mirror of
https://git.sr.ht/~eliasnaur/gio
synced 2026-07-04 17:05:38 +00:00
cmd/gogio: [iOS] identify certificates by their SHA-1 fingerprint
Unlike the common name, the fingerprint is almost certainly unique. Xcode uses the fingerprint as well. Signed-off-by: Elias Naur <mail@eliasnaur.com>
This commit is contained in:
@@ -4,7 +4,8 @@ package main
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"archive/zip"
|
"archive/zip"
|
||||||
"crypto/x509"
|
"crypto/sha1"
|
||||||
|
"encoding/hex"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
@@ -130,10 +131,6 @@ func signIOS(bi *buildInfo, tmpDir, app string) error {
|
|||||||
}
|
}
|
||||||
// Omit trailing newline.
|
// Omit trailing newline.
|
||||||
certDER = certDER[:len(certDER)-1]
|
certDER = certDER[:len(certDER)-1]
|
||||||
cert, err := x509.ParseCertificate(certDER)
|
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("sign: failed to parse developer certificate from %q: %v", prov, err)
|
|
||||||
}
|
|
||||||
entitlements, err := runCmd(exec.Command("/usr/libexec/PlistBuddy", "-x", "-c", "Print:Entitlements", provInfo))
|
entitlements, err := runCmd(exec.Command("/usr/libexec/PlistBuddy", "-x", "-c", "Print:Entitlements", provInfo))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
@@ -142,8 +139,9 @@ func signIOS(bi *buildInfo, tmpDir, app string) error {
|
|||||||
if err := ioutil.WriteFile(entFile, []byte(entitlements), 0660); err != nil {
|
if err := ioutil.WriteFile(entFile, []byte(entitlements), 0660); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
signIdentity := cert.Subject.CommonName
|
identity := sha1.Sum(certDER)
|
||||||
_, err = runCmd(exec.Command("codesign", "-s", signIdentity, "--entitlements", entFile, app))
|
idHex := hex.EncodeToString(identity[:])
|
||||||
|
_, err = runCmd(exec.Command("codesign", "-s", idHex, "-v", "--entitlements", entFile, app))
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
return fmt.Errorf("sign: no valid provisioning profile found for bundle id %q among %v", bi.appID, avail)
|
return fmt.Errorf("sign: no valid provisioning profile found for bundle id %q among %v", bi.appID, avail)
|
||||||
|
|||||||
Reference in New Issue
Block a user