Upgrade to Pro — share decks privately, control downloads, hide ads and more …

復習 Code Signing

T. MOTOOKA
December 03, 2016
Technology
1
1.2k

復習 Code Signing

Cocoa勉強会関西 #70
https://cocoa-kansai.connpass.com/event/44431/

T. MOTOOKA

December 03, 2016
Tweet

More Decks by T. MOTOOKA

See All by T. MOTOOKA
SVG画像をPHPで生成しよう
motooka
0
700
Working with Database Replications in CakePHP
motooka
1
1.5k
文字とPDFとPDFKit
motooka
2
1.3k
SVG破損事例の解説
motooka
1
460
エラー処理のUIデザイン
motooka
0
1.1k
モバイルアプリとGDPR
motooka
0
1.6k
続・パイプを通るPDF
motooka
0
900
JVNに情報掲載した話
motooka
1
1.3k
Emoji Modifiers
motooka
0
1k

Other Decks in Technology

See All in Technology
KARTEのAPIサーバ化
line_developers
PRO
1
230
Create the DTO System of your Dreams: stateOptions + entityClass
weaverryan
1
410
Product Ops: Conectando Estratégia e Execução de Produto
rigolon
1
130
土壌と植物で奏でるアート~農業における新たなパラダイム~
shinrinakamura
0
160
Microsoft Azure Well-Architected Framework でセキュアに
masakamayama
1
180
PHPからはじめるコンピュータア ーキテクチャ / PHP Meets Silicon: A Fun Dive into Computer Structures
tomzoh
4
200
データベーススペシャリストというキャリアと生存戦略 ~10年後も変わらないこと、変わること / career-spiral
soudai
16
4.4k
LLM×Cloud Runでオンライン薬局の既存オペレーションを自動化した話
pharma_x_tech
0
240
Towards sustainable learning, designing, and decision-making
emgsilva
2
100
そのとき歴史は動かなかった 〜 JTCのウォーターフォール研究者がバックログを発明した日〜
bonotake
0
290
サーバーレスで仮想待合室を作ろう! / Serverless Virtual Waiting Room
_kensh
3
700
Autonomous Database Cloud 技術詳細 / adb-s_technical_detail_jp
oracle4engineer
PRO
11
28k

Featured

See All Featured
The Web Native Designer (August 2011)
paulrobertlloyd
78
2.6k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
Reflections from 52 weeks, 52 projects
jeffersonlam
342
19k
Happy Clients
brianwarren
92
6.1k
Art, The Web, and Tiny UX
lynnandtonic
285
18k
Faster Mobile Websites
deanohume
296
29k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
Rails Girls Zürich Keynote
gr2m
90
12k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
219
21k
4 Signs Your Business is Dying
shpigford
172
21k
The Illustrated Children's Guide to Kubernetes
chrisshort
26
45k
GraphQLの誤解/rethinking-graphql
sonatard
44
8.5k

Transcript

  1. ෮श Code Signing
    2016.12.03 Cocoaษڧձؔ੢ #70
    https://cocoa-kansai.connpass.com/event/44431/
    by T. MOTOOKA

    View Slide

  2. ࣗݾ঺հ
    T. MOTOOKA ʛ @t_motooka
    ຊۀɿWeb ΞϓϦ։ൃӡӦ
    झຯɿPDF / SVG / iOS / ϩάΛݟΔ
    ۙگใࠂɿMacΞϓϦ͸͡Ί·ͨ͠

    View Slide

  3. ࣗݾ঺հɿաڈͷMacΞϓϦ
    ࣌ܭ PPC FileCacherPPC
    ߴߍ2೥ੜͷࠒͷ࡞඼
    ߴߍ1೥ੜͷࠒͷ࡞඼
    MacΞϓϦྺ20೥ͷϕςϥϯʂʂ
    ʢ19೥΄ͲϒϥϯΫ͋Γʣ

    View Slide

  4. ͓୊ɿCode Signing

    View Slide

  5. ໨࣍
    Code Signing : ҙຯͱ࢓૊Έ
    ূ໌ॻͷछྨ
    Mac App Store ϦϦʔε࣌
    ॺ໊Λݕূ͢Δ
    ࢀߟจݙ

