LBRYFoundation/LBRY-Vault
1
0
Fork 0
mirror of https://github.com/LBRYFoundation/LBRY-Vault.git synced 2025-08-29 08:21:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
LBRY-Vault/contrib/build-wine
History
Jean-Christophe Rona 02c30e3d52
Add support for Archos Safe-T mini hardware wallet (#4445) 
commit 10c46477f3a6f2fbc0596345511e0994253081eb
Author: SomberNight <somber.night@protonmail.com>
Date:   Wed Jul 25 19:40:05 2018 +0200

    backport changes of trezor plugin

commit 213619e880f709188c1ea6272758896748e681a8
Merge: a855b75b6 6899ca252
Author: Jean-Christophe Rona <jc@rona.fr>
Date:   Wed Jul 25 18:45:19 2018 +0200

    Merge branch 'master' into safe-t-mini

commit a855b75b6f5af5f707c4680d0bac79eb66a85ace
Author: Jean-Christophe Rona <rona@archos.com>
Date:   Wed Jul 25 18:37:12 2018 +0200

    Safe-T: Switch to safet 0.1.3 to remove the rlp dependency

commit 9bee44ca33289158c91c03d47dec45de6577f17b
Author: SomberNight <somber.night@protonmail.com>
Date:   Wed Jul 18 14:01:10 2018 +0200

    safe-t: bump min fw to 1.0.5

    older fw has a bug when restoring from seed

commit 01816607e8ba308cb5cff96b5fb844e4f6b8fcc1
Author: SomberNight <somber.night@protonmail.com>
Date:   Wed Jul 18 13:57:17 2018 +0200

    safe-t: fix rlp version to avoid eth stuff

commit 430206bea1fa10b762ff953fbc7652ce0d0e939d
Merge: a999ae266 b4b862b0c
Author: SomberNight <somber.night@protonmail.com>
Date:   Wed Jul 18 13:29:41 2018 +0200

    Merge branch 'master' into pr/4445

commit a999ae266f499f180946d53d4e860cc871d562ab
Author: Jean-Christophe Rona <rona@archos.com>
Date:   Tue Jun 19 14:18:03 2018 +0200

    Safe-T mini: Remove supported coins

    This is not really useful there.

commit 7922df1031b2c4b132f7f9c90232480b5bf9585c
Author: Jean-Christophe Rona <rona@archos.com>
Date:   Tue May 29 16:43:37 2018 +0200

    Safe-T mini: Add support for the Safe-T mini
2018-07-25 20:11:04 +02:00
..
docker docker-wine: update a package version 2018-07-24 20:23:33 +02:00
build-electrum-git.sh fix some wine build failures on branches/forks 2018-07-19 14:36:30 +02:00
build-secp256k1.sh wine build: towards deterministic libsecp - strip debug symbols 2018-06-28 22:05:13 +02:00
build.sh build-wine: allow local testing 2018-07-10 13:33:46 +02:00
deterministic.spec Add support for Archos Safe-T mini hardware wallet (#4445) 2018-07-25 20:11:04 +02:00
electrum.nsi build-wine: allow local testing 2018-07-10 13:33:46 +02:00
prepare-wine.sh wine build: remove pgp.mit.edu from keyservers 2018-07-19 14:53:04 +02:00
README.md winbuilds: update README. Do not sign in unsign.sh 2018-06-30 13:22:46 +02:00
sign.sh sign.sh: rm signed dir 2018-07-02 09:19:02 +02:00
unsign.sh sign.sh: rm signed dir 2018-07-02 09:19:02 +02:00

README.md

Windows Binary Builds

These scripts can be used for cross-compilation of Windows Electrum executables from Linux/Wine. Produced binaries are deterministic, so you should be able to generate binaries that match the official releases.

Usage:

  1. Install the following dependencies:
  • dirmngr
  • gpg
  • 7Zip
  • Wine (>= v2)
  • (and, for building libsecp256k1)
    • mingw-w64
    • autotools-dev
    • autoconf
    • libtool

For example:

$ sudo apt-get install wine-development dirmngr gnupg2 p7zip-full
$ sudo apt-get install mingw-w64 autotools-dev autoconf libtool

The binaries are also built by Travis CI, so if you are having problems, that script might help.

  1. Make sure /opt is writable by the current user.
  2. Run build.sh.
  3. The generated binaries are in ./dist.

Code Signing

Electrum Windows builds are signed with a Microsoft Authenticode™ code signing certificate in addition to the GPG-based signatures.

The advantage of using Authenticode is that Electrum users won't receive a Windows SmartScreen warning when starting it.

The release signing procedure involves a signer (the holder of the certificate/key) and one or multiple trusted verifiers:

Signer Verifier
Build .exe files using build.sh
Sign .exe with ./sign.sh
Upload signed files to download server
Build .exe files using build.sh
Compare files using unsign.sh
Sign .exe file using gpg -b

| Signer and verifiers: | Upload signatures to 'electrum-signatures' repo, as $version/$filename.$builder.asc |

Verify Integrity of signed binary

Every user can verify that the official binary was created from the source code in this repository. To do so, the Authenticode signature needs to be stripped since the signature is not reproducible.

This procedure removes the differences between the signed and unsigned binary:

  1. Remove the signature from the signed binary using osslsigncode or signtool.
  2. Set the COFF image checksum for the signed binary to 0x0. This is necessary because pyinstaller doesn't generate a checksum.
  3. Append null bytes to the unsigned binary until the byte count is a multiple of 8.

The script unsign.sh performs these steps.