Skip to content
Snippets Groups Projects
Commit 9ffbf4ae authored by Kateryna Kostiuk's avatar Kateryna Kostiuk
Browse files

macOS: update signature for Sparkle 

This patch sets up app updates to use EdDSA signature as now
it is required by Sparkle

Change-Id: I68a581e21850f04a819f4fe7ea49a33766031e01
parent 32136470
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
CMakeLists.txt
+ 2
7
View file @ 9ffbf4ae
...@@ -449,12 +449,6 @@ else() # APPLE ...@@ -449,12 +449,6 @@ else() # APPLE
HINTS ${sparkle_dir}) HINTS ${sparkle_dir})
add_definitions(-DENABLE_SPARKLE) add_definitions(-DENABLE_SPARKLE)
message("Sparkle is here:" ${SPARKLE_FRAMEWORK}) message("Sparkle is here:" ${SPARKLE_FRAMEWORK})
set(PUBLIC_KEY_PATH "${sparkle_dir}/dsa_pub.pem")
set_source_files_properties(
${PUBLIC_KEY_PATH}
PROPERTIES
MACOSX_PACKAGE_LOCATION Resources)
set(PUBLIC_KEY ${PUBLIC_KEY_PATH})
endif() endif()
if(BETA) if(BETA)
message(STATUS "Beta config enabled") message(STATUS "Beta config enabled")
...@@ -722,7 +716,7 @@ else() ...@@ -722,7 +716,7 @@ else()
${CMAKE_CURRENT_SOURCE_DIR}/resources/images/jami.icns) ${CMAKE_CURRENT_SOURCE_DIR}/resources/images/jami.icns)
set(libs ${QT_LIBS} ${SYSTEM_CONFIGURATUION} qrencode ${LIBCLIENT_NAME}) set(libs ${QT_LIBS} ${SYSTEM_CONFIGURATUION} qrencode ${LIBCLIENT_NAME})
if(ENABLE_SPARKLE) if(ENABLE_SPARKLE)
set(resources ${resources} ${PUBLIC_KEY} ${SPARKLE_FRAMEWORK}) set(resources ${resources} ${SPARKLE_FRAMEWORK})
set(libs ${libs} ${SPARKLE_FRAMEWORK}) set(libs ${libs} ${SPARKLE_FRAMEWORK})
endif(ENABLE_SPARKLE) endif(ENABLE_SPARKLE)
target_sources(${PROJECT_NAME} PRIVATE ${resources}) target_sources(${PROJECT_NAME} PRIVATE ${resources})
...@@ -766,6 +760,7 @@ else() ...@@ -766,6 +760,7 @@ else()
else() else()
set_target_properties(${PROJECT_NAME} PROPERTIES set_target_properties(${PROJECT_NAME} PROPERTIES
SPARKLE_URL "${SPARKLE_URL}" SPARKLE_URL "${SPARKLE_URL}"
SPARKLE_PUBLIC_KEY "${SPARKLE_PUBLIC_KEY}"
XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_SOURCE_DIR}/resources/entitlements/Jami.entitlements" XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_SOURCE_DIR}/resources/entitlements/Jami.entitlements"
XCODE_ATTRIBUTE_ENABLE_HARDENED_RUNTIME TRUE) XCODE_ATTRIBUTE_ENABLE_HARDENED_RUNTIME TRUE)
endif() endif()
......
