GRCodeSignatureVerifier
GRCodeSignatureVerifier copied to clipboard
insidegui
Simple code signature verification for macOS apps
If you want to support my open source projects financially, you can do so by purchasing a copy of BrowserFreedom, Mediunic or sending Bitcoin to 3DH9B42m6k2A89hy1Diz3Vr3cpDNQTQCbJ 😁
GRCodeSignatureVerifier
Simple code signature verification for macOS apps.
GRCodeSignatureVerifier can be used to check if an app has been tampered with by verifying its code signature.
Example
Swift
let verifier = GRCodeSignatureVerifier.sharedInstance()
// requirements are optional, but they make the verification stronger
verifier.codeRequirements = "identifier = \"com.yourcompany.AppName\""
if !verifier.isSignatureValid {
NSLog("The app was modified. Exiting... \(verifier.validationError)")
exit(1)
}
Objective-C
GRCodeSignatureVerifier *verifier = [GRCodeSignatureVerifier sharedInstance];
verifier.codeRequirements = @"identifier = \"com.yourcompany.AppName\"";
if (!verifier.isSignatureValid) {
NSLog("The app was modified. Exiting... %@", verifier.validationError);
exit(1);
}
Precompiled code requirements
You can use the tool csreq to compile code requirements:
$ csreq -r requirements.txt -b requirements.bin
To use precompiled code requirements you set the codeRequirementsData property:
verifier.codeRequirementsData = [NSData dataWithContentsOfFile:@"/path/to/requirements.bin"];
To learn more about what are code requirements and the code requirements language, check out this document from Apple.
Installing
Using Carthage:
github "insidegui/GRCodeSignatureVerifier" ~> 1.0
Using CocoaPods:
If you're unfamiliar with CocoaPods, read using CocoaPods.
Add the following line to your Podfile:
pod 'GRCodeSignatureVerifier'
Manually
Framework
Just download the code and add GRCodeSignatureVerifier.framework to the Embedded Binaries section of your app's target config.
Directly
Alternatively, you can just drop GRCodeSignatureVerifier.h and GRCodeSignatureVerifier.m in your app and use it directly.
❤️
insidegui