Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-03-29 17:38:02 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add signtool function (Windows Only) to release-tool script

Browse Source
This commit is contained in:
Jonathan White 2017-10-05 18:04:41 -04:00 committed by Jonathan White
parent feb6baad05
commit 85f652290b
1 changed files with 35 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
release-tool
View File

@ -119,9 +119,11 @@ EOF
Sign previously compiled release packages Sign previously compiled release packages
Options: Options:
-f, --files Files to sign (required) -f, --files Files to sign (required)
-g, --gpg-key GPG key used to sign the files (default: '${GPG_KEY}') -g, --gpg-key GPG key used to sign the files (default: '${GPG_KEY}')
-h, --help Show this help --signtool Specify the signtool executable (default: 'signtool')
--signtool-key Provide a key to be used with signtool (for Windows EXE)
-h, --help Show this help
EOF EOF
fi fi
} }
@ -546,10 +548,10 @@ build() {
checkWorkingTreeClean checkWorkingTreeClean
OUTPUT_DIR="$(realpath "$OUTPUT_DIR")" OUTPUT_DIR="$(realpath "$OUTPUT_DIR")"
logInfo "Checking out release tag '${TAG_NAME}'..." logInfo "Checking out release tag '${TAG_NAME}'..."
git checkout "$TAG_NAME" git checkout "$TAG_NAME"
logInfo "Creating output directory..." logInfo "Creating output directory..."
mkdir -p "$OUTPUT_DIR" mkdir -p "$OUTPUT_DIR"
@ -663,6 +665,8 @@ build() {
# ----------------------------------------------------------------------- # -----------------------------------------------------------------------
sign() { sign() {
SIGN_FILES=() SIGN_FILES=()
SIGNTOOL="signtool"
SIGNTOOL_KEY=""
while [ $# -ge 1 ]; do while [ $# -ge 1 ]; do
local arg="$1" local arg="$1"
@ -676,6 +680,14 @@ sign() {
-g|--gpg-key) -g|--gpg-key)
GPG_KEY="$2" GPG_KEY="$2"
shift ;; shift ;;
--signtool)
SIGNTOOL="$2"
shift ;;
--signtool-key)
SIGNTOOL_KEY="$2"
shift ;;
-h|--help) -h|--help)
printUsage "sign" printUsage "sign"
@ -694,13 +706,30 @@ sign() {
printUsage "sign" printUsage "sign"
exit 1 exit 1
fi fi
if [[ -n "$SIGNTOOL_KEY" && ! -f "$SIGNTOOL_KEY" ]]; then
exitError "Signtool Key was not found!"
elif [[ -f "$SIGNTOOL_KEY" && ! -x $(command -v "${SIGNTOOL}") ]]; then
exitError "signtool program not found on PATH!"
fi
for f in "${SIGN_FILES[@]}"; do for f in "${SIGN_FILES[@]}"; do
if [ ! -f "$f" ]; then if [ ! -f "$f" ]; then
exitError "File '${f}' does not exist!" exitError "File '${f}' does not exist!"
fi fi
if [[ -n "$SIGNTOOL_KEY" && ${f: -4} == '.exe' ]]; then
logInfo "Signing file '${f}' using signtool...\n"
read -s -p "Signtool Key Password: " password
echo
"${SIGNTOOL}" sign -f "${SIGNTOOL_KEY}" -p ${password} -v -t http://timestamp.comodoca.com/authenticode ${f}
if [ 0 -ne $? ]; then
exitError "Signing failed!"
fi
fi
logInfo "Signing file '${f}'..." logInfo "Signing file '${f}' using release key..."
gpg --output "${f}.sig" --armor --local-user "$GPG_KEY" --detach-sig "$f" gpg --output "${f}.sig" --armor --local-user "$GPG_KEY" --detach-sig "$f"
if [ 0 -ne $? ]; then if [ 0 -ne $? ]; then