    View Slide

  6. CodeSigning : ҙຯͱ࢓૊Έ

    View Slide

  7. Code Signing ௚઀ͷ໨త
    iOSΞϓϦΛ
    ࣮ػʹೖΕΔ࣌ʹඞཁ
    App Store Ͱ഑෍͢Δ࣌ʹඞཁɹͳͲ
    MacΞϓϦΛ
    Mac App Store Ͱ഑෍͢Δ࣌ʹඞཁ
    ௚઀഑෍͢Δ࣌ʹඞཁɹͳͲ
    ͳͲ

    View Slide

  8. Code Signing ຊདྷͷ໨త
    ड͚औΓखɾϢʔβʔʹରͯ͠
    ॺ໊ऀ͕࡞ͬͨόΠφϦͰ͋Δ͜ͱΛূ໌͢Δ
    ʮt_motookaͷΞϓϦʯͱॻ͍ͯ͋Δ͜ͱ͕৴༻Ͱ͖Δ
    վ͟Μ͞Ε͍ͯͳ͍͜ͱΛূ໌͢Δ
    ʮt_motookaͷΞϓϦʯͱॻ͔Εͯ͋ΔͳΒɺ
    t_motookaҎ֎ͷਓͷख͸ՃΘ͍ͬͯͳ͍ͱ৴͡ΕΔ

    View Slide

  9. ࢓૊Έɿॺ໊
    ॺ໊ର৅ͷσʔλͷϋογϡ஋Λܭࢉ͢Δ
    ॺ໊ऀͷൿີ伴Ͱϋογϡ஋Λ҉߸Խˠσδλϧॺ

    ॺ໊ର৅ͷσʔλʹ࣍ͷ΋ͷΛఴ෇
    ॺ໊ऀͷূ໌ॻʢˠൿີ伴ʹରԠ͢Δެ։伴ʣ
    σδλϧॺ໊ʢൿີ伴Ͱ҉߸Խͨ͠ϋογϡ஋ʣ

    View Slide

  10. ࢓૊Έɿॺ໊ͷݕূ
    ॺ໊ऀͷূ໌ॻ͕৴པͰ͖Δ͔ʁͷݕূ
    Appleͷॺ໊Λड͚͍ͯΔ͔ʁͱ͍͏؍఺
    ॺ໊ର৅ͷσʔλͷϋογϡ஋Λܭࢉ͢Δ
    σδλϧॺ໊Λॺ໊ऀͷূ໌ॻʢެ։伴ʣͰ෮߸
    ෮߸ͨ͠΋ͷͱϋογϡ஋ͱ͕Ұகͨ͠ΒOK

    View Slide

  11. CodeSigning : ҙຯͱ࢓૊Έ
    ҙຯͱ࢓૊ΈΛ஌͍ͬͯΔͱ
    ূ໌ॻ࡞੒ͷ࡞ۀ͕ɺ஗଺ແ͘Ͱ͖ΔΑ͏ʹͳΔ
    ূ໌ॻ࡞੒ͷ࡞ۀ͕ɺ΢β͘ͳ͘ͳΔ
    Τϥʔϝοηʔδͷҙຯ͕Θ͔ΔΑ͏ʹͳΔ
    ʮূ໌ॻॺ໊ཁٻʯΛεϥεϥݴ͑ΔΑ͏ʹͳΔ

    View Slide

  12. ূ໌ॻͷछྨ

    View Slide

  13. ূ໌ॻͷछྨɿiOS
    Code Signing
    iOS App Development : ࣮ػ։ൃ༻
    App Store and Ad Hoc : ഑෍༻
    ͦΕҎ֎
    Apple Push Notification service SSL : ϓογϡ௨஌༻
    Apple Pay Certificate : औҾσʔλ෮߸༻

    View Slide

  14. ূ໌ॻͷछྨɿMac
    Mac Development : DebugϏϧυ༻
    Mac App Distribution : Mac App Store ༻
    Mac Installer Distribution : Mac App Store ఏग़༻
    Developer ID : Mac App Store Ҏ֎Ͱͷ഑෍༻
    Developer ID ͚ͩ͸࡞੒ʹ “Agent” ݖݶ͕ඞཁ

    View Slide

  15. ূ໌ॻͷछྨɿ༗ӹͳࢿྉ
    https://developer.apple.com/library/content/documentation/IDEs/Conceptual/AppDistributionGuide/
    MaintainingCertificates/MaintainingCertificates.html#//apple_ref/doc/uid/TP40012582-CH31-SW41

