[tor-commits] [tor-browser-spec/master] Signing notes

mikeperry at torproject.org mikeperry at torproject.org
Thu Mar 31 17:57:27 UTC 2016 

commit 980fe8ee4556ba4b7443ffbc5296258de9e6c297
Author: Mike Perry <mikeperry-git at torproject.org>
Date:   Mon Mar 14 16:08:29 2016 -0700

    Signing notes
---
 processes/KeyGeneration  | 15 +++++++++++++++
 processes/ReleaseProcess |  2 ++
 2 files changed, 17 insertions(+)

diff --git a/processes/KeyGeneration b/processes/KeyGeneration
index 4c62c51..e10baee 100644
--- a/processes/KeyGeneration
+++ b/processes/KeyGeneration
@@ -63,3 +63,18 @@ Key Creation Incantations and Instructions
 6) `certutil -d nssdb -L -r -n marsigner -o marsigner.der`
 7) If you want to export more than one certificate repeat step 6 adjusting the
    certificate nickname and the name of the output file
+
+
+Mac Signing Key
+===============
+
+Based on:
+https://stackoverflow.com/questions/9245149/jenkins-on-os-x-xcodebuild-gives-code-sign-error
+
+
+cd Library/Keychains
+security create-keychain tbb-signing-alpha.keychain
+security default-keychain -s tbb-signing-alpha.keychain
+security unlock-keychain
+certtool r CertificateSigningRequest.certSigningRequest
+
diff --git a/processes/ReleaseProcess b/processes/ReleaseProcess
index 86172d5..647b5ad 100644
--- a/processes/ReleaseProcess
+++ b/processes/ReleaseProcess
@@ -91,6 +91,8 @@
    # We must use $TORBROWSER_VERSION here because signed result dirs should omit the build number suffix
    rsync -avP $TORBROWSER_VERSION staticiforme.torproject.org:/srv/dist-master.torproject.org/htdocs/torbrowser/
    ssh staticiforme.torproject.org "chmod g+w,o+r -R /srv/dist-master.torproject.org/htdocs/torbrowser/*"
+   ssh staticiforme.torproject.org "chown -R :torwww /srv/dist-master.torproject.org/htdocs/torbrowser/"
+   ssh staticiforme.torproject.org "cd /srv/dist-master.torproject.org/htdocs/torbrowser/$TORBROWSER_VERSION ; for i in *.asc; do echo $i ; gpg -q $i || break; done"
    ssh staticiforme.torproject.org "static-update-component dist.torproject.org"
 #. Local to staticiforme:
    cd ~/tbb-builds/tor-browser-bundle/gitian

More information about the tor-commits mailing list