轉載來自:https://www.jianshu.com/p/0124f10b2e00
codesign就是創建和管理證書的。下面列舉一些基本的操作使用。
可以查看codesign的使用幫助
codesign --help
使用方法的命令
Usage: codesign -s identity [-fv*] [-o flags] [-r reqs] [-i ident] path ... # sign
codesign -v [-v*] [-R=<req string>|-R <req file path>] path|[+]pid ... # verify
codesign -d [options] path ... # display contents
codesign -h pid ... # display hosting paths
查看簽名
比如我們看一下xcode的簽名,我們使用 -d -v 參數,-d 是display展示簽名信息的意思,-v 是verbose的意思,越多的verbose顯示信息越多,通常3個就已經足夠了。
codesign -dvvv /Applications/DingTalk.app Executable=/Applications/DingTalk.app/Contents/MacOS/DingTalk Identifier=com.alibaba.DingTalkMac Format=app bundle with Mach-O thin (arm64) CodeDirectory v=20500 size=633443 flags=0x10000(runtime) hashes=19784+7 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=63e8287f9faaf802e7b3706311a01172f2cd5736 CandidateCDHashFull sha256=63e8287f9faaf802e7b3706311a01172f2cd5736b2ca91d463de55be4642ec74 Hash choices=sha256 CMSDigest=63e8287f9faaf802e7b3706311a01172f2cd5736b2ca91d463de55be4642ec74 CMSDigestType=2 Launch Constraints: None CDHash=63e8287f9faaf802e7b3706311a01172f2cd5736 Signature size=9032 Authority=Developer ID Application: Taobao (China) Software CO.,LTD (XN6U3EV979) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=Aug 14, 2023 at 3:59:53 PM Info.plist entries=41 TeamIdentifier=XN6U3EV979 Runtime Version=13.3.0 Sealed Resources version=2 rules=13 files=2990 Internal requirements count=1 size=216
上面的簽名中沒有顯示一些額外的信息,比如授權機制 entitements信息 。那麼如何顯示證書中的其他信息呢,在查看時使用 --entitlements 選項可以查看,比如:
codesign -d --entitlements - /Applications/DingTalk.app Executable=/Applications/DingTalk.app/Contents/MacOS/DingTalk [Dict] [Key] com.apple.security.app-sandbox [Value] [Bool] false [Key] com.apple.security.application-groups [Value] [Array] [String] com.alibaba.DingTalk-Helper [Key] com.apple.security.assets.movies.read-write [Value] [Bool] true [Key] com.apple.security.assets.music.read-write [Value] [Bool] true [Key] com.apple.security.assets.pictures.read-write [Value] [Bool] true [Key] com.apple.security.cs.allow-dyld-environment-variables [Value] [Bool] true [Key] com.apple.security.cs.allow-jit [Value] [Bool] true [Key] com.apple.security.cs.allow-unsigned-executable-memory [Value] [Bool] true [Key] com.apple.security.cs.debugger [Value] [Bool] true [Key] com.apple.security.cs.disable-executable-page-protection [Value] [Bool] true [Key] com.apple.security.cs.disable-library-validation [Value] [Bool] true [Key] com.apple.security.device.audio-input [Value] [Bool] true [Key] com.apple.security.device.bluetooth [Value] [Bool] true [Key] com.apple.security.device.camera [Value] [Bool] true [Key] com.apple.security.files.downloads.read-write [Value] [Bool] true [Key] com.apple.security.files.user-selected.read-write [Value] [Bool] true [Key] com.apple.security.network.client [Value] [Bool] true [Key] com.apple.security.network.server [Value] [Bool] true [Key] com.apple.security.personal-information.calendars [Value] [Bool] true [Key] com.apple.security.print [Value] [Bool] true