• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Where do I put a helper app in a Gatekeeper signed app?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Where do I put a helper app in a Gatekeeper signed app?

  • Subject: Re: Where do I put a helper app in a Gatekeeper signed app?
  • From: Roland King <email@hidden>
  • Date: Tue, 11 Feb 2014 21:43:31 +0800
I think I answered my own question by complete accident. I was messing about with code signing and asked Xcode to sign the helper (which I'd put in the Executables section for good measure) instead of the main app by mistake .. but it signed it. As soon as I'd made that error and switched back to the main app, the code sign on the original app with the embedded command line tool worked fine. I looked at the signed command line tool to find it has about 10Kb of extra stuff in the text section where the code signature goes.

That's reasonably cool.

I had a few quirks along the way, the executable was being packaged in usr/local/bin inside the final archive until I told it to skip install and the only way I could stop it adding the man page was to remove the man page, even Skip Install didn't do that. But now I have a signed package with a signed helper tool which claims it has a valid Gatekeeper signature.

And I didn't have to leave Xcode once.

On 11 Feb, 2014, at 7:47 pm, Roland King <email@hidden> wrote:

> I decided to pull one piece of code out of my app and put it in its own helper app (command line tool type). Doing this isolates one task and cuts the risk of exploit.
>
> The app I'm signing with my Apple Distribution profile, not for the AppStore, just for Gatekeeper. So the questions I have are
>
> 1) Where do I put the helper app/command-line-tool in the bundle? Contents/Resources, Contents/somethingelse?
> 2) Does the signing Xcode performs before shipping sign all the bits of the bundle including my helper app or do I have to do something special in the code-signing process to tell it to include it all in the signature? Does the answer to that question depend at all on where in the bundle I put the helper app?
> 3) If I have to do something special to sign it, any pointers as to what I have to do? I'm currently just using the signing out of the box with Xcode and haven't had to get messy with it.
>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Xcode-users mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Where do I put a helper app in a Gatekeeper signed app? (From: Roland King <email@hidden>)

  • Prev by Date: Where do I put a helper app in a Gatekeeper signed app?
  • Next by Date: Re: Where do I put a helper app in a Gatekeeper signed app?
  • Previous by thread: Where do I put a helper app in a Gatekeeper signed app?
  • Next by thread: Re: Where do I put a helper app in a Gatekeeper signed app?
  • Index(es):
    • Date
    • Thread