| OLD | NEW |
|---|
| 1 #!/bin/bash -p | 1 #!/bin/bash -p |
| 2 | 2 |
| 3 # Copyright (c) 2012 The Chromium Authors. All rights reserved. | 3 # Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 4 # Use of this source code is governed by a BSD-style license that can be | 4 # Use of this source code is governed by a BSD-style license that can be |
| 5 # found in the LICENSE file. | 5 # found in the LICENSE file. |
| 6 | 6 |
| 7 # Using codesign, sign the contents of the versioned directory. Namely, this | 7 # Using codesign, sign the contents of the versioned directory. Namely, this |
| 8 # includes the framework and helper app. After signing, the signatures are | 8 # includes the framework and helper app. After signing, the signatures are |
| 9 # verified. | 9 # verified. |
| 10 | 10 |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 | 36 |
| 37 # An .app bundle to be signed can be signed directly. Normally, signing a | 37 # An .app bundle to be signed can be signed directly. Normally, signing a |
| 38 # framework bundle requires that each version within be signed individually. | 38 # framework bundle requires that each version within be signed individually. |
| 39 # http://developer.apple.com/mac/library/technotes/tn2007/tn2206.html#TNTAG13 | 39 # http://developer.apple.com/mac/library/technotes/tn2007/tn2206.html#TNTAG13 |
| 40 # In Chrome's case, the framework bundle is unversioned, so it too can be | 40 # In Chrome's case, the framework bundle is unversioned, so it too can be |
| 41 # signed directly. See copy_framework_unversioned.sh. | 41 # signed directly. See copy_framework_unversioned.sh. |
| 42 | 42 |
| 43 framework="${versioned_dir}/@MAC_PRODUCT_NAME@ Framework.framework" | 43 framework="${versioned_dir}/@MAC_PRODUCT_NAME@ Framework.framework" |
| 44 crashpad_handler="${framework}/Helpers/crashpad_handler" | 44 crashpad_handler="${framework}/Helpers/crashpad_handler" |
| 45 helper_app="${versioned_dir}/@MAC_PRODUCT_NAME@ Helper.app" | 45 helper_app="${versioned_dir}/@MAC_PRODUCT_NAME@ Helper.app" |
| 46 app_mode_loader_app="${framework}/Resources/app_mode_loader.app" |
| 47 app_mode_loader="${app_mode_loader_app}/Contents/MacOS/app_mode_loader" |
| 46 | 48 |
| 47 requirement_suffix="\ | 49 requirement_suffix="\ |
| 48 and certificate leaf = H\"85cee8254216185620ddc8851c7a9fc4dfe120ef\"\ | 50 and certificate leaf = H\"85cee8254216185620ddc8851c7a9fc4dfe120ef\"\ |
| 49 " | 51 " |
| 50 | 52 |
| 51 enforcement_flags="restrict" | 53 enforcement_flags="restrict" |
| 52 | 54 |
| 53 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ | 55 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ |
| 54 "${crashpad_handler}" \ | 56 "${crashpad_handler}" \ |
| 55 -r="designated => identifier \"crashpad_handler\" \ | 57 -r="designated => identifier \"crashpad_handler\" \ |
| 56 ${requirement_suffix}" --options "${enforcement_flags}" | 58 ${requirement_suffix}" --options "${enforcement_flags}" |
| 59 |
| 60 # The app mode loader bundle is modified dynamically at runtime. Just sign the |
| 61 # executable, which shouldn't change. In order to do this, the executable needs |
| 62 # to be copied out of the bundle, signed, and then copied back in. The resulting |
| 63 # bundle's signature won't validate normally, but if the executable file is |
| 64 # verified in isolation or with --ignore-resources, it will. Because the |
| 65 # bundle's signature won't validate on its own, don't set any of the enforcement |
| 66 # flags. |
| 67 app_mode_loader_tmp="$(mktemp -t app_mode_loader)" |
| 68 cp "${app_mode_loader}" "${app_mode_loader_tmp}" |
| 69 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ |
| 70 "${app_mode_loader_tmp}" \ |
| 71 -r="designated => identifier \"app_mode_loader\" \ |
| 72 ${requirement_suffix}" |
| 73 cp "${app_mode_loader_tmp}" "${app_mode_loader}" |
| 74 rm -f "${app_mode_loader_tmp}" |
| 75 |
| 57 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ | 76 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ |
| 58 "${framework}" \ | 77 "${framework}" \ |
| 59 -r="designated => identifier \"com.google.Chrome.framework\" \ | 78 -r="designated => identifier \"com.google.Chrome.framework\" \ |
| 60 ${requirement_suffix}" | 79 ${requirement_suffix}" |
| 80 |
| 61 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ | 81 codesign --sign "${codesign_id}" --keychain "${codesign_keychain}" \ |
| 62 "${helper_app}" \ | 82 "${helper_app}" \ |
| 63 -r="designated => identifier \"com.google.Chrome.helper\" \ | 83 -r="designated => identifier \"com.google.Chrome.helper\" \ |
| 64 ${requirement_suffix}" --options "${enforcement_flags}" | 84 ${requirement_suffix}" --options "${enforcement_flags}" |
| 65 | 85 |
| 66 # Verify everything. Don't use --deep on the framework because Keystone's | 86 # Verify everything. Don't use --deep on the framework because Keystone's |
| 67 # signature is in a transitional state (radar 18474911). | 87 # signature is in a transitional state (radar 18474911). Don't verify |
| 88 # app_mode_loader independently because --ignore-resources is unrecognized |
| 89 # before 10.11 (bug 565859). |
| 68 codesign --verify --deep "${crashpad_handler}" | 90 codesign --verify --deep "${crashpad_handler}" |
| 91 # codesign --verify --ignore-resources "${app_mode_loader}" |
| 69 codesign --verify "${framework}" | 92 codesign --verify "${framework}" |
| 70 codesign --verify --deep "${helper_app}" | 93 codesign --verify --deep "${helper_app}" |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1486863003:
mac: Sign app_mode_loader [badly] (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master