Codesign在OSX上的哪里将签名文本文件的签名存储在哪里? [英] Where does codesign store the signature for a signed text file on OSX?
问题描述
我有一个具有以下结构的简单应用程序包:
myapp.app/Contents/
myapp.app/Contents/MacOS/myapp
myapp.app/Contents/Resources/empty.lproj
myapp.app/Contents/Info.plist
myapp.app/Contents/PkgInfo
如果我执行
codesign -s "Developer ID" myapp.app/Contents/Info.plist
我可以检查文件是否已签名
codesign -d -v myapp.app/Contents/Info.plist
给出以下输出
Executable=/pathToApp/quicknanobrowser.app/Contents/Info.plist
Identifier=Info
Format=generic
CodeDirectory v=20100 size=113 flags=0x0(none) hashes=1+2 location=embedded
Signature size=1278
Signed Time=26 Jan 2016 12:31:24
Info.plist=not bound
TeamIdentifier=not set
Sealed Resources=none
Internal requirements count=1 size=80
文件签名的数据存储在哪里?文件夹结构未更改(没有新文件),文件大小未更改.它存储在某些文件系统特定的元数据中吗?是否可以访问/读取此元数据?
对于非mach-o二进制文件,codesign
将签名存储在每个文件元数据中,这些元数据称为HFS +扩展属性:
ls -l@ Info.plist
com.apple.cs.CodeDirectory 142
com.apple.cs.CodeRequirements 180
com.apple.cs.CodeSignature 8551
您可以使用xattr
xattr -p com.apple.cs.CodeSignature Info.plist
,但是该工具似乎喜欢以十六进制形式进行转储.尽管您过去可以通过将/rsrc
附加到文件名(例如cat blah/rsrc
)来获得资源叉(也是扩展属性),但似乎似乎没有用于访问属性的shell简写.>
I have a simple app bundle with the following structure:
myapp.app/Contents/
myapp.app/Contents/MacOS/myapp
myapp.app/Contents/Resources/empty.lproj
myapp.app/Contents/Info.plist
myapp.app/Contents/PkgInfo
If I execute
codesign -s "Developer ID" myapp.app/Contents/Info.plist
I can check that the file got signed with
codesign -d -v myapp.app/Contents/Info.plist
which gives the following output
Executable=/pathToApp/quicknanobrowser.app/Contents/Info.plist
Identifier=Info
Format=generic
CodeDirectory v=20100 size=113 flags=0x0(none) hashes=1+2 location=embedded
Signature size=1278
Signed Time=26 Jan 2016 12:31:24
Info.plist=not bound
TeamIdentifier=not set
Sealed Resources=none
Internal requirements count=1 size=80
Where is the data that the file was signed stored? The folder structure did not change (no new files), the size of the file did not change. Is it stored in some filesystem specific metadata? Is it possible to access / read this metadata?
For non mach-o binaries, codesign
stores the signature in per-file metadata called HFS+ extended attributes:
ls -l@ Info.plist
com.apple.cs.CodeDirectory 142
com.apple.cs.CodeRequirements 180
com.apple.cs.CodeSignature 8551
You can peek at the contents of these attributes with xattr
xattr -p com.apple.cs.CodeSignature Info.plist
but the tool seems to like dumping in hexadecimal. There doesn't seem to be a shell shorthand for accessing the attributes, although you used to be able to get at the Resource Fork (also an extended attribute) by appending /rsrc
to the filename (e.g. cat blah/rsrc
).
这篇关于Codesign在OSX上的哪里将签名文本文件的签名存储在哪里?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!