Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8287190

[macos] Add support for signing user provided app image

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P3 P3
    • 19
    • tools
    • None
    • behavioral
    • low
    • Hide
      Following combination of arguments "--type app-image --app-image <app-image> [any additional arguments]" was not allowed before this change on all platforms and following error was thrown: "Error: Option [--app-image] is not valid with type [app-image]".

      With this change we will allow "--type app-image --app-image <app-image> --mac-sign [<additional signing options>...]" on macOS only and this argument combination will sign app image as described in this CSR. Windows and Linux are not affected by this change and will still throw an error.

      Any existing command line combinations are not affected by this proposed change and behavior will stay same.
      Show
      Following combination of arguments "--type app-image --app-image <app-image> [any additional arguments]" was not allowed before this change on all platforms and following error was thrown: "Error: Option [--app-image] is not valid with type [app-image]". With this change we will allow "--type app-image --app-image <app-image> --mac-sign [<additional signing options>...]" on macOS only and this argument combination will sign app image as described in this CSR. Windows and Linux are not affected by this change and will still throw an error. Any existing command line combinations are not affected by this proposed change and behavior will stay same.
    • add/remove/modify command line option
    • JDK

      Summary

      Add support for signing predefined application image.

      Problem

      In some cases user might want to do post processing on application image after it got generated and any changes to application image will invalidate signature. Signing process is complex and requires multiple steps: un-sign all content in app bundle if signed, sign executables, sign runtime and finally sign app bundle itself. Doing it manually by user is possible, but will require some effort, thus jpackage should provide ability to sign predefined application image.

      Solution

      There will be no additional command line options introduced and current set of options will be used. Following command line options will be used to indicate that predefine application image needs to be sign:

      jpackage --type app-image --app-image Test.app --mac-sign [additional signing options]

      Following options will be allowed if user specified "app-image" type, provided predefined application image and requested signing:

      --mac-package-signing-prefix
--mac-signing-keychain
--mac-signing-key-user-name
--mac-entitlements
--verbose

      Specifying any other options not mentioned above when signing predefined application image is requested will result in unsupported option error thrown. Signing will happen in place and jpackage will not validate application image during or after signing to make sure that it is still valid and runnable image. It will be user responsibility to make sure that post processing did not broke application image. Already signed or partially signed application images will be supported and old signature will be completely removed before signing it with requested parameters. Signing predefine application image will be done in exactly same way as signing application image when it is generated. Generating DMG or PKG from predefined application image with signing enabled will not sign application image as it currently do. Windows and Linux are not affected by this change and they will still throw error if user attempts to specify "app-image" type and --app-image at same time.

      Specification

      Help text will add sample usage example:

      Sign the predefined application image:
    jpackage --type app-image --app-image <app-image> \
        --mac-sign [<additional signing options>...]
    Note: the only additional options that are permitted in this mode are:
          the set of additional mac signing options and --verbose

      Description of --app-image option will change to:

      --app-image <directory path>
      Location of the predefined application image that is used
      to build an installable package or to sign the predefined
      application image
      (absolute path or relative to the current directory)

      Description of --mac-sign option will change to:

      --mac-sign
      Request that the package or the predefined application image be
      signed.

            almatvee Alexander Matveev
            almatvee Alexander Matveev
            Alexey Semenyuk, Kevin Rushforth
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: