Retropex/docker-bitcoind
1
0
Fork 0
mirror of https://github.com/Retropex/docker-bitcoind.git synced 2025-05-28 04:52:33 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Change the way verification works

Browse Source
This commit is contained in:
nolim1t 2021-09-14 15:12:34 +07:00
parent e62c804d7f
commit 6897b52335
No known key found for this signature in database
GPG Key ID: F6287B82CC84BCBD
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
22.0/Dockerfile
View File

@ -52,8 +52,10 @@ FROM preparer-base AS preparer-release
ARG VERSION
# Download checksums
# Download sigs
ADD https://bitcoincore.org/bin/bitcoin-core-$VERSION/SHA256SUMS.asc ./
# Download checksums
ADD https://bitcoincore.org/bin/bitcoin-core-$VERSION/SHA256SUMS ./
# Download source code (intentionally different website than checksums)
# uncomment
@ -61,10 +63,10 @@ ADD https://bitcoincore.org/bin/bitcoin-core-$VERSION/SHA256SUMS.asc ./
ADD https://bitcoincore.org/bin/bitcoin-core-$VERSION/bitcoin-$VERSION.tar.gz ./
# Verify that hashes are signed with the previously imported key
RUN gpg --verify SHA256SUMS.asc
RUN gpg --verify SHA256SUMS.asc SHA256SUMS
# Verify that downloaded source-code archive matches exactly the hash that's provided
RUN grep " bitcoin-$VERSION.tar.gz\$" SHA256SUMS.asc | sha256sum -c -
RUN grep " bitcoin-$VERSION.tar.gz\$" SHA256SUMS | sha256sum -c -
# Extract
RUN tar -xzf "bitcoin-$VERSION.tar.gz" && \