    View Slide

  16. Mac App Store ϦϦʔε࣌

    View Slide

  17. Mac App Store ϦϦʔε࣌
    Ϣʔβͷखݩʹಧ͘ͱ͖ɺ

    Apple Mac OS Application Signing ʹΑͬͯॺ໊͞Ε
    ͳ͓͞Ε͍ͯΔ

    View Slide

  18. ॺ໊Λݕূ͢Δ

    View Slide

  19. MacΞϓϦͷॺ໊ݕূ
    $ codesign -v hogehoge.app/
    ॺ໊͞Εͯͳ͍ͱ͖ͷग़ྗྫ

    SuddenDeathMac.app: code object is not signed at all
    ਖ਼͘͠ॺ໊͞Ε͍ͯΔͱ͖͸ɺԿ΋ग़ྗ͞Εͳ͍
    ॺ໊ޙʹվ͟Μ͞Εͨͱ͖ͷग़ྗྫ

    malware.app/: invalid Info.plist (plist or signature have
    been modified)

    View Slide

  20. վ͟Μͨ͠ΞϓϦΛىಈ
    EXC_CRASH (Code Signature Invalid)

    View Slide

  21. MacΞϓϦͷॺ໊ݕূɿৄࡉ
    $ codesign -dv --verbose=4 Adobe\ Illustrator.app/
    Executable=/Applications/Adobe Illustrator CC 2017/Adobe Illustrator.app/Contents/MacOS/Adobe Ill
    Identifier=com.adobe.illustrator
    Format=app bundle with Mach-O thin (x86_64)
    CodeDirectory v=20200 size=112005 flags=0x0(none) hashes=5593+3 location=embedded
    OSPlatform=36
    OSSDKVersion=658176
    OSVersionMin=657920
    Hash type=sha1 size=20
    CandidateCDHash sha1=bbbdf9c2baa5c04ad85913f370dec5b680143b80
    Hash choices=sha1
    Page size=4096
    CDHash=bbbdf9c2baa5c04ad85913f370dec5b680143b80
    Signature size=8524
    Authority=Developer ID Application: Adobe Systems, Inc.
    Authority=Developer ID Certification Authority
    Authority=Apple Root CA
    Timestamp=2016/10/11 8:18:04
    Info.plist entries=24
    TeamIdentifier=JQ525L2MZD
    Sealed Resources version=2 rules=12 files=17323
    Internal requirements count=1 size=184

    View Slide

  22. MacΞϓϦͷॺ໊ݕূ
    ৄࡉදࣔ࣌ʢ-dv --verbose=4ʣ͸վ͟Μݕ஌͠ʹ͘
    ͍͜ͱʹ஫ҙʂ

    View Slide

  23. iOSΞϓϦͷॺ໊ݕূ
    ʢ͕࣌ؒແͯ͘ௐ΂͖Εͳ͔ͬͨɻਐḿμϝɻʣ

    View Slide

  24. ࢀߟจݙ

    View Slide

  25. ࢀߟจݙ
    Code Signing Guide

    https://developer.apple.com/library/content/documentation/Security/
    Conceptual/CodeSigningGuide/Introduction/Introduction.html
    App Distribution Guide

    https://developer.apple.com/library/content/documentation/IDEs/
    Conceptual/AppDistributionGuide/Introduction/Introduction.html#//apple_ref/
    doc/uid/TP40012582-CH1-SW1
    Distributing Apps Outside the Mac App Store

    https://developer.apple.com/library/content/documentation/IDEs/
    Conceptual/AppDistributionGuide/DistributingApplicationsOutside/
    DistributingApplicationsOutside.html


    View Slide

  26. ·ͱΊ
    ཧ۶Λ஌Ε͹ɺ࡞ۀ͕ݟ͑ͯ͘Δɻ
    Code Signing Λཧղͯ͠ɺ

    ϦϦʔε௚લͷτϥϒϧΛճආ͠Α͏ʂ
    ϓογϡ௨஌ɺExtensionɺAppleWatchɺApplePay

    ূ໌ॻ͕ඞཁͳػձ͸೥ʑ૿͑ΔҰํ

    ɹˠɹجૅΛԡ͑ͯ͞ϥΫ͠Α͏ʂ

    View Slide

  27. Կ͔࣭͝໰ͳͲ͋Ε͹

    View Slide

  28. ׬

    View Slide