extras/packaging/update/sparkle/dsa_pub.pem deleted 100644 → 0
+ 0
36
View file @ 32136470
-----BEGIN PUBLIC KEY-----
MIIGRzCCBDoGByqGSM44BAEwggQtAoICAQCp4+JqCDyIMIMGtvpMvEPsQJ2SLJrt
y16KsLNmcUXLMMSmHdiC2EEZMhfp4OyuXwLGewA1NXBrBS6+6GidA0hh/IhclMUs
9kjzplVK4mOdKdSvFwuoJ9fdth+ySAXnhpcyLVFKQeoZ/jP20IhW9p+qZE4EMUlx
Pmls+MbNcZLu/HKiGI4XMN2K4yCxLSFjlpEPcT4yBYAZb+YRdY0v2HK3e9Jnja1b
Jfm23NaTRxkWzAu2Cm2S8G7JRo3Uuaw7RUmaAkmVWXFC0ZloGKBSeey6y1EuUtVy
dju3DRVI3RuvmB4yFJvdfgctTR2U6N26H733aOLFsvsSr6/hNp7q0ryDEfjqyW+R
SJwKZIRwl0WTsxwUzw+OejQH9CNcgkRaPgWBntnZ4OWSr2gFPkolt+VpLhSvKiSb
0ef3vZBuTp3KNCDGE20OVfQSeCstUyLZpLeG7tRyJEP/aCni9YTpIhZ5B9XNFe2J
jfzZE2VefKJWpxI1THfPgb0hto6zBuc8kpcKRPqwTRUHQuNwjAuAUKFV3GM9aoUC
KISWXPg2p1z8LgkuM8sgGEhn0BYEfpJFP3wc1OtIlv0t8Bqm1QR1y6hD/uxCYqq+
KR9/0eOsNH7dO/+7ydZjvVcBZ3TeGhvLQB/0Iic4Y895WMvN8bSB7NOZ8ODesO0J
zg2UkMdxdntiKQIhAKISld6gn3g1WSPXvWqT9mZzBly0hXr4DnGI1UtCeQm3AoIC
AQCMiu6knB8mbhcb7bOGhm3JEfi42+j3zavBYOga7LxP18Fobbf+5bHP3kMdNx8y
Paf0q0BkGtRC0WyH0ja05vR0bS9dSUT7qshQXm+/BsA/fnWPC54NcGSfRlj1UqHc
NN39r68EseO7w+w5x1gYFY7Jx/wJqR7gbYgS2GhgIrUo4+vBurl2bVtx6cAwsNXa
h0GUPAGQUu6qJaM5cpZL2Fkx+ac73q9i3WAlCECrkLpvOkLBSbYNvRR1rlhGawGr
Z96zEBEcW5FPJvPsjY2WaOvaRfGF9Y0MK8WXptdxY41jdts7n7kRKuwheUrm0bHm
aCRkGwhtc6hsMdrSzNFLDDScaSjYMx5erqnAKMyieyoiD8gyYN5mhZUokTBdpT1m
n7lrpQ0KfJtNKFtNUfNmU406vMEiTPKG4wxX/RxdzUqLSKNV1j0JHN6kx4Sq/vLN
EzO85ZaA79nBd2/8+ktWRiOuCiLu913Obgw3muNKYNVmH6iJibAYP+n7uUZHCzO4
MxccO5gy1umgTx/16Sya5ov+xt7CmS7kE4M4GzQ+AwXqzx3Mo8O72OWJP7RoRPxt
KTNiNZcjFrPkP4MkAogKNDt3McUXmKzfWEa+EvKHtXav7yiKoZ/kmQCawYQyvKFP
oBloHZ5N2iPnRGfABmFk/exF1Nb2dlhtD1hNYqtD3IWmVAOCAgUAAoICAFSPpbKF
wWcMAwTP7nEWZUr/8efPftwR2Q3F00dbh3ND+Yv7VRam6br+sPnrrPElWL+pPoFy
Vg7qJ6qmsOBgB+dDSiJ5w5L+aIj+vtmQHyCbbLTkCqzC5AO4pMaaXhg5hRQJw6JN
VkLByDsqHmjGG5ZLILzzKLi88X5Tz/Zz5FHWisnwRSGQaoZ5xJOCLfPLTOnASB/Q
uR5nBpYjImZslsPnDwTXVLqqOFo2TiQ3BXGV3BGpP83jaoDSVMjgc2NJNLw7X++b
mEFkALkG9uhhO57dTShwI+S3IzJfIBhSFW59bkY/N0f8peKAiUXmi3M/QWCvfh4k
+WRBaRiq+Ap+wV+IM+PH/INm0uEJ97mP5+7dPMZDNq1iPnJOKhqyXskq6i/Z9eg5
ZzgBw6Pxj6cNhZeg8OQuTfCGIV0m0FtfOZZVUs6l1JlMGb9bGbx2cDJBoI1DQxpG
X01TCtyNF4ShHbFmMG4JLuxBm99YuUJud2wPXToD9pxGWbh7naJwHzL7ywQQ/A0+
gSPE436MLSYPVeGr1RdIxFudZcoGZ2gG6V1aqZfNNlVO++UQ0wNTecFMPhdaC4O/
mnufQC8fSX9qBdnuWfkQQk8bE0kvqz4WSZ+B9Q7bEr7XeOcWibscCslIM2Rs68DK
ZnO5P9x/rPIJLCXY4xQYBryQCMu6JC5ibWzP
-----END PUBLIC KEY-----
extras/packaging/update/sparkle/sign_update.sh deleted 100755 → 0
+ 0
11
View file @ 32136470
#!/bin/bash
set -e
set -o pipefail
if [ "$#" -ne 2 ]; then
echo "Usage: $0 update_archive private_key"
exit 1
fi
openssl=/usr/bin/openssl
$openssl dgst -sha1 -binary < "$1" | $openssl dgst -dss1 -sign "$2" | base64 $BASE64_OPTS
extras/packaging/update/sparkle/sparkle-xml-updater.sh
+ 6
8
View file @ 9ffbf4ae
...@@ -6,13 +6,12 @@ REPO_FOLDER=$1 ...@@ -6,13 +6,12 @@ REPO_FOLDER=$1
SPARKLE_FILE=$2 SPARKLE_FILE=$2
REPO_URL=$3 REPO_URL=$3
PACKAGE=$4 PACKAGE=$4
DSA_KEY=$5 CHANNEL_NAME=$5
CHANNEL_NAME=$6 VERSION=$6
VERSION=$7 BUILD=$7
BUILD=$8
if [ ! -f ${PACKAGE} -o ! -f ${DSA_KEY} ]; then if [ ! -f ${PACKAGE} ]; then
echo "Can't find package or dsa key, aborting..." echo "Can't find package, aborting..."
exit 1 exit 1
fi fi
...@@ -20,7 +19,6 @@ if [ -f ${REPO_FOLDER}/${SPARKLE_FILE} ]; then ...@@ -20,7 +19,6 @@ if [ -f ${REPO_FOLDER}/${SPARKLE_FILE} ]; then
ITEMS=$(sed -n "/<item>/,/<\/item>/p" ${REPO_FOLDER}/${SPARKLE_FILE}) ITEMS=$(sed -n "/<item>/,/<\/item>/p" ${REPO_FOLDER}/${SPARKLE_FILE})
fi fi
PACKAGE_SIZE=`stat -f%z ${PACKAGE}`
DATE_RFC2822=`date "+%a, %d %b %Y %T %z"` DATE_RFC2822=`date "+%a, %d %b %Y %T %z"`
cat << EOFILE > ${REPO_FOLDER}/${SPARKLE_FILE} cat << EOFILE > ${REPO_FOLDER}/${SPARKLE_FILE}
...@@ -37,7 +35,7 @@ cat << EOFILE > ${REPO_FOLDER}/${SPARKLE_FILE} ...@@ -37,7 +35,7 @@ cat << EOFILE > ${REPO_FOLDER}/${SPARKLE_FILE}
<sparkle:version>${BUILD}</sparkle:version> <sparkle:version>${BUILD}</sparkle:version>
<sparkle:shortVersionString>${VERSION}</sparkle:shortVersionString> <sparkle:shortVersionString>${VERSION}</sparkle:shortVersionString>
<sparkle:minimumSystemVersion>10.15.0</sparkle:minimumSystemVersion> <sparkle:minimumSystemVersion>10.15.0</sparkle:minimumSystemVersion>
<enclosure url="${REPO_URL}/$(basename ${PACKAGE})" length="$PACKAGE_SIZE" type="application/octet-stream" sparkle:dsaSignature="$(./sign_update.sh ${PACKAGE} ${DSA_KEY})" /> <enclosure url="${REPO_URL}/$(basename ${PACKAGE})" type="application/octet-stream" $(./sign_update ${PACKAGE}) />
</item> </item>
$(echo -e "${ITEMS}") $(echo -e "${ITEMS}")
</channel> </channel>
......
resources/Info.plist
+ 2
2
View file @ 9ffbf4ae
...@@ -24,8 +24,8 @@ ...@@ -24,8 +24,8 @@
<string>public.app-category.social-networking</string> <string>public.app-category.social-networking</string>
<key>NSHumanReadableCopyright</key> <key>NSHumanReadableCopyright</key>
<string>${MACOSX_BUNDLE_COPYRIGHT}</string> <string>${MACOSX_BUNDLE_COPYRIGHT}</string>
<key>SUPublicDSAKeyFile</key> <key>SUPublicEDKey</key>
<string>dsa_pub.pem</string> <string>${SPARKLE_PUBLIC_KEY}</string>
<key>SUFeedURL</key> <key>SUFeedURL</key>
<string>${SPARKLE_URL}</string> <string>${SPARKLE_URL}</string>
<key>NSPrincipalClass</key> <key>NSPrincipalClass</key>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment