Opened 9 months ago

Last modified 4 weeks ago

#29815 new defect

Sign our macOS bundles on Linux

Reported by: gk Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-sign, TorBrowserTeamTriaged
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I've wanted that for a long time and did not find an already open ticket, but we should leverage our hardened Linux box to sign our .dmg files as well, like we do for our .exe files. One part that makes it harder as the macOS signing is content signing while the authenticode signing is not. Another hard part is that there is no such thing as osslsigncode which we could use with (minimal) patching.

Or maybe there is? See: https://github.com/saucelabs/isign. However, there is still (much) work to do, see: https://github.com/saucelabs/isign/issues/88.

Child Tickets

Change History (4)

comment:1 Changed 4 weeks ago by gk

Keywords: tbb-sign added; tbb-rbm removed

comment:2 Changed 4 weeks ago by sysrqb

Keywords: TorBrowserBuildTriage added

comment:3 Changed 4 weeks ago by sysrqb

Keywords: TorBrowserTeamTriage added; TorBrowserBuildTriage removed

That wasn't the correct keyword.

comment:4 Changed 4 weeks ago by boklm

Keywords: TorBrowserTeamTriaged added; TorBrowserTeamTriage removed
Note: See TracTickets for help on using tickets.