Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Add script to contrib/ that verifies authenticity of binaries hosted on SourceForge #1935
This script downloads the SHA256SUMS.asc file from SourceForge for a given release (version can be specified on the command line), which contains Gavin's signature of the hashes of the Bitcoin binaries. It verifies that the signature is valid, downloads the files specified in the signature file, and checks that the hashes of these files match with those signed by Gavin.
Automatic sanity-testing: PASSED, see http://jenkins.bluematt.me/pull-tester/de91ea0c0c2fead60bfe9a531558cbe1c562346e for binaries and test log.