contrib/build-wine/README.md

# Windows binaries

✓ _These binaries should be reproducible, meaning you should be able to generate
   binaries that match the official releases._

This assumes an Ubuntu (x86_64) host, but it should not be too hard to adapt to another
similar system.

1. Install Docker

    See `contrib/docker_notes.md`.

    Note: older versions of Docker might not work well
    (see [#6971](https://github.com/spesmilo/electrum/issues/6971)).
    If having problems, try to upgrade to at least `docker 20.10`.

2. Build Windows binaries

    ```
    $ ./build.sh
    ```
    If you want reproducibility, try instead e.g.:
    ```
    $ ELECBUILD_COMMIT=HEAD ELECBUILD_NOCACHE=1 ./build.sh
    ```

3. The generated binaries are in `./contrib/build-wine/dist`.


## Code Signing

Electrum Windows builds are signed with a Microsoft Authenticode™ code signing
certificate in addition to the GPG-based signatures.

The advantage of using Authenticode is that Electrum users won't receive a 
Windows SmartScreen warning when starting it.

The release signing procedure involves a signer (the holder of the
certificate/key) and one or multiple trusted verifiers:


| Signer                                                    | Verifier                             |
|-----------------------------------------------------------|--------------------------------------|
| Build .exe files using `make_win.sh`                      |                                      |
| Sign .exe with `./sign.sh`                                |                                      |
| Upload signed files to download server                    |                                      |
|                                                           | Build .exe files using `make_win.sh` |
|                                                           | Compare files using `unsign.sh`      |
|                                                           | Sign .exe file using `gpg -b`        |

| Signer and verifiers:                                                                            |
|--------------------------------------------------------------------------------------------------|
| Upload signatures to 'electrum-signatures' repo, as `$version/$filename.$builder.asc`            |


## Verify Integrity of signed binary

Every user can verify that the official binary was created from the source code in this 
repository. To do so, the Authenticode signature needs to be stripped since the signature
is not reproducible.

This procedure removes the differences between the signed and unsigned binary:

1. Remove the signature from the signed binary using osslsigncode or signtool.
2. Set the COFF image checksum for the signed binary to 0x0. This is necessary
   because pyinstaller doesn't generate a checksum.
3. Append null bytes to the _unsigned_ binary until the byte count is a multiple
   of 8.

The script `unsign.sh` performs these steps.

## FAQ

### How to investigate diff between binaries if reproducibility fails?
`pyi-archive_viewer` is needed, for that run `$ pip install pyinstaller`.
As a first pass overview, run:
```
pyi-archive_viewer -l electrum-*.exe1 > f1
pyi-archive_viewer -l electrum-*.exe2 > f2
diff f1 f2 > d
cat d
```
Then investigate manually:
```
$ pyi-archive_viewer electrum-*.exe1
? help
```
win build: add instructions to investigate reproducibility failure 2022-03-25 21:26:10 +01:00			`# Windows binaries`
Add script for deterministic builds 2017-11-28 00:30:06 +01:00
build: note whether binary is reproducible in each case 2019-06-26 04:18:24 +02:00			`✓ _These binaries should be reproducible, meaning you should be able to generate`
			`binaries that match the official releases._`
wine-build: clarify to use docker for reproducible builds. move parts of readme. 2018-08-15 13:22:24 +02:00
build: note whether binary is reproducible in each case 2019-06-26 04:18:24 +02:00			`This assumes an Ubuntu (x86_64) host, but it should not be too hard to adapt to another`
build: try to consolidate instructions and decr codedupe in release.sh 2021-06-17 19:41:37 +02:00			`similar system.`
Add script for deterministic builds 2017-11-28 00:30:06 +01:00
wine build: rm old README 2019-05-06 17:10:36 +02:00			`1. Install Docker`
Add instruction to install dirmngr to Wine README 2017-12-06 18:12:02 +01:00
contrib: add docker_notes.md 2022-03-03 18:55:35 +01:00			See `contrib/docker_notes.md`.
Add instruction to install dirmngr to Wine README 2017-12-06 18:12:02 +01:00
build-wine/README.md: add comment about needing recent docker version 2021-02-01 22:30:54 +01:00			`Note: older versions of Docker might not work well`
			`(see [#6971](https://github.com/spesmilo/electrum/issues/6971)).`
			If having problems, try to upgrade to at least `docker 20.10`.

build: try to consolidate instructions and decr codedupe in release.sh 2021-06-17 19:41:37 +02:00			`2. Build Windows binaries`
Add instruction to install dirmngr to Wine README 2017-12-06 18:12:02 +01:00
wine build: rm old README 2019-05-06 17:10:36 +02:00			```
build: try to consolidate instructions and decr codedupe in release.sh 2021-06-17 19:41:37 +02:00			`$ ./build.sh`
wine build: rm old README 2019-05-06 17:10:36 +02:00			```
build: try to consolidate instructions and decr codedupe in release.sh 2021-06-17 19:41:37 +02:00			`If you want reproducibility, try instead e.g.:`
wine build: rm old README 2019-05-06 17:10:36 +02:00			```
build: try to consolidate instructions and decr codedupe in release.sh 2021-06-17 19:41:37 +02:00			`$ ELECBUILD_COMMIT=HEAD ELECBUILD_NOCACHE=1 ./build.sh`
wine build: rm old README 2019-05-06 17:10:36 +02:00			```
Add script for deterministic builds 2017-11-28 00:30:06 +01:00
build: try to consolidate instructions and decr codedupe in release.sh 2021-06-17 19:41:37 +02:00			3. The generated binaries are in `./contrib/build-wine/dist`.
Add script for deterministic builds 2017-11-28 00:30:06 +01:00
wine build: rm old README 2019-05-06 17:10:36 +02:00

win build: add instructions to investigate reproducibility failure 2022-03-25 21:26:10 +01:00			`## Code Signing`
wine build: rm old README 2019-05-06 17:10:36 +02:00
			`Electrum Windows builds are signed with a Microsoft Authenticode™ code signing`
			`certificate in addition to the GPG-based signatures.`

			`The advantage of using Authenticode is that Electrum users won't receive a`
			`Windows SmartScreen warning when starting it.`

			`The release signing procedure involves a signer (the holder of the`
			`certificate/key) and one or multiple trusted verifiers:`


build: rename some scripts 2021-06-17 19:03:23 +02:00			`\| Signer \| Verifier \|`
			`\|-----------------------------------------------------------\|--------------------------------------\|`
			\| Build .exe files using `make_win.sh` \| \|
			\| Sign .exe with `./sign.sh` \| \|
			`\| Upload signed files to download server \| \|`
			\| \| Build .exe files using `make_win.sh` \|
			\| \| Compare files using `unsign.sh` \|
			\| \| Sign .exe file using `gpg -b` \|
wine build: rm old README 2019-05-06 17:10:36 +02:00
build: rename some scripts 2021-06-17 19:03:23 +02:00			`\| Signer and verifiers: \|`
			`\|--------------------------------------------------------------------------------------------------\|`
			\| Upload signatures to 'electrum-signatures' repo, as `$version/$filename.$builder.asc` \|
wine build: rm old README 2019-05-06 17:10:36 +02:00


win build: add instructions to investigate reproducibility failure 2022-03-25 21:26:10 +01:00			`## Verify Integrity of signed binary`
wine build: rm old README 2019-05-06 17:10:36 +02:00
			`Every user can verify that the official binary was created from the source code in this`
			`repository. To do so, the Authenticode signature needs to be stripped since the signature`
			`is not reproducible.`

			`This procedure removes the differences between the signed and unsigned binary:`

			`1. Remove the signature from the signed binary using osslsigncode or signtool.`
			`2. Set the COFF image checksum for the signed binary to 0x0. This is necessary`
			`because pyinstaller doesn't generate a checksum.`
			`3. Append null bytes to the _unsigned_ binary until the byte count is a multiple`
			`of 8.`

			The script `unsign.sh` performs these steps.
win build: add instructions to investigate reproducibility failure 2022-03-25 21:26:10 +01:00
			`## FAQ`

			`### How to investigate diff between binaries if reproducibility fails?`
			`pyi-archive_viewer` is needed, for that run `$ pip install pyinstaller`.
			`As a first pass overview, run:`
			```
			`pyi-archive_viewer -l electrum-*.exe1 > f1`
			`pyi-archive_viewer -l electrum-*.exe2 > f2`
			`diff f1 f2 > d`
			`cat d`
			```
			`Then investigate manually:`
			```
			`$ pyi-archive_viewer electrum-*.exe1`
			`? help`
			```