blob: ac851a1469f2ad7549a42ce898644c012be584b9 [file] [log] [blame]
# Copyright 2019 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Signing Model Objects
This module contains classes that encapsulate data about the signing process.
import os.path
class CodeSignedProduct(object):
"""Represents a build product that will be signed with `codesign(1)`."""
def __init__(self,
"""A build product to be codesigned.
path: The path to the product to be signed. This is relative to a
work directory containing the build products.
identifier: The unique identifier set when code signing. This is
only explicitly passed with the `--identifier` flag if
|sign_with_identifier| is True.
options: Comma-separated string of option names passed to the
`codesign -o` flag.
requirements: String for additional `--requirements` to pass to the
`codesign` command. These are joined with a space to the
|config.CodeSignConfig.codesign_requirements_basic| string. See
|CodeSignedProduct.requirements_string()| for details.
identifier_requirement: If True, a designated identifier requirement
based on |identifier| will be inserted into the requirements
string. If False, then no designated requirement will be
generated based on the identifier.
sign_with_identifier: If True, then the identifier will be specified
when running the `codesign` command. If False, `codesign` will
infer the identifier itself.
resource_rules: A file in |Paths.packaging_dir| to specify for
`codesign --resource-rules`. macOS has deprecated resource rules
and this should not be used for new products.
entitlements: File name of the entitlements file to sign the product
with. The file should reside in the |Paths.packaging_dir|.
verify_options: Flags to pass to `codesign --verify`, from
self.path = path
self.identifier = identifier
self.options = options
self.requirements = requirements
self.identifier_requirement = identifier_requirement
self.sign_with_identifier = sign_with_identifier
self.resource_rules = resource_rules
self.entitlements = entitlements
if not VerifyOptions.valid(verify_options):
raise ValueError('Invalid VerifyOptions: {}'.format(verify_options))
self.verify_options = verify_options
def requirements_string(self, config):
"""Produces a full requirements string for the product.
config: A |config.CodeSignConfig| object.
A string for designated requirements of the product, which can be
passed to `codesign --requirements`.
reqs = []
if self.identifier_requirement:
reqs.append('designated => identifier "{identifier}"'.format(
if self.requirements:
if config.codesign_requirements_basic:
return ' '.join(reqs)
def __repr__(self):
return 'CodeSignedProduct(identifier={0.identifier}, ' \
'options={0.options}, path={0.path})'.format(self)
class VerifyOptions(object):
"""Enum for the options that can be specified when validating the results of
code signing.
These options are passed to `codesign --verify` after the
|CodeSignedProduct| has been signed.
DEEP = ('--deep',)
NO_STRICT = ('--no-strict',)
IGNORE_RESOURCES = ('--ignore-resources',)
def __init__(self):
raise TypeError('VerifyOptions cannot be constructed')
def valid(cls, options):
"""Tests if the specified |options| are valid.
options: Iterable of option strings.
True if all the options are valid, False if otherwise.
if options is None:
return True
all_options = cls.DEEP + cls.NO_STRICT + cls.IGNORE_RESOURCES
return all([option in all_options for option in options])
class Distribution(object):
"""A Distribution represents a final, signed, and potentially channel-
customized Chrome product.
Channel customization refers to modifying parts of the app bundle structure
to have different file names, internal identifiers, and assets.
def __init__(self,
"""Creates a new Distribution object. All arguments are optional.
channel: The release channel for the product.
branding_code: A branding code helps track how users acquired the
product from various marketing channels.
app_name_fragment: If present, this string fragment is appended to
the |config.CodeSignConfig.app_product|. This renames the binary
and outer app bundle.
dmg_name_fragment: If present, this is appended to the
|config.CodeSignConfig.dmg_basename| to help differentiate
different |branding_code|s.
product_dirname: If present, this string value is set in the app's
Info.plist with the key "CrProductDirName". This key influences
the browser's default user-data-dir location.
creator_code: If present, this will set a new macOS creator code
in the Info.plist "CFBundleSignature" key and in the PkgInfo
file. If this is not specified, the original values from the
build products will be kept.
channel_customize: If True, then the product will be modified in
several ways:
- The |channel| will be appended to the
- The product will be renamed with |app_name_fragment|.
- Different assets will be used for icons in the app.
""" = channel
self.branding_code = branding_code
self.app_name_fragment = app_name_fragment
self.dmg_name_fragment = dmg_name_fragment
self.product_dirname = product_dirname
self.creator_code = creator_code
self.channel_customize = channel_customize
def to_config(self, base_config):
"""Produces a derived |config.CodeSignConfig| for the Distribution.
base_config: The base CodeSignConfig to derive.
A new CodeSignConfig instance that uses information in the
Distribution to alter various properties of the |base_config|.
this = self
class DistributionCodeSignConfig(base_config.__class__):
def base_config(self):
return base_config
def app_product(self):
if this.channel_customize:
return '{} {}'.format(base_config.app_product,
return base_config.app_product
def base_bundle_id(self):
base_bundle_id = base_config.base_bundle_id
if this.channel_customize:
return base_bundle_id + '.' +
return base_bundle_id
def provisioning_profile_basename(self):
profile = base_config.provisioning_profile_basename
if profile and this.channel_customize:
return '{}_{}'.format(profile, this.app_name_fragment)
return profile
def dmg_basename(self):
if this.dmg_name_fragment:
return '{}-{}-{}'.format(
self.app_product.replace(' ', ''), self.version,
return super(DistributionCodeSignConfig, self).dmg_basename
return DistributionCodeSignConfig(base_config.identity,
class Paths(object):
"""Paths holds the three file path contexts for signing operations.
The input directory always remains un-modified.
The output directory is where final, signed products are stored.
The work directory is set by internal operations.
def __init__(self, input, output, work):
self._input = input
self._output = output
self._work = work
def input(self):
return self._input
def output(self):
return self._output
def work(self):
return self._work
def packaging_dir(self, config):
"""Returns the path to the product packaging directory, which contains
scripts and assets used in signing.
config: The |config.CodeSignConfig| object.
Path to the packaging directory.
return os.path.join(self.input, '{} Packaging'.format(config.product))
def replace_work(self, new_work):
"""Creates a new Paths with the same input and output directories, but
with |work| set to |new_work|."""
return Paths(self.input, self.output, new_work)
def __repr__(self):
return 'Paths(input={0.input}, output={0.output}, ' \