Use Sparkle signer for full appcasts
This commit is contained in:
parent
a84922f4f3
commit
1d45016a63
4 changed files with 63 additions and 17 deletions
|
|
@ -30,8 +30,13 @@ pins iOS App Store profiles to that certificate. Existing App Store profiles
|
|||
with the same name are deleted and recreated if Apple reports that they contain
|
||||
a different distribution certificate.
|
||||
|
||||
Sparkle appcast signing uses the non-exportable `sparkle-ed25519` Google KMS
|
||||
key. macOS release builds embed public EdDSA key
|
||||
Sparkle appcast signing keeps the `sparkle-ed25519` Google KMS key available
|
||||
for payloads small enough for direct KMS Ed25519 signing, but normal macOS
|
||||
release archives are larger than Google KMS accepts for direct Ed25519
|
||||
messages. Those archives are signed with Sparkle's `sign_update` using the
|
||||
decrypted release `SPARKLE_EDDSA_KEY_PATH` so Sparkle receives the standard
|
||||
full-archive EdDSA signature it verifies at update time. macOS release builds
|
||||
embed public EdDSA key
|
||||
`Myv9ZNZT6YGKMtMezh52ra4WqaeEKc4VlvVU0evhJeI=` and point Sparkle metadata at
|
||||
`https://releases.burrow.net/sparkle/appcast.xml`. The appcast signer runs only
|
||||
when `BURROW_SPARKLE_SIGN_WITH_KMS=true` so unsigned local validation artifacts
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue