What is Nostr?
05nelsonm / Matt Nelson
npub1j3f…7lq8
2023-03-27 20:09:29

05nelsonm on Nostr: Made something for creating detached code signatures for macOS/Windows binaries. 1. ...

Made something for creating detached code signatures for macOS/Windows binaries.

1. Reproducibly build program
2. Copy it
3. Codesign (+ notarize for macOS) the copy
4. Take a 'diff' between the 2

The '.diff' is just the signatures, which can be applied to the unsigned binaries at a later date (so others can verify build reproducibility)

Think I'll publish it to Debian and Home Brew once I add a few things; check it out!

https://github.com/05nelsonm/kmp-tor-binary/blob/master/tools/diff-cli/README.md

Had a unique issue which craigraw (npub1hea…g9v2) found. Tor binaries for macOS weren't signed or notarized, so when he went to run `kmp-tor` on macOS aarch64 GateKeeper said "nope, not happening".
Author Public Key
npub1j3fs72nlngpdgy2njn0rycd0f45lyv8r0j45sjvqcdmszzc0agmqvh7lq8