diff options
| author | Werner Koch <wk@gnupg.org> | 2018-10-25 18:26:34 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2018-10-25 18:26:34 +0200 |
| commit | 11e9b704b5054708b0b307013fde053701c39df4 (patch) | |
| tree | ef37c9bbddb72e848e3cd06a678af1ea068830e5 | |
| parent | dirmngr: Fix out of scope use of a var in the keyserver LDAP code. (diff) | |
| download | gnupg2-11e9b704b5054708b0b307013fde053701c39df4.tar.xz gnupg2-11e9b704b5054708b0b307013fde053701c39df4.zip | |
speedo: Sign the windows installer with a timestamp.
--
| -rw-r--r-- | build-aux/speedo.mk | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk index d9b4a7515..1a96e3b57 100644 --- a/build-aux/speedo.mk +++ b/build-aux/speedo.mk @@ -157,8 +157,9 @@ INST_NAME=gnupg-w32 # Use this to override the installaion directory for native builds. INSTALL_PREFIX=none -# The Authenticode key used to sign the Windows installer +# The Authenticode key and cert chain used to sign the Windows installer AUTHENTICODE_KEY=${HOME}/.gnupg/g10code-authenticode-key.p12 +AUTHENTICODE_CERTS=${HOME}/.gnupg/g10code-authenticode-certs.pem # Directory names. @@ -1266,8 +1267,11 @@ sign-installer: echo "speedo: * Signing installer" ;\ echo "speedo: * Key: $(AUTHENTICODE_KEY)";\ echo "speedo: */" ;\ - osslsigncode sign -pkcs12 $(AUTHENTICODE_KEY) -askpass \ - -h sha256 -in "PLAY/inst/$$exefile" -out "../../$$exefile" ;\ + osslsigncode sign -certs $(AUTHENTICODE_CERTS)\ + -pkcs12 $(AUTHENTICODE_KEY) -askpass \ + -ts "http://timestamp.globalsign.com/scripts/timstamp.dll" \ + -h sha256 -n GnuPG -i https://gnupg.org \ + -in "PLAY/inst/$$exefile" -out "../../$$exefile" ;\ exefile="../../$$exefile" ;\ $(call MKSWDB_commands,$${exefile},$${reldate}); \ echo "speedo: /*" ;\ |