guix: Add codesignature attachment support for osx+win

dongcarl commented at 0:04 am on February 20, 2021: member

This is the last PR before we reach feature-parity with the Gitian process!

Note: I tried using the Makefile inside the distsrc to make the dmg instead of manually listing out the commands, but make seems to want to re-make a lot of other files which broke the dmg.

The workflow looks something like this:

env [ FOO=bar... ] ./contrib/guix/guix-build (add additional env vars as necessary)
Codesigners only:
1. Copy guix-build-<short-id>/output/x86_64-apple-darwin18/bitcoin-<short-id>-osx-unsigned.tar.gz and guix-build-<short-id>/output/x86_64-w64-mingw32/bitcoin-<short-id>-win-unsigned.tar.gz to signing computer
2. Codesign with ./detached-sig-create.sh inside the tarball
3. Upload contents of signature-{osx,win}.tar.gz to https://github.com/bitcoin-core/bitcoin-detached-sigs (as a new tag)
Checkout new tag for bitcoin-core/bitcoin-detached-sigs with the detached signatures
env [ FOO=bar... ] DETACHED_SIGS_REPO=<path/to/bitcoin-detached-sigs> ./contrib/guix/guix-codesign (modify env vars as necessary)
Make sure guix.sigs is cloned and updated
env GUIX_SIGS_REPO=<path/to/guix.sigs> SIGNER=0x96AB007F1A7ED999=dongcarl ./contrib/guix/guix-attest (modify env vars as necessary)
Commit your new signatures and SHA256SUMS in guix.sigs
Optionally, after there are multiple signatures in guix.sigs: env GUIX_SIGS_REPO=<path/to/guix.sigs> ./contrib/guix/guix-verify

sipa commented at 0:06 am on February 20, 2021: member

There is no reason for the actual signing to be done in guix, I think? Only the process of attaching the signature once it has been published.

dongcarl commented at 0:08 am on February 20, 2021: member

Right! Perhaps I should be more precise with my wording…

dongcarl renamed this:
~~guix: Add codesigning support for osx+win~~
guix: Add codesignature attachment support for osx+win
on Feb 20, 2021

sipa commented at 0:09 am on February 20, 2021: member

Hmm, but if it’s just attaching, there should be no need for network support.

dongcarl commented at 0:10 am on February 20, 2021: member

Oh! True! I’ll test it out and make the changes! Thanks!

DrahtBot added the label Build system on Feb 20, 2021

DrahtBot added the label Docs on Feb 20, 2021

DrahtBot added the label Scripts and tools on Feb 20, 2021

dongcarl added this to the "Next (Not based on any other PRs)" column in a project

dongcarl moved this from the "Next (Not based on any other PRs)" to the "PRs" column in a project

DrahtBot commented at 9:13 am on February 25, 2021: member

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

No conflicts as of last run.

in contrib/guix/manifest.scm:248 in 2baa70cc62 outdated

219+    (arguments
220+     `(#:configure-flags
221+       `("--without-gsf"
222+         "--without-curl"
223+         "--disable-dependency-tracking")))
224+    (home-page "https://github.com/develar/osslsigncode")

achow101 commented at 9:37 pm on February 25, 2021:

Shouldn’t this be https://github.com/mtrojnar/osslsigncode?

in contrib/guix/guix-codesign.sh:76 in 885e881673 outdated

71+done
72+
73+if [ -n "$hosts_distsrc_missing" ]; then
74+# ...so that we can print them out nicely in an error message
75+cat << EOF
76+ERR: Build directoriesmissinggg

achow101 commented at 9:46 pm on February 25, 2021:

0ERR: Build directories missing

in contrib/guix/libexec/codesign.sh:57 in 885e881673 outdated

52+
53+        export SIGNED_APP_DIST_DIR="$SIGDIR"/dist
54+        export OUT_SIGNED_DMG="$OUTDIR"/bitcoin-osx-signed.dmg
55+
56+        cd "$UNSIGNED_DIR"  # URGH
57+        "$UNSIGNED_DIR"/detached-sig-apply.sh "$UNSIGNED_DIR"/dist/Bitcoin-Qt.app "$SIGNED_APP_DIST_DIR"

achow101 commented at 9:48 pm on February 25, 2021:

Since you are invoking osslsigncode directly for the windows, perhaps the same should be done here with signapple? The apply script doesn’t really do much anymore as signapple does a lot internally.

achow101 commented at 9:49 pm on February 25, 2021: member

Concept ACK

Presumably the code signing itself will still occur with the detached-sig-create.sh scripts?

fanquake referenced this in commit a28c053c88 on Mar 2, 2021

dongcarl force-pushed on May 11, 2021

dongcarl force-pushed on May 12, 2021

dongcarl commented at 7:21 pm on May 12, 2021: member

Pushed 885e8816730a5716e276633d93d3d45bdec630c9 -> 8c6e821319f51323f3d53d4c594ccd4abae6e0c0

Rebased over master after merge of #21089
Addressed achow101’s reviews

This is now ready for review!

