[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wine-devel
Subject:    Re: Wine devel packages ready for testing
From:       Michael_Müller <michael () fds-team ! de>
Date:       2015-11-30 21:57:22
Message-ID: 565CC642.7000207 () fds-team ! de
[Download RAW message or body]

Am 30.11.2015 um 20:29 schrieb Austin English:
> Typically the .pkg installer is signed.

You are right. Signing the xar archive is sufficient to make OS X happy
(I installed my self signed certificate):

$ pkgutil --check-signature wine-staging-1.7.55-osx.pkg
Package "wine-staging-1.7.55-osx.pkg":
   Status: signed by a certificate trusted on this system
   Certificate Chain:
    1. Test
       SHA1 fingerprint: A9 95 25 95 [...]

From a technical point of view I don't see a problem in signing the
packages. We already have all required tools on the build system.

Am 30.11.2015 um 21:22 schrieb Hin-Tak Leung:
> Can you tell me more about the open tool used for signing Mac OS X
executables?
>
> I have been working on font signing in the recently open-sourced
> microsoft font validator (there is an official windows-only tool for
> signing fonts, but apparently an open-toolchain based tool also exist
> in somebody's hard disk)

The tool I used for sining the executables is ldid
(http://gitweb.saurik.com/ldid.git). The program calculates the
checksums for all code sections, signs the checksums and then embeds the
signature into the Mach-O executable. It is unlikely that this will help
you with font files.


[prev in list] [next in list] [prev in thread] [next in thread]