diff options
| author | Dominik Schmidt <dev@dominik-schmidt.de> | 2020-11-19 12:16:00 +0300 |
|---|---|---|
| committer | Dominik Schmidt <dev@dominik-schmidt.de> | 2020-11-19 12:22:43 +0300 |
| commit | c26803b6590a79579b6f43f0d57ee7e6d052bba9 (patch) | |
| tree | 32b1636dbe023cc7a5143a36155c4c0450a4f8ab /admin | |
| parent | 8b8a741ca658cc1c09d6ff02d3a6b5e52e293557 (diff) | |
Add sign_verify.sh
Diffstat (limited to 'admin')
| -rwxr-xr-x | admin/osx/sparkle/sign_verify.sh | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/admin/osx/sparkle/sign_verify.sh b/admin/osx/sparkle/sign_verify.sh new file mode 100755 index 000000000..56fb870a1 --- /dev/null +++ b/admin/osx/sparkle/sign_verify.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +# Inspired by https://github.com/sparkle-project/Sparkle/issues/896#issuecomment-339904848 + +if [ "${#}" -ne 3 ]; then + echo "$(basename ${0}):" + echo + echo " This script can be used to verify the .tbz.sig file in releases during manual testing" + echo " It does the same verification as Sparkle but is itself *not* used by Sparkle." + echo + echo " Usage: ${0} public_key_path update_archive_path base64_signature_content" + echo + exit 1 +fi + +set -euxo pipefail + +# Make sure we are using system openssl and not one from brew +openssl() { + /usr/bin/openssl "${@}" +} + +openssl dgst -sha1 -binary < "${2}" | openssl dgst -sha1 -verify "${1}" -signature <(echo "${3}" | openssl enc -base64 -d) |