1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

use crate::error::*;
use std::{
    path::{Path, PathBuf},
    process::Command,
};

const XCODE_PATH: &str = "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate";
const BIN_PATH: &str = "/usr/bin/codesign_allocate";

/// Signs app. Runs `codesign ...` command.
pub fn codesign(
    item_path: &Path,
    force: bool,
    sign_identity: Option<String>,
    entitlements: Option<PathBuf>,
) -> Result<()> {
    if !item_path.exists() {
        return Err(AppleError::CodesignFailed("Item not found".to_owned()).into());
    }
    let mut codesign_allocate_path = XCODE_PATH;
    if !Path::new(codesign_allocate_path).exists() {
        codesign_allocate_path = BIN_PATH;
        if !Path::new(codesign_allocate_path).exists() {
            return Err(AppleError::CodesignAllocateNotFound.into());
        }
    }
    let mut cmd = Command::new("codesign");
    cmd.env("CODESIGN_ALLOCATE", codesign_allocate_path);
    if force {
        cmd.arg("--force");
    }
    if let Some(sign_identity) = sign_identity {
        cmd.args(&["--sign", &sign_identity]);
    } else {
        cmd.args(&["--sign", "-"]);
    }
    cmd.arg("--timestamp=none");
    if let Some(entitlements) = entitlements {
        cmd.args(&["--entitlements", entitlements.to_str().unwrap()]);
    }
    cmd.arg(item_path);
    let output = cmd.output()?;
    if !output.status.success() {
        return Err(AppleError::CodesignFailed(
            String::from_utf8(output.stderr)
                .unwrap()
                .replace("error: ", "")
                .replace("\n", ""),
        )
        .into());
    }
    Ok(())
}