diff --git a/.circleci/config.yml b/.circleci/config.yml index fe9dcb9d..9e8b525e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -27,7 +27,7 @@ jobs: - run: name: Verify files command: | - curl -sSL https://secchannel.rsk.co/release.asc | gpg2 --import - + curl -sSL https://secchannel.rsk.co/SUPPORT.asc | gpg2 --import - gpg2 --verify SHA256SUMS.asc && sha256sum --check SHA256SUMS.asc - run: name: Clone rskj repo diff --git a/.github/workflows/reproducible.yml b/.github/workflows/reproducible.yml index 7fdc5da4..7b415028 100644 --- a/.github/workflows/reproducible.yml +++ b/.github/workflows/reproducible.yml @@ -21,7 +21,7 @@ jobs: - name: Download Release key run: | - gpg --keyserver https://secchannel.rsk.co/release.asc --recv-keys 1A92D8942171AFA951A857365DECF4415E3B8FA4 + gpg --keyserver https://secchannel.rsk.co/SUPPORT.asc --recv-keys 1DC9157991323D23FD37BAA7A6DBEAC640C5A14B - name: Verify files integrity run: | diff --git a/README.md b/README.md index 430ed7e8..4b2dd792 100644 --- a/README.md +++ b/README.md @@ -79,9 +79,8 @@ Before anything, you must ensure the security chain of the source code. For that 1. Download sec channel public key ```bash -$ gpg --keyserver https://secchannel.rsk.co/release.asc --recv-keys 5DECF4415E3B8FA4 -gpg: requesting key 5E3B8FA4 from https server secchannel.rsk.co -gpg: key 5E3B8FA4: public key "RSK Release Signing Key " imported +$ $ gpg --keyserver https://secchannel.rsk.co/SUPPORT.asc --recv-keys A6DBEAC640C5A14B +gpg: key A6DBEAC640C5A14B: "IOV Labs Support " imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) ``` @@ -89,24 +88,25 @@ gpg: imported: 1 (RSA: 1) 2. Verify the downloaded key fingerprint ```bash -$ gpg --finger 5DECF4415E3B8FA4 -pub 4096R/5E3B8FA4 2017-05-16 [expires: 2022-05-15] - Key fingerprint = 1A92 D894 2171 AFA9 51A8 5736 5DEC F441 5E3B 8FA4 -uid RSK Release Signing Key -sub 4096R/A44DCC86 2017-05-16 [expires: 2022-05-15] -sub 4096R/5E488E87 2017-05-16 [expires: 2022-05-15] -sub 4096R/9FC3E7C2 2017-05-16 [expires: 2022-05-15] +$ $ gpg --finger A6DBEAC640C5A14B +pub rsa4096 2022-05-11 [C] + 1DC9 1579 9132 3D23 FD37 BAA7 A6DB EAC6 40C5 A14B +uid [ unknown] IOV Labs Support +sub rsa4096 2022-05-11 [S] +sub rsa4096 2022-05-11 [E] ``` 3. Verify the `SHA256SUMS.asc` signature ```bash -$ gpg --verify SHA256SUMS.asc -gpg: Signature made mar 16 may 2017 16:47:56 ART -gpg: using RSA key 0x67D06695A44DCC86 -gpg: Good signature from "RSK Release Signing Key " [ultimate] -Primary key fingerprint: 1A92 D894 2171 AFA9 51A8 5736 5DEC F441 5E3B 8FA4 - Subkey fingerprint: D135 DDC0 B54D 6EF3 5901 52DF 67D0 6695 A44D CC86 +$ gpg --verify SHA256SUMS.asc +gpg: Signature made Wed May 11 10:50:48 2022 -03 +gpg: using RSA key 1F1AA750373B90D9792DC3217997999EEA3A9079 +gpg: Good signature from "IOV Labs Support " [unknown] +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: 1DC9 1579 9132 3D23 FD37 BAA7 A6DB EAC6 40C5 A14B + Subkey fingerprint: 1F1A A750 373B 90D9 792D C321 7997 999E EA3A 9079 ``` 4. Verify the `configure.sh` script diff --git a/SHA256SUMS.asc b/SHA256SUMS.asc index 04582cbe..d83d73b1 100644 --- a/SHA256SUMS.asc +++ b/SHA256SUMS.asc @@ -1,20 +1,20 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 +Hash: SHA512 271eadce610f19e92b5f8e66e291c4b25edf3696a67d297706a08ac13a6ca346 configure.sh -----BEGIN PGP SIGNATURE----- -iQIzBAEBCAAdFiEE0TXdwLVNbvNZAVLfZ9BmlaRNzIYFAl+ApzoACgkQZ9BmlaRN -zIbdQRAAnSjujbWsUeKyI4VCcgmrc1DE+UcK1+X9xKv4o1nzA2m4GqZeIY1mJOr7 -pib55O4lwyiYq0SwFYvPRGz9BoR+FXTGAZ5w0sjOaHSTy/6IjPjYEDGOM6dVXunW -3YDAI4FRK8A79vSPo5EzW5JYIF3kK6/pWS59deoJ1GNmmgKI9rWg+Rp/cRprtUo0 -CuHu2ih1N6P2hq1Ux0k2DSbQb0MNHSt8kw92r9j63xB7Eh5/bVm/wqeujBMuorlz -ZJ5AmAXpD/RL8N7hwMuqLDFY7gfn3ujGPlERUAKPRnYJ1ck/nfEBextNG257zsbZ -QjCW3HneGQakl2Rw0jdD9/rUkT/F7MOJSN5zOnri2v6y7OkBjgBkTbzPEX9CMYEX -oVzYznZSDiu05lhH5hzKxPZzYvJBYB48L30XIoOYEHYJzadqak/LmB379OKRNQ0V -TKPMjfRKi3iUyVmNlgEHNg5ynvFw5Pl4qSD1+yxiitVNFYLVg+sQwKdhqjeJVNkt -Zn/clLYEGq9phL18YUs+47h27aSb2WXhgBipHPn9ig4SyOZZP8jx7fk9OewAiCop -z/9sgcjIOcc2ZkmLtIcx7SqeCrUkXC82W387XYBppnwnFKdZhKJpPvxGyvQwQu10 -D5P4BGwkWBdlnFSmvEjvHgTNnomLhdgg0Xm1IzL1SQ+gpKHmskQ= -=Dirh +iQIzBAEBCgAdFiEEHxqnUDc7kNl5LcMheZeZnuo6kHkFAmJ7wSUACgkQeZeZnuo6 +kHkdqBAAz/4V3qRsLH62x1rC7e/iF3EJlbr0+y5jgZlmsWuicriZuAZ48IlaOZV3 +jOOOqGojroh4F2RtoadYMrWrzWQqIv22E3eY9zjHUOHbTFjRHQs3ZKW6scOtgIXt +VKZLXpqrqRdN8cRY9T9FpD7SE5CLpcrNHQW5mzcdS2QP9s0CHii5XPu2Qm7jtZHU +3xsOepQtH4SXf9bMUB5XuTrP8v32yTYKZka0fQ1+mjviKhSAc9HQchxHl26V0qqV +X4QO08RSBgvBEV9x0+oLOE3ZKAWQ8bQ71POP8W3Xvqvk1Z/SRw2Ynkrlj7ETq178 +Qi2vU/7Jxc0t9w4o4kxn+FRD6+K2eu6Nt8fGdenCEPj6st9iXtB3URCJ9qG9zq93 +Xu7ywAkXDj03xguIneLNjrUHwkFhNn85YHn9tTdK7BT6BfFmS9b4TIlhfJFQx4T3 +LYnafFMoEOPPb0n0BMVQ8de43gYbrVExZiWWIckwhar7GsEDsfMhHTqPqFu3fEx1 +yUDR5maz3F5YX455SxNIbxH9lrNqagSaNEQMjLpsxsYf1BwFD2Cwq3k79aBsQsKw +Bjidvpi3gitqpY3ImY2NlQGEYI9EoOvN1LIz+7th0eUA2EXynAQvZiqlU05FKkE2 +KpEMOZZh57cWCFdpq0YkspsWoGnAkLahrZpxW/2MXMoK3dRImu4= +=JPmX -----END PGP SIGNATURE----- diff --git a/build.gradle b/build.gradle index 0e7352ca..f2446a49 100644 --- a/build.gradle +++ b/build.gradle @@ -65,7 +65,7 @@ ext { junitVersion = '4.12' mockitoVersion = '2.23.4' powermockitoVersion = '2.0.2' - rskjcoreVersion = '3.3.0-SNAPSHOT' + rskjcoreVersion = '4.0.0-RC' } dependencies { diff --git a/src/main/resources/version.properties b/src/main/resources/version.properties index 0d0c9484..0f39347f 100644 --- a/src/main/resources/version.properties +++ b/src/main/resources/version.properties @@ -1,2 +1,2 @@ -versionNumber='3.4.0.0' -modifier="SNAPSHOT" +versionNumber='4.0.0.0' +modifier="RC"