Signing from scratch seems to currently be broken #17
Description
If I've cross-compiled a binary via clang + ld64 (without using XCode) then the code path for signing from scratch doesn't seem to be working currently.
The first issue I hit was that makesig.py doesn't have a line like:
log = logging.getLogger(__name__)(so any log.xyz() calls result in an exception)
I guess it implies that no one else is trying to do this and maybe the code has bitrotted? :/
Then I git an issue that I guess was introduced with the python3 port maybe being more fussy about strings/binary data and currently have a hack like:
diff --git a/isign/makesig.py b/isign/makesig.py
index 736d3f3..3def60a 100644
--- a/isign/makesig.py
+++ b/isign/makesig.py
@@ -15,6 +15,7 @@ from . import macho
from . import macho_cs
from . import utils
+log = logging.getLogger(__name__)
def make_arg(data_type, arg):
if data_type.name == 'Data':
@@ -119,7 +120,7 @@ def make_basic_codesig(entitlements_file, drs, code_limit, hashes, signer, ident
empty_hash = "\x00" * 20
if not signer.is_adhoc():
- teamID = signer._get_team_id() + '\x00'
+ teamID = signer._get_team_id() + '\x00'.encode('ascii')
cd = construct.Container(cd_start=None,
version=0x20200,
flags=0,
I currently get this output running with --verbose
Signing with apple_cert: /home/bob/.local/lib/python3.6/site-packages/isign/apple_credentials/applecerts.pem
Signing with key: /home/bob/.isign/key.pem
Signing with certificate: /home/bob/.isign/certificate.pem
Signing with provisioning_profile: /home/bob/.isign/isign.mobileprovision
is_native: True
File <snip/>/Payload/Test.app matched as AppArchive
unarchiving to temp... <snip/>/Payload/Test.app -> /tmp/isign-e6q3qjfs
wrote Entitlements to /tmp/isign-e6q3qjfs/Entitlements.plist
working on /tmp/isign-e6q3qjfs/Test
found thin binary: cputype 16777228, cpusubtype 0
codesig len: 704
Existing LC_CODE_SIGNATURE missing entitlements
signing from scratch!
signing from scratch
codesig offset: 113504
new cL: 0x1bb60
new nCS: 28
ident: <snip/>.Test
codelimit: 113504
removing ua: /tmp/isign-e6q3qjfs
Traceback (most recent call last):
File "/home/bob/.local/lib/python3.6/site-packages/construct/adapters.py", line 100, in _decode
return self.decoding[obj]
KeyError: 16777216
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 444, in _parse
obj.append(self.subcon._parse(stream, context))
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 976, in _parse
obj = self.subcon._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1295, in _parse
return self.bound._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1011, in _parse
return self.subcon._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1295, in _parse
return self.bound._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 735, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1295, in _parse
return self.bound._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 735, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1295, in _parse
return self.bound._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 735, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1295, in _parse
return self.bound._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 735, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 288, in _parse
return self._decode(self.subcon._parse(stream, context), context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/adapters.py", line 104, in _decode
obj, self.subcon.name))
construct.adapters.MappingError: no decoding mapping for 16777216 [matchOp]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 444, in _parse
obj.append(self.subcon._parse(stream, context))
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 976, in _parse
obj = self.subcon._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1295, in _parse
return self.bound._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1011, in _parse
return self.subcon._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 447, in _parse
raise ArrayError("expected %d, found %d" % (count, c), sys.exc_info()[1])
construct.core.ArrayError: ('expected 1, found 0', MappingError('no decoding mapping for 16777216 [matchOp]',))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/bob/.local/bin/isign", line 251, in <module>
isign.resign(app_path, **kwargs)
File "/home/bob/.local/lib/python3.6/site-packages/isign/isign.py", line 83, in resign
alternate_entitlements_path)
File "/home/bob/.local/lib/python3.6/site-packages/isign/archive.py", line 409, in resign
ua.bundle.resign(deep, signer, provisioning_profile, alternate_entitlements_path)
File "/home/bob/.local/lib/python3.6/site-packages/isign/bundle.py", line 266, in resign
super(App, self).resign(deep, signer)
File "/home/bob/.local/lib/python3.6/site-packages/isign/bundle.py", line 181, in resign
self.sign(deep, signer)
File "/home/bob/.local/lib/python3.6/site-packages/isign/bundle.py", line 176, in sign
executable = self.signable_class(self, self.get_executable_path(), signer)
File "/home/bob/.local/lib/python3.6/site-packages/isign/signable.py", line 44, in __init__
self.arches = self._parse_arches()
File "/home/bob/.local/lib/python3.6/site-packages/isign/signable.py", line 65, in _parse_arches
self.file_end))
File "/home/bob/.local/lib/python3.6/site-packages/isign/signable.py", line 99, in _get_arch
0, self.signer, self.bundle.get_info_prop('CFBundleIdentifier'))
File "/home/bob/.local/lib/python3.6/site-packages/isign/makesig.py", line 255, in make_signature
ident)
File "/home/bob/.local/lib/python3.6/site-packages/isign/makesig.py", line 223, in make_basic_codesig
return macho_cs.Blob.parse(chunk)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 188, in parse
return self.parse_stream(BytesIO(data))
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 198, in parse_stream
return self._parse(stream, Container())
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1295, in _parse
return self.bound._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 1011, in _parse
return self.subcon._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 853, in _parse
obj = self.cases.get(key, self.default)._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 672, in _parse
subobj = sc._parse(stream, context)
File "/home/bob/.local/lib/python3.6/site-packages/construct/core.py", line 447, in _parse
raise ArrayError("expected %d, found %d" % (count, c), sys.exc_info()[1])
construct.core.ArrayError: ('expected 4, found 1', ArrayError('expected 1, found 0', MappingError('no decoding mapping for 16777216 [matchOp]',)))