dongcarl marked this as ready for review on May 12, 2021

dongcarl commented at 7:29 pm on May 13, 2021: member

Added commit to use SHA256 as digest for osslsigncode

Makefile.am: use APP_DIST_DIR instead of hard-coding dist c090a3e923

guix: Reindent existing manifest.scm 0a2176d477

guix: Package codesigning tools bac2690e6f

guix: Add codesigning functionality 38eb91eb06

codesigning: Use SHA256 as digest for osslsigncode (Windows) ee0a67c32a

dongcarl commented at 7:42 pm on May 13, 2021: member

Pushed f85b366b82…ee0a67c32a

Rebased over master to fix CI timeout

dongcarl force-pushed on May 13, 2021

achow101 commented at 9:12 pm on May 15, 2021: member

I’ve added a branch to the bitcoin-detached-sigs repo to contain code signatures created for testing out guix: https://github.com/bitcoin-core/bitcoin-detached-sigs/tree/guix-testing. There is also a tag (https://github.com/bitcoin-core/bitcoin-detached-sigs/releases/tag/pr21239-ee0a67c32a88-win) pointing to windows signatures for ee0a67c32a88.

achow101 commented at 9:16 pm on May 15, 2021: member

It looks like I have different results from @Sjors for ee0a67c

dongcarl commented at 8:18 pm on May 17, 2021: member

Hmmm @Sjors @achow101 could you upload outputs/x86_64-linux-gnu somewhere so I can take a look?

sipa commented at 8:28 pm on May 17, 2021: member

Unsigned results:

 0$ sha256sum $(find -name '*.gz' | LANG=C sort)
 11a831e5f04fb3a50afe32f105f20e849b218a82716bebb94e4063c4a8e266d2e  ./aarch64-linux-gnu/bitcoin-ee0a67c32a88-aarch64-linux-gnu-debug.tar.gz
 2e493f8071bd6c3f2877dc22601ed29eb7831c4695ac48a8e0c70e96012255ee2  ./aarch64-linux-gnu/bitcoin-ee0a67c32a88-aarch64-linux-gnu.tar.gz
 302552f6e85edd8ea32a08edf730d2bc382cd19417e5979b3e06799a25923b650  ./arm-linux-gnueabihf/bitcoin-ee0a67c32a88-arm-linux-gnueabihf-debug.tar.gz
 4b11a3507ffa5458ae79d8165f9bad800ef1b597f30291d05e6217abd928f5f79  ./arm-linux-gnueabihf/bitcoin-ee0a67c32a88-arm-linux-gnueabihf.tar.gz
 5cce7bffc383cd1ffad5a6a83002b3799e3e83907b4097b57a7ceaf90eb4e7912  ./dist-archive/bitcoin-ee0a67c32a88.tar.gz
 6dda06e3246c8d6dd6cf9b15bb923e35033231dfc97a7dfdf3b0cd7276e35f3b9  ./powerpc64-linux-gnu/bitcoin-ee0a67c32a88-powerpc64-linux-gnu-debug.tar.gz
 778d5a369f3d0050e13b05b686bf71c3240c30d562ea88f71c95e578738701cc7  ./powerpc64-linux-gnu/bitcoin-ee0a67c32a88-powerpc64-linux-gnu.tar.gz
 89ad048055b3bd8d80b2c92c28ccb8ccb0a4f2b44f1e38b148802ed32d5aa0e97  ./powerpc64le-linux-gnu/bitcoin-ee0a67c32a88-powerpc64le-linux-gnu-debug.tar.gz
 97c3861a4d2faa12f934eb51581dda5acf0a33c0f657fbce2561bb19ba6843acd  ./powerpc64le-linux-gnu/bitcoin-ee0a67c32a88-powerpc64le-linux-gnu.tar.gz
100b3908598efcb9e020440e8f485a720109fe9ab25c0c9f24d9670b464c7b0d6b  ./riscv64-linux-gnu/bitcoin-ee0a67c32a88-riscv64-linux-gnu-debug.tar.gz
110f77fe33703befe3a3c4a945e4d5699a8ab88b098e20aebb2eb96e7194622a8f  ./riscv64-linux-gnu/bitcoin-ee0a67c32a88-riscv64-linux-gnu.tar.gz
1201bcf0137f326c0990f4055a2a245a5dea9a3863d09e2be519439e9a67d74667  ./x86_64-apple-darwin18/bitcoin-ee0a67c32a88-osx-unsigned.tar.gz
133a00ed383a2f7cbda2977906ce8f51dda08f046bb2f423273e7d5d136e719a22  ./x86_64-apple-darwin18/bitcoin-ee0a67c32a88-osx64.tar.gz
14015cea1fd540b02e53c7a344ba23ee58b5de6c59f69cbc5e983b270a97d8faf2  ./x86_64-linux-gnu/bitcoin-ee0a67c32a88-x86_64-linux-gnu-debug.tar.gz
1566948ea36c6ecfd9658d494809f20a48991d057a303c654c582baa82bb7966cd  ./x86_64-linux-gnu/bitcoin-ee0a67c32a88-x86_64-linux-gnu.tar.gz
16b3aa208c81ea84785da973506de76047b272cc14203b01d57b267126363af9dc  ./x86_64-w64-mingw32/bitcoin-ee0a67c32a88-win-unsigned.tar.gz

dongcarl commented at 9:00 pm on May 17, 2021: member

Interesting: seems like only the darwin ones are reproducible? Likely a gcc thing. Any tarball uploads will help!

achow101 commented at 9:09 pm on May 17, 2021: member

@dongcarl https://github.com/achow101/bitcoin/releases/tag/pr21239-ee0a67c32a88

hebasto commented at 8:20 am on May 18, 2021: member

 0$ DETACHED_SIGS_REPO=/home/hebasto/bitcoin-detached-sigs contrib/guix/guix-codesign
 1Checking that we can connect to the guix-daemon...
 2
 3Hint: If this hangs, you may want to try turning your guix-daemon off and on
 4      again.
 5
 6INFO: Codesigning ee0a67c32a88 for platform triple x86_64-w64-mingw32:
 7      ...using reference timestamp: 1620934012
 8      ...from worktree directory: '/home/hebasto/bitcoin'
 9          ...bind-mounted in container to: '/bitcoin'
10      ...in build directory: '/home/hebasto/bitcoin/guix-build-ee0a67c32a88/distsrc-ee0a67c32a88-x86_64-w64-mingw32-codesigned'
11          ...bind-mounted in container to: '/distsrc-base/distsrc-ee0a67c32a88-x86_64-w64-mingw32-codesigned'
12      ...outputting in: '/home/hebasto/bitcoin/guix-build-ee0a67c32a88/output/x86_64-w64-mingw32-codesigned'
13          ...bind-mounted in container to: '/outdir-base/x86_64-w64-mingw32-codesigned'
14      ...using detached signatures in: '/home/hebasto/bitcoin-detached-sigs'
15          ...bind-mounted in container to: '/detached-sigs'
16Updating channel 'guix' from Git repository at 'https://github.com/dongcarl/guix.git'...
17Required environment variables as seen inside the container:
18    UNSIGNED_TARBALL: /outdir-base/x86_64-w64-mingw32/bitcoin-ee0a67c32a88-win-unsigned.tar.gz
19    DETACHED_SIGS_REPO: /detached-sigs
20    DIST_ARCHIVE_BASE: /outdir-base/dist-archive
21    DISTNAME: bitcoin-ee0a67c32a88
22    HOST: x86_64-w64-mingw32
23    SOURCE_DATE_EPOCH: 1620934012
24    DISTSRC: /distsrc-base/distsrc-ee0a67c32a88-x86_64-w64-mingw32-codesigned
25    OUTDIR: /outdir-base/x86_64-w64-mingw32-codesigned
26Current PE checksum   : 01199EF8
27Calculated PE checksum: 01199EF8
28
29Message digest algorithm  : SHA256
30Current message digest    : B5C221867F8B18CF24AD8125F1656D7CD0550A3EB7823A8CA4D9DB350E6CEB91
31Calculated message digest : DED186058B24651E221621C17E06A4EA90D118E1BA27CE7D045CB0CC5E8E7DE4    MISMATCH!!!
32
33Signature verification: ok
34
35Number of signers: 1
36	Signer [#0](/bitcoin-bitcoin/0/):
37		Subject: /C=CH/postalCode=8005/ST=State/L=Z\xC3\xBCrich/street=Mattengasse 27/O=Bitcoin Core Code Signing Association/CN=Bitcoin Core Code Signing Association
38		Issuer : /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Code Signing CA
39		Serial : BF7CA6A65BFCDF4BB8D68DC4AB073464
40
41Number of certificates: 5
42	Cert [#0](/bitcoin-bitcoin/0/):
43		Subject: /C=CH/postalCode=8005/ST=State/L=Z\xC3\xBCrich/street=Mattengasse 27/O=Bitcoin Core Code Signing Association/CN=Bitcoin Core Code Signing Association
44		Issuer : /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Code Signing CA
45		Serial : BF7CA6A65BFCDF4BB8D68DC4AB073464
46	------------------
47	Cert [#1](/bitcoin-bitcoin/1/):
48		Subject: /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
49		Issuer : /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
50		Serial : 01FD6D30FCA3CA51A81BBC640E35032D
51	------------------
52	Cert [#2](/bitcoin-bitcoin/2/):
53		Subject: /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Code Signing CA
54		Issuer : /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
55		Serial : 1DA248306F9B2618D082E0967D33D36A
56	------------------
57	Cert [#3](/bitcoin-bitcoin/3/):
58		Subject: /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Time Stamping CA
59		Issuer : /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
60		Serial : 300F6FACDD6698747CA94636A7782DB9
61	------------------
62	Cert [#4](/bitcoin-bitcoin/4/):
63		Subject: /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Time Stamping Signer [#2](/bitcoin-bitcoin/2/)
64		Issuer : /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Time Stamping CA
65		Serial : 8C77A0008FF4D1B0C63D9F3A48838D6B
66
67Signature mismatch.
68
69Failed

dongcarl commented at 7:21 pm on May 18, 2021: member

It would seem that @achow101 and I are getting identical results… If one of @Sjors @sipa or @hebasto can upload their results (just x86_64-linux-gnu would do), I can determine what’s causing the non-reproducibility. Many thanks!

hebasto commented at 6:01 pm on May 19, 2021: member

@dongcarl

Is LC_ALL=C sort safer than sort?

guix: repro: Sort find output in libtool for gcc-8

Otherwise the resulting .a static libraries (e.g. libstdc++.a) will not
be reproducible and end up making the Bitcoin binaries non-reproducible
as well.

See: https://reproducible-builds.org/docs/archives/#gnu-libtool

ee883201cf

dongcarl force-pushed on May 19, 2021

dongcarl commented at 7:39 pm on May 19, 2021: member

@dongcarl

Is LC_ALL=C sort safer than sort?

In environments where we don’t control env vars, yes! For guix environments we do control the env, and we should have set it already.

dongcarl commented at 7:42 pm on May 19, 2021: member

Lastest push: ee883201cf134952284632e9e9ae72bf1c8c792f

Resolves https://reproducible-builds.org/docs/archives/#gnu-libtool

An initial build of just x86_64-linux-gnu across two machine that previously showed non-reproducibility resulted in identical outputs (good news). Building the full suite of architectures now…

sipa commented at 7:47 pm on May 19, 2021: member

Building ee88320.

sipa commented at 10:19 pm on May 19, 2021: member

 0$ sha256sum $(find -type f | LC_ALL=C sort)
 13786f771f253a0516fc74ab850024eabd59b3d31009f7ddb4a48852d03b20898  ./aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu-debug.tar.gz
 22acaf9e7221e33015562a04892e81a59116a6572d8ee67b73f5ef4e325407bfb  ./aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu.tar.gz
 344ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./aarch64-linux-gnu/inputs.SHA256SUMS
 44862619901e7331babb0ad4a13336792c2c55a2eb2a2e9d1aa0d875c0cf0a997  ./arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf-debug.tar.gz
 523a191a67524fbef495761ddec0ba501287a356665b77a2401ed365ca487edd1  ./arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf.tar.gz
 644ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./arm-linux-gnueabihf/inputs.SHA256SUMS
 7e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  ./dist-archive/SKIPATTEST.TAG
 86b8030fdf50bb43c2d25e4b9cd0f4e6fcf03e118abb14ff694b85e296bb6deb3  ./dist-archive/bitcoin-ee883201cf13.tar.gz
 909cba7861cd7b6bf33df3a5c893e82f83f10860f2e5f2ca4aba0f47927777a46  ./powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu-debug.tar.gz
10d5c64638acc71496f4abddbc9e63df2f739fb496fbcca851e76944b4822fb0bd  ./powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu.tar.gz
1144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./powerpc64-linux-gnu/inputs.SHA256SUMS
123d1075423befb7b00cedd8a7f8092a5b1339d779b26bb21fb605b27fed1224c3  ./powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu-debug.tar.gz
13c35029cbdce80f6acb5c1c4204fcccc62c5d3d337ebcdc9da9c5b3ff86e7ddab  ./powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu.tar.gz
1444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./powerpc64le-linux-gnu/inputs.SHA256SUMS
15797ac18e185e8c8282eb1020078058bb4c6be75cb035c0d90bcdcb183ff954ce  ./riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu-debug.tar.gz
16a8864c72f759e603f60eb5e55424fe9d8f8960be0142d0b830414e724acc85b5  ./riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu.tar.gz
1744ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./riscv64-linux-gnu/inputs.SHA256SUMS
18d03e94da6f114bde14f842f1a976fddffb0feda634c8e7d8e83392fb93188016  ./x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.dmg
19e90c55da5cc1dbc1b6586ba7dcd72fa21e0d036dbb3b15df88850198cb3dc558  ./x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.tar.gz
20879c87ff956c76b1c239b12a954227e4a4b06e63242ab3137dbde7a5544da9df  ./x86_64-apple-darwin18/bitcoin-ee883201cf13-osx64.tar.gz
2144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./x86_64-apple-darwin18/inputs.SHA256SUMS
22d3a4126369a62865ca9c6f1adc312847bb9e11a119be85bfb85997c305e0491e  ./x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu-debug.tar.gz
23a9172340c92bfc4798e0b95b5ca17b45ece5ccefb27666d4bc863bb6f0f6cd80  ./x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu.tar.gz
2444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./x86_64-linux-gnu/inputs.SHA256SUMS
256e03eaadaf6438eb5c257b91b7d86830a03262fe4ab5e55f5a2e51dddb550cf1  ./x86_64-w64-mingw32/bitcoin-ee883201cf13-win-unsigned.tar.gz
26399a0b8c793d6e750facc989e90175a7660b8d693faa5287a32b97301288b865  ./x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-debug.zip
27ffe029396a808e6167646d3b84363f9bf27161d08beec638bb59df8863a88d7c  ./x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-setup-unsigned.exe
284533f31d4add0594a01aad6c28a8d1afa1da61f90fe11188ebe85f13e15c3cce  ./x86_64-w64-mingw32/bitcoin-ee883201cf13-win64.zip
2944ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  ./x86_64-w64-mingw32/inputs.SHA256SUMS

dongcarl commented at 10:40 pm on May 19, 2021: member

Matching!

 03786f771f253a0516fc74ab850024eabd59b3d31009f7ddb4a48852d03b20898  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu-debug.tar.gz
 12acaf9e7221e33015562a04892e81a59116a6572d8ee67b73f5ef4e325407bfb  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu.tar.gz
 24862619901e7331babb0ad4a13336792c2c55a2eb2a2e9d1aa0d875c0cf0a997  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf-debug.tar.gz
 323a191a67524fbef495761ddec0ba501287a356665b77a2401ed365ca487edd1  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf.tar.gz
 46b8030fdf50bb43c2d25e4b9cd0f4e6fcf03e118abb14ff694b85e296bb6deb3  guix-build-ee883201cf13/output/dist-archive/bitcoin-ee883201cf13.tar.gz
 509cba7861cd7b6bf33df3a5c893e82f83f10860f2e5f2ca4aba0f47927777a46  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu-debug.tar.gz
 6d5c64638acc71496f4abddbc9e63df2f739fb496fbcca851e76944b4822fb0bd  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu.tar.gz
 73d1075423befb7b00cedd8a7f8092a5b1339d779b26bb21fb605b27fed1224c3  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu-debug.tar.gz
 8c35029cbdce80f6acb5c1c4204fcccc62c5d3d337ebcdc9da9c5b3ff86e7ddab  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu.tar.gz
 9797ac18e185e8c8282eb1020078058bb4c6be75cb035c0d90bcdcb183ff954ce  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu-debug.tar.gz
10a8864c72f759e603f60eb5e55424fe9d8f8960be0142d0b830414e724acc85b5  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu.tar.gz
11e90c55da5cc1dbc1b6586ba7dcd72fa21e0d036dbb3b15df88850198cb3dc558  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.tar.gz
12879c87ff956c76b1c239b12a954227e4a4b06e63242ab3137dbde7a5544da9df  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx64.tar.gz
13d3a4126369a62865ca9c6f1adc312847bb9e11a119be85bfb85997c305e0491e  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu-debug.tar.gz
14a9172340c92bfc4798e0b95b5ca17b45ece5ccefb27666d4bc863bb6f0f6cd80  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu.tar.gz
156e03eaadaf6438eb5c257b91b7d86830a03262fe4ab5e55f5a2e51dddb550cf1  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win-unsigned.tar.gz

hebasto commented at 11:32 pm on May 19, 2021: member

 0$ find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
 13786f771f253a0516fc74ab850024eabd59b3d31009f7ddb4a48852d03b20898  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu-debug.tar.gz
 22acaf9e7221e33015562a04892e81a59116a6572d8ee67b73f5ef4e325407bfb  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu.tar.gz
 344ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/aarch64-linux-gnu/inputs.SHA256SUMS
 44862619901e7331babb0ad4a13336792c2c55a2eb2a2e9d1aa0d875c0cf0a997  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf-debug.tar.gz
 523a191a67524fbef495761ddec0ba501287a356665b77a2401ed365ca487edd1  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf.tar.gz
 644ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/arm-linux-gnueabihf/inputs.SHA256SUMS
 7e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  guix-build-ee883201cf13/output/dist-archive/SKIPATTEST.TAG
 86b8030fdf50bb43c2d25e4b9cd0f4e6fcf03e118abb14ff694b85e296bb6deb3  guix-build-ee883201cf13/output/dist-archive/bitcoin-ee883201cf13.tar.gz
 909cba7861cd7b6bf33df3a5c893e82f83f10860f2e5f2ca4aba0f47927777a46  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu-debug.tar.gz
10d5c64638acc71496f4abddbc9e63df2f739fb496fbcca851e76944b4822fb0bd  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu.tar.gz
1144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64-linux-gnu/inputs.SHA256SUMS
123d1075423befb7b00cedd8a7f8092a5b1339d779b26bb21fb605b27fed1224c3  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu-debug.tar.gz
13c35029cbdce80f6acb5c1c4204fcccc62c5d3d337ebcdc9da9c5b3ff86e7ddab  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu.tar.gz
1444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/inputs.SHA256SUMS
15797ac18e185e8c8282eb1020078058bb4c6be75cb035c0d90bcdcb183ff954ce  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu-debug.tar.gz
16a8864c72f759e603f60eb5e55424fe9d8f8960be0142d0b830414e724acc85b5  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu.tar.gz
1744ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/riscv64-linux-gnu/inputs.SHA256SUMS
18d03e94da6f114bde14f842f1a976fddffb0feda634c8e7d8e83392fb93188016  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.dmg
19e90c55da5cc1dbc1b6586ba7dcd72fa21e0d036dbb3b15df88850198cb3dc558  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.tar.gz
20879c87ff956c76b1c239b12a954227e4a4b06e63242ab3137dbde7a5544da9df  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx64.tar.gz
2144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-apple-darwin18/inputs.SHA256SUMS
22d3a4126369a62865ca9c6f1adc312847bb9e11a119be85bfb85997c305e0491e  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu-debug.tar.gz
23a9172340c92bfc4798e0b95b5ca17b45ece5ccefb27666d4bc863bb6f0f6cd80  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu.tar.gz
2444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-linux-gnu/inputs.SHA256SUMS
256e03eaadaf6438eb5c257b91b7d86830a03262fe4ab5e55f5a2e51dddb550cf1  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win-unsigned.tar.gz
26399a0b8c793d6e750facc989e90175a7660b8d693faa5287a32b97301288b865  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-debug.zip
27ffe029396a808e6167646d3b84363f9bf27161d08beec638bb59df8863a88d7c  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-setup-unsigned.exe
284533f31d4add0594a01aad6c28a8d1afa1da61f90fe11188ebe85f13e15c3cce  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64.zip
2944ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-w64-mingw32/inputs.SHA256SUMS

hebasto commented at 11:36 pm on May 19, 2021: member

@sipa @dongcarl

Could you post hashes of your:

bitcoin-ee883201cf13-osx-unsigned.dmg
bitcoin-ee883201cf13-win64-debug.zip
bitcoin-ee883201cf13-win64-setup-unsigned.exe
bitcoin-ee883201cf13-win64.zip

?

