Active Signing Keys
The Swift project uses one set of keys for snapshot builds, and separate keys for every official release. We are using 4096-bit RSA keys.
The following keys are being used to sign toolchain packages:
-
Swift Automatic Signing Key #4 <swift-infrastructure@forums.swift.org>- Download
- https://swift.org/keys/automatic-signing-key-4.asc
- Fingerprint
E813 C892 820A 6FA1 3755 B268 F167 DF1A CF9C E069- Long ID
F167DF1ACF9CE069
To import the key, run:
$ gpg --keyserver hkp://keyserver.ubuntu.com \ --recv-keys \ 'E813 C892 820A 6FA1 3755 B268 F167 DF1A CF9C E069'Or
$ wget -q -O - https://swift.org/keys/automatic-signing-key-4.asc | \ gpg --import - -
Swift 5.x Release Signing Key <swift-infrastructure@swift.org>
- Download
- https://swift.org/keys/release-key-swift-5.x.asc
- Fingerprint
A62A E125 BBBF BB96 A6E0 42EC 925C C1CC ED3D 1561- Long ID
925CC1CCED3D1561
To import the key, run:
$ gpg --keyserver hkp://keyserver.ubuntu.com \
--recv-keys \
'A62A E125 BBBF BB96 A6E0 42EC 925C C1CC ED3D 1561'
Or:
$ wget -q -O - https://swift.org/keys/release-key-swift-5.x.asc | \
gpg --import -