[PHPBB3-17173] Generate signatures for release packages

XML

Word

Printable

Details

Type: New Feature
Status: Unverified Fix (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.0.0-a1
Component/s: None
Labels:
None

Description

In addition to the sha256 hashes that are already created for release packages, we should also create a signature for each file that has been signed with a private key. Using the published verification key, it will then be possible to confirm not only that the package hasn't been modified after creating the hash but also that neither the package nor the hash have been altered.

Attachments

Activity

People

Assignee:: Marc

Reporter:: Marc

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Aug/23 4:22 PM

Updated:: 22/Sep/23 9:59 AM

Resolved:: 22/Sep/23 9:59 AM