OLD | NEW |
1 #!/bin/bash -p | 1 #!/bin/bash -p |
2 | 2 |
3 # Copyright (c) 2012 The Chromium Authors. All rights reserved. | 3 # Copyright (c) 2012 The Chromium Authors. All rights reserved. |
4 # Use of this source code is governed by a BSD-style license that can be | 4 # Use of this source code is governed by a BSD-style license that can be |
5 # found in the LICENSE file. | 5 # found in the LICENSE file. |
6 | 6 |
7 # Using codesign, sign the contents of the versioned directory. Namely, this | 7 # Using codesign, sign the contents of the versioned directory. Namely, this |
8 # includes the framework and helper app. After signing, the signatures are | 8 # includes the framework and helper app. After signing, the signatures are |
9 # verified. | 9 # verified. |
10 | 10 |
(...skipping 26 matching lines...) Expand all Loading... |
37 echo "usage: ${ME} app_path codesign_keychain codesign_id" >& 2 | 37 echo "usage: ${ME} app_path codesign_keychain codesign_id" >& 2 |
38 exit 1 | 38 exit 1 |
39 fi | 39 fi |
40 | 40 |
41 app_path="${1}" | 41 app_path="${1}" |
42 codesign_keychain="${2}" | 42 codesign_keychain="${2}" |
43 codesign_id="${3}" | 43 codesign_id="${3}" |
44 | 44 |
45 versioned_dir="${app_path}/Contents/Versions/@VERSION@" | 45 versioned_dir="${app_path}/Contents/Versions/@VERSION@" |
46 | 46 |
47 # An .app bundle to be signed can be signed directly. Normally, signing a | 47 # To sign an .app bundle that contains nested code, the nested components |
48 # framework bundle requires that each version within be signed individually. | 48 # themselves must be signed. Each of these components is signed below. Note |
49 # http://developer.apple.com/mac/library/technotes/tn2007/tn2206.html#TNTAG13 | 49 # that unless a framework has multiple versions (which is discouraged), signing |
50 # In Chrome's case, the framework bundle is unversioned, so it too can be | 50 # the entire framework is equivalent to signing the Current version. |
51 # signed directly. See copy_framework_unversioned.sh. | 51 # https://developer.apple.com/library/content/technotes/tn2206/_index.html#//app
le_ref/doc/uid/DTS40007919-CH1-TNTAG13 |
52 | 52 |
53 framework="${versioned_dir}/@MAC_PRODUCT_NAME@ Framework.framework" | 53 framework="${versioned_dir}/@MAC_PRODUCT_NAME@ Framework.framework" |
54 notification_service="${framework}/XPCServices/AlertNotificationService.xpc" | 54 notification_service="${framework}/XPCServices/AlertNotificationService.xpc" |
55 crashpad_handler="${framework}/Helpers/crashpad_handler" | 55 crashpad_handler="${framework}/Helpers/crashpad_handler" |
56 helper_app="${versioned_dir}/@MAC_PRODUCT_NAME@ Helper.app" | 56 helper_app="${versioned_dir}/@MAC_PRODUCT_NAME@ Helper.app" |
57 app_mode_loader_app="${framework}/Resources/app_mode_loader.app" | 57 app_mode_loader_app="${framework}/Resources/app_mode_loader.app" |
58 app_mode_loader="${app_mode_loader_app}/Contents/MacOS/app_mode_loader" | 58 app_mode_loader="${app_mode_loader_app}/Contents/MacOS/app_mode_loader" |
59 | 59 |
60 requirement_suffix="\ | 60 requirement_suffix="\ |
61 and (certificate leaf = H\"85cee8254216185620ddc8851c7a9fc4dfe120ef\" or \ | 61 and (certificate leaf = H\"85cee8254216185620ddc8851c7a9fc4dfe120ef\" or \ |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
104 --options "${enforcement_flags_app}" \ | 104 --options "${enforcement_flags_app}" \ |
105 -r="designated => identifier \"com.google.Chrome.helper\" \ | 105 -r="designated => identifier \"com.google.Chrome.helper\" \ |
106 ${requirement_suffix}" | 106 ${requirement_suffix}" |
107 | 107 |
108 # Show the signatures and verify everything. | 108 # Show the signatures and verify everything. |
109 codesign_display_and_verify "${crashpad_handler}" --deep | 109 codesign_display_and_verify "${crashpad_handler}" --deep |
110 codesign_display_and_verify "${app_mode_loader}" --ignore-resources | 110 codesign_display_and_verify "${app_mode_loader}" --ignore-resources |
111 codesign_display_and_verify "${notification_service}" --deep | 111 codesign_display_and_verify "${notification_service}" --deep |
112 codesign_display_and_verify "${framework}" --deep | 112 codesign_display_and_verify "${framework}" --deep |
113 codesign_display_and_verify "${helper_app}" --deep | 113 codesign_display_and_verify "${helper_app}" --deep |
OLD | NEW |