用productsign签名XAR破坏了存档文件
[英]Sign a XAR with productsign is corrupting the archive file
问题描述
I am trying to use productsign to sign a XAR archive containing 2 pkg files created using productbuild . 
我正在尝试使用productsign签名包含使用productbuild创建的2 pkg文件的XAR存档。 The xar tool is creating the file correctly, but I think the signing is corrupting the content, even though the file obtained is signed. xar工具可以正确创建文件,但是我认为签名会破坏内容,即使获得的文件已签名也是如此。 Some relevant command outputs below (I replaced the sensitive information with INFO ): 下面是一些相关的命令输出(我用INFO替换了敏感信息):
$ ls .
file1.pkg file2.pkg
$
$ xar -cf '../_file.xar' .
$
$ cd ..
$ /usr/bin/productsign --sign 'Developer ID Installer: INFO' '_file.xar' 'file.xar'
productsign: using timestamp authority for signature
productsign: signing product with identity "Developer ID Installer: INFO" from keychain /Users/INFO/Library/Keychains/login.keychain
productsign: adding certificate "Developer ID Certification Authority"
productsign: adding certificate "Apple Root CA"
productsign: Wrote signed product archive to file.xar
$
$ /usr/sbin/pkgutil --check-signature 'file.xar'
Package "file.xar":
Status: signed by a certificate trusted by Mac OS X
Certificate Chain:
1. Developer ID Installer: INFO
SHA1 fingerprint: INFO
-----------------------------------------------------------------------------
2. Developer ID Certification Authority
SHA1 fingerprint: INFO
-----------------------------------------------------------------------------
3. Apple Root CA
SHA1 fingerprint: INFO
$ file file.xar
file.xar: xar archive - version 1
$
$ xar -xf file.xar -D /tmp
Error while extracting archive:(file1.pkg): Error decompressing file
$
Is the productsign command intended to work in some other way? 是productsign命令意在一些其他的方式来工作? I don't understand what is wrong with my approach. 我不明白我的方法有什么问题。
1 个解决方案
解决方案1
1 已采纳 2016-12-08 16:13:29
经过一些测试,我发现xar在归档文件中使用相对路径,因此在我的情况下出现了问题,因为我在路径名中使用了"../" 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.