gaspersic/go-ethereum
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto/signify, build: fix archive signing with signify (#21977)

Browse Source 
This fixes some issues in crypto/signify and makes release signing work.

The archive signing step in ci.go used getenvBase64, which decodes the key data.
This is incorrect here because crypto/signify already base64-decodes the key.
This commit is contained in:
Felix Lange
2020-12-09 15:43:36 +01:00
committed by GitHub
parent 915643a3e5
commit f935b1d542
4 changed files with 65 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
build/ci.go
View File

@ -58,7 +58,7 @@ import (
"time"
"github.com/cespare/cp"
signifyPkg "github.com/ethereum/go-ethereum/crypto/signify"
"github.com/ethereum/go-ethereum/crypto/signify"
"github.com/ethereum/go-ethereum/internal/build"
"github.com/ethereum/go-ethereum/params"
)
@ -449,7 +449,7 @@ func archiveBasename(arch string, archiveVersion string) string {
return platform + "-" + archiveVersion
}
func archiveUpload(archive string, blobstore string, signer string, signify string) error {
func archiveUpload(archive string, blobstore string, signer string, signifyVar string) error {
// If signing was requested, generate the signature files
if signer != "" {
key := getenvBase64(signer)
@ -457,9 +457,11 @@ func archiveUpload(archive string, blobstore string, signer string, signify stri
return err
}
}
if signify != "" {
key := getenvBase64(string(signify))
if err := signifyPkg.SignifySignFile(archive, archive+".sig", string(key), "verify with geth.pub", fmt.Sprintf("%d", time.Now().UTC().Unix())); err != nil {
if signifyVar != "" {
key := os.Getenv(signifyVar)
untrustedComment := "verify with geth-release.pub"
trustedComment := fmt.Sprintf("%s (%s)", archive, time.Now().UTC().Format(time.RFC1123))
if err := signify.SignFile(archive, archive+".sig", key, untrustedComment, trustedComment); err != nil {
return err
}
}
@ -478,7 +480,7 @@ func archiveUpload(archive string, blobstore string, signer string, signify stri
return err
}
}
if signify != "" {
if signifyVar != "" {
if err := build.AzureBlobstoreUpload(archive+".sig", filepath.Base(archive+".sig"), auth); err != nil {
return err
}