dongcarl commented at 11:38 pm on May 19, 2021: member

0d03e94da6f114bde14f842f1a976fddffb0feda634c8e7d8e83392fb93188016  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.dmg
1399a0b8c793d6e750facc989e90175a7660b8d693faa5287a32b97301288b865  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-debug.zip
2ffe029396a808e6167646d3b84363f9bf27161d08beec638bb59df8863a88d7c  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-setup-unsigned.exe
34533f31d4add0594a01aad6c28a8d1afa1da61f90fe11188ebe85f13e15c3cce  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64.zip

sipa commented at 11:39 pm on May 19, 2021: member

@hebasto Updated my sha256sums above.

dongcarl commented at 11:49 pm on May 19, 2021: member

Build finished on my second machine, everything’s matching.

achow101 commented at 1:01 am on May 20, 2021: member

 03786f771f253a0516fc74ab850024eabd59b3d31009f7ddb4a48852d03b20898  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu-debug.tar.gz
 12acaf9e7221e33015562a04892e81a59116a6572d8ee67b73f5ef4e325407bfb  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu.tar.gz
 244ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/aarch64-linux-gnu/inputs.SHA256SUMS
 34862619901e7331babb0ad4a13336792c2c55a2eb2a2e9d1aa0d875c0cf0a997  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf-debug.tar.gz
 423a191a67524fbef495761ddec0ba501287a356665b77a2401ed365ca487edd1  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf.tar.gz
 544ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/arm-linux-gnueabihf/inputs.SHA256SUMS
 6e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  guix-build-ee883201cf13/output/dist-archive/SKIPATTEST.TAG
 7838172edc158035d7c3141f78d16f26c13cd881fe53180d8ea85fdf3cd45642a  guix-build-ee883201cf13/output/dist-archive/bitcoin-ee883201cf13-codesignatures-a92d4f88892e.tar.gz
 86b8030fdf50bb43c2d25e4b9cd0f4e6fcf03e118abb14ff694b85e296bb6deb3  guix-build-ee883201cf13/output/dist-archive/bitcoin-ee883201cf13.tar.gz
 909cba7861cd7b6bf33df3a5c893e82f83f10860f2e5f2ca4aba0f47927777a46  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu-debug.tar.gz
10d5c64638acc71496f4abddbc9e63df2f739fb496fbcca851e76944b4822fb0bd  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu.tar.gz
1144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64-linux-gnu/inputs.SHA256SUMS
123d1075423befb7b00cedd8a7f8092a5b1339d779b26bb21fb605b27fed1224c3  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu-debug.tar.gz
13c35029cbdce80f6acb5c1c4204fcccc62c5d3d337ebcdc9da9c5b3ff86e7ddab  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu.tar.gz
1444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/inputs.SHA256SUMS
15797ac18e185e8c8282eb1020078058bb4c6be75cb035c0d90bcdcb183ff954ce  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu-debug.tar.gz
16a8864c72f759e603f60eb5e55424fe9d8f8960be0142d0b830414e724acc85b5  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu.tar.gz
1744ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/riscv64-linux-gnu/inputs.SHA256SUMS
18d03e94da6f114bde14f842f1a976fddffb0feda634c8e7d8e83392fb93188016  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.dmg
19e90c55da5cc1dbc1b6586ba7dcd72fa21e0d036dbb3b15df88850198cb3dc558  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.tar.gz
20879c87ff956c76b1c239b12a954227e4a4b06e63242ab3137dbde7a5544da9df  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx64.tar.gz
2144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-apple-darwin18/inputs.SHA256SUMS
22d3a4126369a62865ca9c6f1adc312847bb9e11a119be85bfb85997c305e0491e  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu-debug.tar.gz
23a9172340c92bfc4798e0b95b5ca17b45ece5ccefb27666d4bc863bb6f0f6cd80  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu.tar.gz
2444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-linux-gnu/inputs.SHA256SUMS
2589918308ed5fe9ffa04e5cfcda23cfd1d2705e9c393543d2c7f9fff69b3dbd92  guix-build-ee883201cf13/output/x86_64-w64-mingw32-codesigned/bitcoin-ee883201cf13-win64-setup.exe
2663371d1cbc4de9224d5a28f8e827ae548897896fced3b7bc136850e64da923af  guix-build-ee883201cf13/output/x86_64-w64-mingw32-codesigned/inputs.SHA256SUMS
276e03eaadaf6438eb5c257b91b7d86830a03262fe4ab5e55f5a2e51dddb550cf1  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win-unsigned.tar.gz
28399a0b8c793d6e750facc989e90175a7660b8d693faa5287a32b97301288b865  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-debug.zip
29ffe029396a808e6167646d3b84363f9bf27161d08beec638bb59df8863a88d7c  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-setup-unsigned.exe
304533f31d4add0594a01aad6c28a8d1afa1da61f90fe11188ebe85f13e15c3cce  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64.zip
3144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-w64-mingw32/inputs.SHA256SUMS

