From 0825a884ab92dbc23c04f7d0b1807e6ca597a88c Mon Sep 17 00:00:00 2001
From: Aditya Kulkarni <zcash@adityapk.com>
Date: Mon, 4 Feb 2019 14:38:36 -0800
Subject: [PATCH] Sign binaries script

---
 res/SIGNATURES_README       |  8 ++++++++
 src/scripts/signbinaries.sh | 25 +++++++++++++++++++++++++
 2 files changed, 33 insertions(+)
 create mode 100644 res/SIGNATURES_README
 create mode 100755 src/scripts/signbinaries.sh

diff --git a/res/SIGNATURES_README b/res/SIGNATURES_README
new file mode 100644
index 0000000..af94bfe
--- /dev/null
+++ b/res/SIGNATURES_README
@@ -0,0 +1,8 @@
+This directory contains the hashes and signatures for zec-qt-wallet
+
+Verify the hashes by running
+sha256sum -c sha256sum-vX.Y.Z.txt
+
+Verify signatures by runnnig
+gpg --verify <filename.sig> <filename>
+
diff --git a/src/scripts/signbinaries.sh b/src/scripts/signbinaries.sh
new file mode 100755
index 0000000..cb6ead6
--- /dev/null
+++ b/src/scripts/signbinaries.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+if [ -z $APP_VERSION ]; then echo "APP_VERSION is not set"; exit 1; fi
+
+# Store the hash and signatures here
+rm -rf release/signatures
+mkdir -p release/signatures 
+
+cd artifacts
+echo "[Signing Binaries]"
+
+# sha256sum the binaries
+gsha256sum *$APP_VERSION* > ../release/signatures/sha256sum-v$APP_VERSION.txt
+
+for i in $( ls *zec-qt-wallet-v$APP_VERSION*); do
+  echo "Signing" $i
+  gpg --batch --output ../release/signatures/$i.sig --detach-sig $i 
+done
+
+cp ../res/SIGNATURES_README ../release/signatures/README
+
+cd ../release/signatures
+tar -czf signatures-v$APP_VERSION.tar.gz *
+cp signatures-v$APP_VERSION.tar.gz ../../artifacts
+