From 288007d6dda7eee022a2bcf4075bd09fb2c9998f Mon Sep 17 00:00:00 2001
From: idk <hankhill19580@gmail.com>
Date: Tue, 17 May 2022 17:49:33 -0400
Subject: [PATCH] Update exe signing procedure

---
 config.sh  |  0
 release.sh |  0
 sign.sh    | 19 ++++++++++++-------
 3 files changed, 12 insertions(+), 7 deletions(-)
 mode change 100644 => 100755 config.sh
 mode change 100644 => 100755 release.sh
 mode change 100644 => 100755 sign.sh

diff --git a/config.sh b/config.sh
old mode 100644
new mode 100755
diff --git a/release.sh b/release.sh
old mode 100644
new mode 100755
diff --git a/sign.sh b/sign.sh
old mode 100644
new mode 100755
index c889d15..8285593
--- a/sign.sh
+++ b/sign.sh
@@ -13,17 +13,22 @@ if [ -f config_overide.sh ]; then
 fi
 
 linuxsign() {
+    ## LINUX SIGNING IS EXPERIMENTAL AND SHOULD NOT BE USED IN DEFAULT STATE.
     if [ ! -f jsign-4.1.jar ]; then
         wget -O jsign-4.1.jar https://github.com/ebourg/jsign/releases/download/4.1/jsign-4.1.jar
     fi
+    if [ ! -f "$HOME/signingkeys/signing-key.jks" ]; then
+        mkdir -p "$HOME/signingkeys/"
+        keytool -genkey -alias server-alias -keyalg RSA -keypass changeit \
+            -storepass changeit -keystore "$HOME/signingkeys/signing-key.jks"
+    fi
     java -jar jsign-4.1.jar \
-    -keystore "$JAVA_HOME/lib/security/cacerts" \
-    -storepass changeit \
-    -keyfile "$HOME/signingkeys/signing-key.jks" \
-    -keypass changeit \
-    -tsaurl "http://timestamp.sectigo.com" \
-    -name "I2P-Browser-Installer" \
-    -alg "SHA-512" \
+    --keystore "$HOME/signingkeys/signing-key.jks" \
+    --storepass changeit \
+    --keypass changeit \
+    --tsaurl "http://timestamp.sectigo.com" \
+    --name "I2P-Browser-Installer" \
+    --alg "SHA-512" \
     "$1"
 }