Skip to content
This repository has been archived by the owner on Feb 13, 2020. It is now read-only.

Signing MacOS Bundles (& maybe code which may address newer iOS?) #135

Open
btsimonh opened this issue Sep 7, 2019 · 0 comments
Open

Signing MacOS Bundles (& maybe code which may address newer iOS?) #135

btsimonh opened this issue Sep 7, 2019 · 0 comments

Comments

@btsimonh
Copy link

btsimonh commented Sep 7, 2019

Hi All,
I've just pushed updates on my fork which go a long way towards MacOS app bundle signing her:
https://github.com/btsimonh/isign-MacOS

Note that the hacks will make it not work for iOS bundles any more... (hardcoded /Content)

The modifications add a second code directory segment, with sha256 hashes, and it matches Apple pretty well.

The remaining issue is the actual signature. Apple has added timestamps and a custom part to the signature which is beyond my Python/OpenSSL ability; indeed may be beyond Python's OpenSSL bindings ability. My next port of call was going to be to port everything to nodejs, but I found an alternative way around my signing issue which means I only need to sign once now; so this code is now abandoned.
Posted here in case anyone wants to take it onwards....

s

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant