Re: Code signing problem using shared framework in Yosemite
Re: Code signing problem using shared framework in Yosemite
- Subject: Re: Code signing problem using shared framework in Yosemite
- From: Bill Cheeseman <email@hidden>
- Date: Sun, 12 Oct 2014 14:05:32 -0400
On Oct 12, 2014, at 12:42 PM, Scott Ribe <email@hidden> wrote:
> On Oct 12, 2014, at 10:24 AM, Bill Cheeseman <email@hidden> wrote:
>
>> ...both the UI Browser application and the framework pass all of the codesign tests for proper signatures on disk.
>
> spctl --assess???
>
> I've run into many cases where codesign says all ok, but spctl finds a problem. (My app embeds an Automator action, not quite the same as embedding a framework, but similar in that there's a code resource with its own signature.)
The framework and the application passed a number of tests that I routinely perform, as follows:
To verify the application or framework has the new version 2 sealed resource, look for "Sealed Resources version=2 ....
codesign -dv <path>
To verify the application was properly signed with recursive testing, use Terminal, cd to the application's folder, and look for "valid on disk" and "satisfies its Designated Requirement":
codesign --verify --deep --verbose=4 <path>
and this, looking for exit = 0:
spctl --assess --type execute <appname>.app
and this, looking for "accepted":
spctl -a -v <appname>.app
and this, looking for "accepted":
spctl -a -t exec -vv <appname>.app
--
Bill Cheeseman - email@hidden
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden