${TEMPDIR} -xf ${SIGNATURE}
|
||||
|
||||
if [ -z "${PAGESTUFF}" ]; then
|
||||
PAGESTUFF=${TEMPDIR}/pagestuff
|
||||
fi
|
||||
|
||||
if [ -z "${CODESIGN_ALLOCATE}" ]; then
|
||||
CODESIGN_ALLOCATE=${TEMPDIR}/codesign_allocate
|
||||
fi
|
||||
|
||||
for i in `find ${TEMPDIR} -name "*.sign"`; do
|
||||
SIZE=`stat -c %s ${i}`
|
||||
TARGET_FILE=`echo ${i} | sed 's/\.sign$//'`
|
||||
|
||||
echo "Allocating space for the signature of size ${SIZE} in ${TARGET_FILE}"
|
||||
${CODESIGN_ALLOCATE} -i ${TARGET_FILE} -a ${ARCH} ${SIZE} -o ${i}.tmp
|
||||
|
||||
OFFSET=`${PAGESTUFF} ${i}.tmp -p | tail -2 | grep offset | sed 's/[^0-9]*//g'`
|
||||
if [ -z ${QUIET} ]; then
|
||||
echo "Attaching signature at offset ${OFFSET}"
|
||||
fi
|
||||
|
||||
dd if=$i of=${i}.tmp bs=1 seek=${OFFSET} count=${SIZE} 2>/dev/null
|
||||
mv ${i}.tmp ${TARGET_FILE}
|
||||
rm ${i}
|
||||
echo "Success."
|
||||
done
|
||||
mv ${TEMPDIR}/${ROOTDIR} ${OUTDIR}
|
||||
rm -rf ${TEMPDIR}
|
||||
echo "Signed: ${OUTDIR}"
|
||||
46
contrib/macdeploy/detached-sig-create.sh
Executable file
46
contrib/macdeploy/detached-sig-create.sh
Executable file
@@ -0,0 +1,46 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
ROOTDIR=dist
|
||||
BUNDLE=${ROOTDIR}/Bitcoin-Qt.app
|
||||
CODESIGN=codesign
|
||||
TEMPDIR=sign.temp
|
||||
TEMPLIST=${TEMPDIR}/signatures.txt
|
||||
OUT=signature.tar.gz
|
||||
|
||||
if [ ! -n "$1" ]; then
|
||||
echo "usage: $0 <codesign args>"
|
||||
echo "example: $0 -s MyIdentity"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm -rf ${TEMPDIR} ${TEMPLIST}
|
||||
mkdir -p ${TEMPDIR}
|
||||
|
||||
${CODESIGN} -f --file-list ${TEMPLIST} "$@" "${BUNDLE}"
|
||||
|
||||
for i in `grep -v CodeResources ${TEMPLIST}`; do
|
||||
TARGETFILE="${BUNDLE}/`echo ${i} | sed "s|.*${BUNDLE}/||"`"
|
||||
SIZE=`pagestuff $i -p | tail -2 | grep size | sed 's/[^0-9]*//g'`
|
||||
OFFSET=`pagestuff $i -p | tail -2 | grep offset | sed 's/[^0-9]*//g'`
|
||||
SIGNFILE="${TEMPDIR}/${TARGETFILE}.sign"
|
||||
DIRNAME="`dirname ${SIGNFILE}`"
|
||||
mkdir -p "${DIRNAME}"
|
||||
echo "Adding detached signature for: ${TARGETFILE}. Size: ${SIZE}. Offset: ${OFFSET}"
|
||||
dd if=$i of=${SIGNFILE} bs=1 skip=${OFFSET} count=${SIZE} 2>/dev/null
|
||||
done
|
||||
|
||||
for i in `grep CodeResources ${TEMPLIST}`; do
|
||||
TARGETFILE="${BUNDLE}/`echo ${i} | sed "s|.*${BUNDLE}/||"`"
|
||||
RESOURCE="${TEMPDIR}/${TARGETFILE}"
|
||||
DIRNAME="`dirname "${RESOURCE}"`"
|
||||
mkdir -p "${DIRNAME}"
|
||||
echo "Adding resource for: "${TARGETFILE}""
|
||||
cp "${i}" "${RESOURCE}"
|
||||
done
|
||||
|
||||
rm ${TEMPLIST}
|
||||
|
||||
tar -C ${TEMPDIR} -czf ${OUT} .
|
||||
rm -rf ${TEMPDIR}
|
||||
echo "Created ${OUT}"
|
||||
Reference in New Issue
Block a user