[tbb-commits] [tor-browser-build/master] Bug 32556: Keep track of entitlement files and add signing script templates

gk at torproject.org gk at torproject.org
Tue Nov 26 18:17:24 UTC 2019


commit f1cc6bc762c337d9cbc7187d2958dcb54007f9ff
Author: Georg Koppen <gk at torproject.org>
Date:   Tue Nov 26 18:16:10 2019 +0000

    Bug 32556: Keep track of entitlement files and add signing script templates
---
 tools/signing/README                       |  7 ++++
 tools/signing/alpha.entitlements.xml       | 53 ++++++++++++++++++++++++++++++
 tools/signing/authenticode-signing.sh      | 48 +++++++++++++++++++++++++++
 tools/signing/authenticode-timestamping.sh | 46 ++++++++++++++++++++++++++
 tools/signing/gatekeeper-bundling.sh       | 49 +++++++++++++++++++++++++++
 tools/signing/gatekeeper-signing.sh        | 51 ++++++++++++++++++++++++++++
 tools/signing/notarization.sh              | 50 ++++++++++++++++++++++++++++
 tools/signing/stable.entitlements.xml      | 53 ++++++++++++++++++++++++++++++
 tools/signing/stapler.sh                   | 47 ++++++++++++++++++++++++++
 tools/signing/tbb-signing.sh               | 38 +++++++++++++++++++++
 10 files changed, 442 insertions(+)

