Re: Code sign verification in Leopard
Re: Code sign verification in Leopard
- Subject: Re: Code sign verification in Leopard
- From: Rainer Brockerhoff <email@hidden>
- Date: Tue, 17 Aug 2010 15:02:07 -0300
At 08:35 -0700 17/08/10, email@hidden wrote:
>From: Arun <email@hidden>
>Date: Tue, 17 Aug 2010 21:01:06 +0530
>Message-ID: <email@hidden>
>Content-Type: text/plain
>
>I am using Mac OS X 10.5.8 and xcode v3.1.
>I have created a Self Code signing identity using Keychain Access
>application. The name of the Code signing identity is "arun".
>
>Using this identity i have signed a binary using the below command.
>
>codesign -s arun -r="designated => anchor trusted" -f arun
The proper list for this is probably email@hidden...
Anyway, here's the way I do it with my self-signed cert:
codesign -s myidentity -i "my.qualified.bundle.id" -fv mybundlepath
>To verify the code sign i am using the following command which throws the
>error as highlighted below.
>
>codesign -v -R="anchor trusted" arun
>arun: does not satisfy its designated Requirement
>*test-requirement: failed to satisfy code requirement(s)*
To verify, run:
codesign -dvv -r- mybundlepath
which should print
Authority="myidentity"
and a few lines later
root = H"lotsofhexcharacters"
note that anyone can change and re-sign your bundle with the same identity name, but the "lotsofhexcharacters" are unique to your own self-signed certificate.
Also, running
codesign -vv mybundlepath
should print "valid on disk" if the bundle is intact, "code or signature modified" otherwise.
HTH,
--
Rainer Brockerhoff <email@hidden>
Belo Horizonte, Brazil
"In the affairs of others even fools are wise
In their own business even sages err."
Blog: http://brockerhoff.net/blog
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden