Add codesigning to macOS editor package binaries

2023-09-22 17:19:14 +02:00
parent da7ba0ecba
commit dbbd6ce045
5 changed files with 52 additions and 8 deletions
--- a/Source/Tools/Flax.Build/Platforms/Mac/MacPlatform.cs
+++ b/Source/Tools/Flax.Build/Platforms/Mac/MacPlatform.cs
@@ -1,5 +1,7 @@
 // Copyright (c) 2012-2023 Wojciech Figat. All rights reserved.

+using System;
+using System.IO;
 using System.Runtime.InteropServices;

 namespace Flax.Build.Platforms
@@ -44,6 +46,24 @@ namespace Flax.Build.Platforms
            }
        }

+        /// <summary>
+        /// Runs codesign tool on macOS to sign the code with a given identity from local keychain.
+        /// </summary>
+        /// <param name="file">Path to file to codesign.</param>
+        /// <param name="signIdenity">App code signing idenity name (from local Mac keychain). Use 'security find-identity -v -p codesigning' to list possible options.</param>
+        public static void CodeSign(string file, string signIdenity)
+        {
+            if (!File.Exists(file))
+                throw new FileNotFoundException("Missing file to sign.", file);
+            string cmdLine = string.Format("--force --timestamp -s \"{0}\" \"{1}\"", signIdenity, file);
+            if (string.IsNullOrEmpty(Path.GetExtension(file)))
+            {
+                // Add entitlements file with some settings for the app execution
+                cmdLine += string.Format(" --entitlements \"{0}\"", Path.Combine(Globals.EngineRoot, "Source/Platforms/Mac/Default.entitlements"));
+            }
+            Utilities.Run("codesign", cmdLine, null, null, Utilities.RunOptions.Default | Utilities.RunOptions.ThrowExceptionOnError);
+        }
+
        /// <summary>
        /// Returns true if running an x64 binary an arm64 host machine.
        /// </summary>