Windows code signature at https://github.com/bitcoin-core/bitcoin-detached-sigs/releases/tag/pr21239-ee883201cf13-win

dongcarl commented at 2:12 am on May 20, 2021: member

Looks like I’m matching (even with codesigning) with @achow101

 03786f771f253a0516fc74ab850024eabd59b3d31009f7ddb4a48852d03b20898  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu-debug.tar.gz
 12acaf9e7221e33015562a04892e81a59116a6572d8ee67b73f5ef4e325407bfb  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu.tar.gz
 244ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/aarch64-linux-gnu/inputs.SHA256SUMS
 34862619901e7331babb0ad4a13336792c2c55a2eb2a2e9d1aa0d875c0cf0a997  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf-debug.tar.gz
 423a191a67524fbef495761ddec0ba501287a356665b77a2401ed365ca487edd1  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf.tar.gz
 544ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/arm-linux-gnueabihf/inputs.SHA256SUMS
 6e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  guix-build-ee883201cf13/output/dist-archive/SKIPATTEST.TAG
 7838172edc158035d7c3141f78d16f26c13cd881fe53180d8ea85fdf3cd45642a  guix-build-ee883201cf13/output/dist-archive/bitcoin-ee883201cf13-codesignatures-a92d4f88892e.tar.gz
 86b8030fdf50bb43c2d25e4b9cd0f4e6fcf03e118abb14ff694b85e296bb6deb3  guix-build-ee883201cf13/output/dist-archive/bitcoin-ee883201cf13.tar.gz
 909cba7861cd7b6bf33df3a5c893e82f83f10860f2e5f2ca4aba0f47927777a46  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu-debug.tar.gz
10d5c64638acc71496f4abddbc9e63df2f739fb496fbcca851e76944b4822fb0bd  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu.tar.gz
1144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64-linux-gnu/inputs.SHA256SUMS
123d1075423befb7b00cedd8a7f8092a5b1339d779b26bb21fb605b27fed1224c3  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu-debug.tar.gz
13c35029cbdce80f6acb5c1c4204fcccc62c5d3d337ebcdc9da9c5b3ff86e7ddab  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu.tar.gz
1444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/inputs.SHA256SUMS
15797ac18e185e8c8282eb1020078058bb4c6be75cb035c0d90bcdcb183ff954ce  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu-debug.tar.gz
16a8864c72f759e603f60eb5e55424fe9d8f8960be0142d0b830414e724acc85b5  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu.tar.gz
1744ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/riscv64-linux-gnu/inputs.SHA256SUMS
18d03e94da6f114bde14f842f1a976fddffb0feda634c8e7d8e83392fb93188016  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.dmg
19e90c55da5cc1dbc1b6586ba7dcd72fa21e0d036dbb3b15df88850198cb3dc558  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.tar.gz
20879c87ff956c76b1c239b12a954227e4a4b06e63242ab3137dbde7a5544da9df  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx64.tar.gz
2144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-apple-darwin18/inputs.SHA256SUMS
22d3a4126369a62865ca9c6f1adc312847bb9e11a119be85bfb85997c305e0491e  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu-debug.tar.gz
23a9172340c92bfc4798e0b95b5ca17b45ece5ccefb27666d4bc863bb6f0f6cd80  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu.tar.gz
2444ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-linux-gnu/inputs.SHA256SUMS
2589918308ed5fe9ffa04e5cfcda23cfd1d2705e9c393543d2c7f9fff69b3dbd92  guix-build-ee883201cf13/output/x86_64-w64-mingw32-codesigned/bitcoin-ee883201cf13-win64-setup.exe
2663371d1cbc4de9224d5a28f8e827ae548897896fced3b7bc136850e64da923af  guix-build-ee883201cf13/output/x86_64-w64-mingw32-codesigned/inputs.SHA256SUMS
276e03eaadaf6438eb5c257b91b7d86830a03262fe4ab5e55f5a2e51dddb550cf1  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win-unsigned.tar.gz
28399a0b8c793d6e750facc989e90175a7660b8d693faa5287a32b97301288b865  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-debug.zip
29ffe029396a808e6167646d3b84363f9bf27161d08beec638bb59df8863a88d7c  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-setup-unsigned.exe
304533f31d4add0594a01aad6c28a8d1afa1da61f90fe11188ebe85f13e15c3cce  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64.zip
3144ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-w64-mingw32/inputs.SHA256SUMS

