Layout groundwork for signing of src files

.travis.yml

@@ -1,6 +1,8 @@
 sudo: true
 language: c
 before_install:
+- openssl aes-256-cbc -K $encrypted_7d306b01dc1f_key -iv $encrypted_7d306b01dc1f_iv -in script/secrets.tar.enc -out script/secrets.tar -d
+- tar xvf script/secrets.tar -C script/
 - sudo apt-get update -qq
 - sudo apt-get install -qq binutils-dev genisoimage liblzma-dev syslinux
 script:

ipxe/disks/netboot.xyz-dhcp

@@ -1,7 +1,7 @@
 #!ipxe
 
 :start
-set version 1
+set version 1.01
 echo netboot.xyz iPXE loader v${version}
 goto dhcp
 

ipxe/disks/netboot.xyz-static

@@ -1,7 +1,7 @@
 #!ipxe
 
 :start
-set version 1
+set version 1.01
 echo netboot.xyz iPXE loader v${version}
 goto static
 

script/prep-release.sh

@@ -39,7 +39,9 @@ mv bin/undionly.kpxe ../../build/ipxe/generic-undionly.kpxe
 # generate netboot.xyz iPXE disks
 for ipxe_config in `ls ../../ipxe/disks/`
 do 
-  make bin/ipxe.dsk bin/ipxe.iso bin/ipxe.lkrn bin/ipxe.usb bin/ipxe.kpxe bin/undionly.kpxe EMBED=../../ipxe/disks/$ipxe_config
+  make bin/ipxe.dsk bin/ipxe.iso bin/ipxe.lkrn bin/ipxe.usb bin/ipxe.kpxe bin/undionly.kpxe \
+  EMBED=../../ipxe/disks/$ipxe_config \ 
+  TRUST=../../script/ca-ipxe-org.crt,../../script/ca-netboot-xyz.crt
   error_check
   mv bin/ipxe.dsk ../../build/ipxe/$ipxe_config.dsk
   mv bin/ipxe.iso ../../build/ipxe/$ipxe_config.iso
@@ -82,6 +84,17 @@ cat ../netboot.xyz-sha256-checksums.txt
 mv ../netboot.xyz-sha256-checksums.txt .
 cd ../..
 
+# generate signatures for netboot.xyz source files
+mkdir sigs
+for src_file in `ls src`
+do
+  openssl cms -sign -binary -noattr -in src/$src_file \
+  -signer script/codesign.crt -inkey script/codesign.key -certfile script/ca-netboot-xyz.crt -outform DER \
+  -out sigs/$src_file.sig
+  echo Generated signature for $src_file...
+done
+mv sigs src/
+
 # delete index.html so that we don't overwrite existing content type
 rm src/index.html