How can I sign a dylib using just a normal apple id account? (No developer account yet)

梦想与她 提交于 2021-02-08 10:16:52

问题


I have a dylib and in order for the it to be able to run on my machine, I had to disable library validation in the target settings on xcode. Is it possible to get it signed without a paid developer account just for testing purposes? Any links or tutorials on how to go about doing that would help a great deal.


回答1:


Depends on how you're getting the library.

Building in Xcode

If building in Xcode, you should be able to enable signing and tell it to use Team None and Sign to Run Locally all in the Signing and Capabilities pane of the Project.

Signing an existing dylib

If you're not building it in Xcode and you want to sign a binary you've built or retrieved in some other manner, you're going to need to use codesign, which can be pretty complex.

You can theoretically run codesign using any certificate that has been authorized for code signing, and you can create that with a self-signed certificate, but that is a supreme pain in the neck, and not certain to result in success.

Xcode should automatically create a "Mac Developer" code signing certificate if you have signed in to the developer portal and allowed Xcode to manage signing identifies for you.

You can verify that you have a codesigning identity by using:

security find-identity -v -p codesigning

This will list all of the valid codesigning identities.

Signing the dylib is a matter of using the codesign command:

codesign --force --timestamp --sign <name of certificate> <binary you want to sign>

Using a self-signed code-signing certificate

Note: this is not recommended, but it did work for me.

  1. Start Keychain Access
  2. Choose Keychain Access > Certificate Assistant > Create a Certificate...
  3. Name your certificate something easy to type
  4. Change the Certificate Type to Code Signing
  5. Click Create
  6. Click Continue after reading the warning
  7. Click Done when it completes (and go back to Keychain Access)
  8. Find your newly-created certificate in Keychain Access and double-click on it to get the details
  9. Click the disclosure triangle next to Trust to expose the trust preferences
  10. Set When using this certificate to Always Trust

Now, your self-signed certificate should show up when you run the aforementioned security command to list out the codesigning certificates. If it does, you most likely didn't set the Always Trust or the certificate type to Code Signing.

At this point, you're ready to execute the code signing command, and then you can verify using:

codesign -vvvv <path to dylib>


来源:https://stackoverflow.com/questions/61168329/how-can-i-sign-a-dylib-using-just-a-normal-apple-id-account-no-developer-accou

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!