fanquake commented at 2:18 am on May 20, 2021: member

 03786f771f253a0516fc74ab850024eabd59b3d31009f7ddb4a48852d03b20898  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu-debug.tar.gz
 12acaf9e7221e33015562a04892e81a59116a6572d8ee67b73f5ef4e325407bfb  guix-build-ee883201cf13/output/aarch64-linux-gnu/bitcoin-ee883201cf13-aarch64-linux-gnu.tar.gz
 244ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/aarch64-linux-gnu/inputs.SHA256SUMS
 34862619901e7331babb0ad4a13336792c2c55a2eb2a2e9d1aa0d875c0cf0a997  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf-debug.tar.gz
 423a191a67524fbef495761ddec0ba501287a356665b77a2401ed365ca487edd1  guix-build-ee883201cf13/output/arm-linux-gnueabihf/bitcoin-ee883201cf13-arm-linux-gnueabihf.tar.gz
 544ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/arm-linux-gnueabihf/inputs.SHA256SUMS
 6e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  guix-build-ee883201cf13/output/dist-archive/SKIPATTEST.TAG
 76b8030fdf50bb43c2d25e4b9cd0f4e6fcf03e118abb14ff694b85e296bb6deb3  guix-build-ee883201cf13/output/dist-archive/bitcoin-ee883201cf13.tar.gz
 809cba7861cd7b6bf33df3a5c893e82f83f10860f2e5f2ca4aba0f47927777a46  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu-debug.tar.gz
 9d5c64638acc71496f4abddbc9e63df2f739fb496fbcca851e76944b4822fb0bd  guix-build-ee883201cf13/output/powerpc64-linux-gnu/bitcoin-ee883201cf13-powerpc64-linux-gnu.tar.gz
1044ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64-linux-gnu/inputs.SHA256SUMS
113d1075423befb7b00cedd8a7f8092a5b1339d779b26bb21fb605b27fed1224c3  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu-debug.tar.gz
12c35029cbdce80f6acb5c1c4204fcccc62c5d3d337ebcdc9da9c5b3ff86e7ddab  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/bitcoin-ee883201cf13-powerpc64le-linux-gnu.tar.gz
1344ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/powerpc64le-linux-gnu/inputs.SHA256SUMS
14797ac18e185e8c8282eb1020078058bb4c6be75cb035c0d90bcdcb183ff954ce  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu-debug.tar.gz
15a8864c72f759e603f60eb5e55424fe9d8f8960be0142d0b830414e724acc85b5  guix-build-ee883201cf13/output/riscv64-linux-gnu/bitcoin-ee883201cf13-riscv64-linux-gnu.tar.gz
1644ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/riscv64-linux-gnu/inputs.SHA256SUMS
17d03e94da6f114bde14f842f1a976fddffb0feda634c8e7d8e83392fb93188016  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.dmg
18e90c55da5cc1dbc1b6586ba7dcd72fa21e0d036dbb3b15df88850198cb3dc558  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx-unsigned.tar.gz
19879c87ff956c76b1c239b12a954227e4a4b06e63242ab3137dbde7a5544da9df  guix-build-ee883201cf13/output/x86_64-apple-darwin18/bitcoin-ee883201cf13-osx64.tar.gz
2044ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-apple-darwin18/inputs.SHA256SUMS
21d3a4126369a62865ca9c6f1adc312847bb9e11a119be85bfb85997c305e0491e  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu-debug.tar.gz
22a9172340c92bfc4798e0b95b5ca17b45ece5ccefb27666d4bc863bb6f0f6cd80  guix-build-ee883201cf13/output/x86_64-linux-gnu/bitcoin-ee883201cf13-x86_64-linux-gnu.tar.gz
2344ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-linux-gnu/inputs.SHA256SUMS
246e03eaadaf6438eb5c257b91b7d86830a03262fe4ab5e55f5a2e51dddb550cf1  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win-unsigned.tar.gz
25399a0b8c793d6e750facc989e90175a7660b8d693faa5287a32b97301288b865  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-debug.zip
26ffe029396a808e6167646d3b84363f9bf27161d08beec638bb59df8863a88d7c  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64-setup-unsigned.exe
274533f31d4add0594a01aad6c28a8d1afa1da61f90fe11188ebe85f13e15c3cce  guix-build-ee883201cf13/output/x86_64-w64-mingw32/bitcoin-ee883201cf13-win64.zip
2844ec0ecadad08ae140c2617665e9212eb75641ed571e9d1ebf183fd88ef095ee  guix-build-ee883201cf13/output/x86_64-w64-mingw32/inputs.SHA256SUMS

hebasto commented at 8:56 am on May 20, 2021: member

Windows codesigned: https://github.com/bitcoin-core/guix.sigs/pull/12

hebasto commented at 9:28 am on May 20, 2021: member

On Windows 10 Pro 20H2 (build 19042.928):

Screenshot from 2021-05-20 12-24-51

achow101 commented at 3:45 pm on May 20, 2021: member

The signature is valid, just done with the certificate that is now both expired and revoked, so you get those errors.

Sjors commented at 9:09 am on May 21, 2021: member

Uploaded signatures: https://github.com/bitcoin-core/guix.sigs/pull/13

I’m matching with @achow101 and @dongcarl (find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum, including the windows signed bit)

in contrib/guix/manifest.scm:227 in bac2690e6f outdated

220@@ -217,6 +221,337 @@ chain for " target " development."))
221 parse, modify and abstract ELF, PE and MachO formats.")
222    (license license:asl2.0)))
223 
224+(define osslsigncode
225+  (package
226+    (name "osslsigncode")
227+    (version "2.0")

achow101 commented at 5:59 pm on May 21, 2021:

In bac2690e6f683fcedb883fe1d32f3c33c628a141 “guix: Package codesigning tools”

There is a osslsigncode 2.1 available, do we want to use that version? I don’t think it really matters, but something to consider.

dongcarl commented at 8:23 pm on May 21, 2021:

Not sure, should be easy enough to bump in the future when there’s a feature/bugfix that’s relevant to us.

achow101 commented at 6:18 pm on May 21, 2021: member

ACK ee883201cf134952284632e9e9ae72bf1c8c792f

laanwj commented at 1:27 pm on May 24, 2021: member

Tested ACK ee883201cf134952284632e9e9ae72bf1c8c792f

laanwj merged this on May 24, 2021

laanwj closed this on May 24, 2021

laanwj moved this from the "PRs" to the "Done" column in a project

sidhujag referenced this in commit 77a6901abf on May 25, 2021

gwillen referenced this in commit 486939b4f1 on Jun 1, 2022

DrahtBot locked this on Aug 16, 2022

guix: Add codesignature attachment support for osx+win #21239

Conflicts