codesign has a -D option that produces and verifies a detached signature: -D, --detached filename When signing, designates that a detached signature should be written to the specified file. The code being signed is not modi- fied and need not be writable. When verifying, designates a file containing a detached signature to be used for verification. Any embedded signature in the code is ignored. But do the GateKeeper checks use detached signatures for code with no LC_CODE_SIGNATURE? And what filename is required for the detached signature to be used to verify an executable? Normally, I could use spctl to work out how GateKeeper might behave. But I don't have an App Store / Identified Developers signing certificate, so spctl is pretty useless. It rejects anything that doesn't have an App Store signature, so it's not reporting what GateKeeper will actually do on my system (I have App Store + Identified Developers set). In short, we could distribute a detached signature that could be manually verified, but I can't see how to get GateKeeper to verify it automatically. So that reduces us to the current state, where we distribute detached PGP signatures next to downloads. Tim Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP 968F094B teor at blah dot im OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F |
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev