Skip to content

Commit

Permalink
Merge branch 'use-new-signing-cert-des-602'
Browse files Browse the repository at this point in the history
  • Loading branch information
raksooo committed May 6, 2024
2 parents 35e9180 + cb842dc commit d2f6738
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 12 deletions.
19 changes: 10 additions & 9 deletions build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ if [[ "$SIGN" == "true" ]]; then
exit 1
fi

if [[ "$(uname -s)" == "Darwin" || "$(uname -s)" == "MINGW"* ]]; then
if [[ "$(uname -s)" == "Darwin" ]]; then
log_info "Configuring environment for signing of binaries"
if [[ -z ${CSC_LINK-} ]]; then
log_error "The variable CSC_LINK is not set. It needs to point to a file containing the"
Expand All @@ -128,13 +128,15 @@ if [[ "$SIGN" == "true" ]]; then
fi
# macOS: This needs to be set to 'true' to activate signing, even when CSC_LINK is set.
export CSC_IDENTITY_AUTO_DISCOVERY=true

if [[ "$(uname -s)" == "MINGW"* ]]; then
CERT_FILE=$CSC_LINK
CERT_PASSPHRASE=$CSC_KEY_PASSWORD
unset CSC_LINK CSC_KEY_PASSWORD
export CSC_IDENTITY_AUTO_DISCOVERY=false
elif [[ "$(uname -s)" == "MINGW"* ]]; then
if [[ -z ${CERT_HASH-} ]]; then
log_error "The variable CERT_HASH is not set. It needs to be set to the thumbprint of"
log_error "the signing certificate."
exit 1
fi

unset CSC_LINK CSC_KEY_PASSWORD
export CSC_IDENTITY_AUTO_DISCOVERY=false
else
unset CSC_LINK CSC_KEY_PASSWORD
export CSC_IDENTITY_AUTO_DISCOVERY=false
Expand Down Expand Up @@ -183,8 +185,7 @@ function sign_win {
-tr http://timestamp.digicert.com -td sha256 \
-fd sha256 -d "Mullvad VPN" \
-du "https://github.com/mullvad/mullvadvpn-app#readme" \
-f "$CERT_FILE" \
-p "$CERT_PASSPHRASE" "$binary"
-sha1 "$CERT_HASH" "$binary"
then
break
fi
Expand Down
2 changes: 1 addition & 1 deletion ci/buildserver-build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ source "$SCRIPT_DIR/buildserver-config.sh"

# Ask for the passphrase to the signing keys
case "$(uname -s)" in
Darwin*|MINGW*|MSYS_NT*)
Darwin*)
if [[ -z ${CSC_KEY_PASSWORD-} ]]; then
read -rsp "CSC_KEY_PASSWORD = " CSC_KEY_PASSWORD
echo ""
Expand Down
2 changes: 0 additions & 2 deletions gui/tasks/distribution.js
Original file line number Diff line number Diff line change
Expand Up @@ -134,8 +134,6 @@ const config = {
],
artifactName: 'MullvadVPN-${version}.${ext}',
publisherName: 'Mullvad VPN AB',
signingHashAlgorithms: ['sha256'],
signDlls: true,
extraResources: [
{ from: distAssets('mullvad.exe'), to: '.' },
{ from: distAssets('mullvad-problem-report.exe'), to: '.' },
Expand Down

0 comments on commit d2f6738

Please sign in to comment.