diff --git a/tools/signing/README b/tools/signing/README
new file mode 100644
index 0000000..e18a761
--- /dev/null
+++ b/tools/signing/README
@@ -0,0 +1,7 @@
+The files in this directory are a large part of what we use when signing
+releases. The scripts are meant to be templates, though, at the moment
+omitting specific paths and credential information.
+
+Additionally, when starting to used them for an own signing setup don't forget
+to adapt the locale list if needed. The entitlement files, however, are kept
+up-to-date.
diff --git a/tools/signing/alpha.entitlements.xml b/tools/signing/alpha.entitlements.xml
new file mode 100644
index 0000000..3097c05
--- /dev/null
+++ b/tools/signing/alpha.entitlements.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<!--
+     Entitlements to apply to the .app bundle and all executable files
+     contained within it during codesigning of production channel builds that
+     will be notarized. These entitlements enable hardened runtime protections
+     to the extent possible for Firefox. Some supporting binaries within the
+     bundle could use more restrictive entitlements, but they are launched by
+     the main Firefox process and therefore inherit the parent process
+     entitlements.
+-->
+<plist version="1.0">
+  <dict>
+    <!-- Firefox does not use MAP_JIT for executable mappings -->
+    <key>com.apple.security.cs.allow-jit</key><false/>
+
+    <!-- Firefox needs to create executable pages (without MAP_JIT) -->
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
+
+    <!-- Code paged in from disk should match the signature at page in-time -->
+    <key>com.apple.security.cs.disable-executable-page-protection</key><false/>
+
+    <!-- Allow loading third party libraries. Needed for Flash and CDMs -->
+    <key>com.apple.security.cs.disable-library-validation</key><true/>
+
+    <!-- Allow dyld environment variables. Needed because Firefox uses
+         dyld variables to load libaries from within the .app bundle. -->
+    <key>com.apple.security.cs.allow-dyld-environment-variables</key><true/>
+
+    <!-- Don't allow debugging of the executable. Debuggers will be prevented
+         from attaching to running executables. Notarization does not permit
+         access to get-task-allow (as documented by Apple) so this must be
+         disabled on notarized builds. -->
+    <key>com.apple.security.get-task-allow</key><false/>
+
+    <!-- Firefox needs to access the microphone on sites the user allows -->
+    <key>com.apple.security.device.audio-input</key><true/>
+
+    <!-- Firefox needs to access the camera on sites the user allows -->
+    <key>com.apple.security.device.camera</key><true/>
+
+    <!-- Firefox needs to access the location on sites the user allows -->
+    <key>com.apple.security.personal-information.location</key><true/>
+
+    <!-- Allow Firefox to send Apple events to other applications. Needed
+         for native messaging webextension helper applications launched by
+         Firefox which rely on Apple Events to signal other processes. -->
+    <key>com.apple.security.automation.apple-events</key><true/>
+
+    <!-- For SmartCardServices(7) -->
+    <key>com.apple.security.smartcard</key><true/>
+  </dict>
+</plist>
diff --git a/tools/signing/authenticode-signing.sh b/tools/signing/authenticode-signing.sh
new file mode 100755
index 0000000..7e2e6f0
--- /dev/null
+++ b/tools/signing/authenticode-signing.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Copyright (c) 2019, The Tor Project, Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+set -e
+
+read -sp "Enter passphrase: " pass
+echo
+for i in `find . -name "*.exe" -print`
+do
+  /path/to/patched/osslsigncode/build/osslsigncode \
+                 -pkcs11engine /usr/lib/engines/engine_pkcs11.so \
+                 -pkcs11module /usr/lib/libeTPkcs11.so \
+                 -pass $pass \
+                 -h sha256 \
+                 -certs $path/to/cert \
+                 -key $key \
+                 $i $i-signed
+done
+rename -f 's/-signed//' *-signed
diff --git a/tools/signing/authenticode-timestamping.sh b/tools/signing/authenticode-timestamping.sh
new file mode 100755
index 0000000..77973b7
--- /dev/null
+++ b/tools/signing/authenticode-timestamping.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# Copyright (c) 2019, The Tor Project, Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+set -e
+
+COUNT=0
+for i in `find . -name "*.exe" -print`
+do
+  /path/to/patched/osslsigncode add \
+                 -t http://timestamp.digicert.com \
+                 -p socks://127.0.0.1:9050 \
+                 $i $i-timestamped
+  COUNT=$((COUNT + 1))
+
+done
+echo "Timestamped $COUNT .exe files, now renaming"
+rename -f 's/-timestamped//' *-timestamped
diff --git a/tools/signing/gatekeeper-bundling.sh b/tools/signing/gatekeeper-bundling.sh
new file mode 100755
index 0000000..742bc61
--- /dev/null
+++ b/tools/signing/gatekeeper-bundling.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Copyright (c) 2019, The Tor Project, Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+TORBROWSER_VERSION=$1
+if [ -z $TORBROWSER_VERSION ];
+then
+  echo "Please call this script with a Tor Browser version!"
+  exit 1
+fi
+BUNDLE_LOCALES="ar ca cs da de el en-US es-AR es-ES fa fr ga-IE he hu id is it ja ka ko mk nb-NO nl pl pt-BR ro ru sv-SE tr vi zh-CN zh-TW"
+builddir=/path/to/the/build/dir
+mkdir $builddir/$TORBROWSER_VERSION-signed
+for LANG in $BUNDLE_LOCALES
+do
+  cd $builddir/dmg
+  unzip -q $builddir/$TORBROWSER_VERSION/tb-${TORBROWSER_VERSION}_$LANG-stapled.zip
+  cd ..
+  $builddir/ddmg.sh $builddir/$TORBROWSER_VERSION-signed/TorBrowser-${TORBROWSER_VERSION}-osx64_$LANG.dmg $builddir/dmg/
+  rm -rf 'dmg/Tor Browser.app'
+done
diff --git a/tools/signing/gatekeeper-signing.sh b/tools/signing/gatekeeper-signing.sh
new file mode 100755
index 0000000..3f31f82
--- /dev/null
+++ b/tools/signing/gatekeeper-signing.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+# Copyright (c) 2019, The Tor Project, Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+TORBROWSER_VERSION=$1
+if [ -z "$TORBROWSER_VERSION" ];
+then
+  echo "Please call this script with a Tor Browser version!"
+  exit 1
+fi
+ENTITLEMENTS=/path/to/stable.entitlements.xml
+BUNDLE_LOCALES="ar ca cs da de el en-US es-AR es-ES fa fr ga-IE he hu id is it ja ka ko mk nb-NO nl pl pt-BR ro ru sv-SE tr vi zh-CN zh-TW"
+for LANG in $BUNDLE_LOCALES
+do
+  hdiutil attach TorBrowser-${TORBROWSER_VERSION}-osx64_$LANG.dmg
+  cp -rf "/Volumes/Tor Browser/Tor Browser.app" "Tor Browser.app"
+  echo "Signing Tor Browser_$LANG.app"
+  codesign -vvv --deep -o runtime --entitlements="$ENTITLEMENTS" --timestamp -f -s "$ID" "Tor Browser.app/"
+  echo "Zipping up"
+  zip -qr tb-${TORBROWSER_VERSION}_${LANG}.zip "Tor Browser.app"
+  rm -rf "Tor Browser.app"
+  hdiutil detach "/Volumes/Tor Browser"
+done
diff --git a/tools/signing/notarization.sh b/tools/signing/notarization.sh
new file mode 100755
index 0000000..eb29e74
--- /dev/null
+++ b/tools/signing/notarization.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+# Copyright (c) 2019, The Tor Project, Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+TORBROWSER_VERSION=$1
+if [ -z "$TORBROWSER_VERSION" ];
+then
+  echo "Please call this script with a Tor Browser version!"
+  exit 1
+fi
+BUNDLE_LOCALES="ar ca cs da de el en-US es-AR es-ES fa fr ga-IE he hu id is it ja ka ko mk nb-NO nl pl pt-BR ro ru sv-SE tr vi zh-CN zh-TW"
+for LANG in $BUNDLE_LOCALES
+do
+  mkdir $LANG
+  cd $LANG
+  mv ../tb-${TORBROWSER_VERSION}_$LANG.zip .
+  unzip -q tb-${TORBROWSER_VERSION}_$LANG.zip
+  echo "Notarizing $LANG..."
+  xcrun altool --notarize-app -t osx -f tb-${TORBROWSER_VERSION}_$LANG.zip
+  --primary-bundle-id org.torproject.torbrowser -u USERNAME -p @env:PW --output-format xml
+  cd ..
+done
diff --git a/tools/signing/stable.entitlements.xml b/tools/signing/stable.entitlements.xml
new file mode 100644
index 0000000..3097c05
--- /dev/null
+++ b/tools/signing/stable.entitlements.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<!--
+     Entitlements to apply to the .app bundle and all executable files
+     contained within it during codesigning of production channel builds that
+     will be notarized. These entitlements enable hardened runtime protections
+     to the extent possible for Firefox. Some supporting binaries within the
+     bundle could use more restrictive entitlements, but they are launched by
+     the main Firefox process and therefore inherit the parent process
+     entitlements.
+-->
+<plist version="1.0">
+  <dict>
+    <!-- Firefox does not use MAP_JIT for executable mappings -->
+    <key>com.apple.security.cs.allow-jit</key><false/>
+
+    <!-- Firefox needs to create executable pages (without MAP_JIT) -->
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
+
+    <!-- Code paged in from disk should match the signature at page in-time -->
+    <key>com.apple.security.cs.disable-executable-page-protection</key><false/>
+
+    <!-- Allow loading third party libraries. Needed for Flash and CDMs -->
+    <key>com.apple.security.cs.disable-library-validation</key><true/>
+
+    <!-- Allow dyld environment variables. Needed because Firefox uses
+         dyld variables to load libaries from within the .app bundle. -->
+    <key>com.apple.security.cs.allow-dyld-environment-variables</key><true/>
+
+    <!-- Don't allow debugging of the executable. Debuggers will be prevented
+         from attaching to running executables. Notarization does not permit
+         access to get-task-allow (as documented by Apple) so this must be
+         disabled on notarized builds. -->
+    <key>com.apple.security.get-task-allow</key><false/>
+
+    <!-- Firefox needs to access the microphone on sites the user allows -->
+    <key>com.apple.security.device.audio-input</key><true/>
+
+    <!-- Firefox needs to access the camera on sites the user allows -->
+    <key>com.apple.security.device.camera</key><true/>
+
+    <!-- Firefox needs to access the location on sites the user allows -->
+    <key>com.apple.security.personal-information.location</key><true/>
+
+    <!-- Allow Firefox to send Apple events to other applications. Needed
+         for native messaging webextension helper applications launched by
+         Firefox which rely on Apple Events to signal other processes. -->
+    <key>com.apple.security.automation.apple-events</key><true/>
+
+    <!-- For SmartCardServices(7) -->
+    <key>com.apple.security.smartcard</key><true/>
+  </dict>
+</plist>
diff --git a/tools/signing/stapler.sh b/tools/signing/stapler.sh
new file mode 100755
index 0000000..cdbb466
--- /dev/null
+++ b/tools/signing/stapler.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# Copyright (c) 2019, The Tor Project, Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+TORBROWSER_VERSION=$1
+if [ -z "$TORBROWSER_VERSION" ];
+then
+  echo "Please call this script with a Tor Browser version!"
+  exit 1
+fi
+BUNDLE_LOCALES="ar ca cs da de el en-US es-AR es-ES fa fr ga-IE he hu id is it ja ka ko mk nb-NO nl pl pt-BR ro ru sv-SE tr vi zh-CN zh-TW"
+for LANG in $BUNDLE_LOCALES
+do
+  echo "Stapling $LANG..."
+  cd $LANG
+  xcrun stapler staple Tor\ Browser.app
+  zip -qr ../tb-${TORBROWSER_VERSION}_$LANG-stapled.zip Tor\ Browser.app
+  cd ..
+done
diff --git a/tools/signing/tbb-signing.sh b/tools/signing/tbb-signing.sh
new file mode 100755
index 0000000..42ea235
--- /dev/null
+++ b/tools/signing/tbb-signing.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+# Copyright (c) 2019, The Tor Project, Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+export GNUPGHOME=/path/to/gpg-key
+read -sp "Enter passphrase: " pass
+for i in `find . -name "*.dmg" -o -name "*.exe" -o -name "*.tar.xz" -o -name "*.txt" -o -name "*.zip" -o -name "*.tar.gz" -o -name "*.apk"`
+do
+  echo "$pass" | gpg -absu $key! --passphrase-fd 0 $i
+done



More information about the tbb-commits mailing list