我今天遇到了这个问题。我可以确认 Apple 的 codesign 的 --remove-signature 选项是(并且仍然是,在 OP 提出这个问题六年后)严重错误。
对于一些背景知识,Xcode(和 Apple 的命令行开发人员工具)包含 codesign 实用程序,但不包含用于删除签名的工具。但是,由于在某些情况下需要经常执行此操作,因此包含了一个完全未记录的选项:
codesign --remove-signature(假设缺乏文档)应该是相当不言自明的,但不幸的是,它很少不费吹灰之力就能按预期工作。所以我最终编写了一个脚本来解决 OP 的问题、我的问题和类似问题。如果有足够多的人在这里找到它并觉得它有用,请告诉我,我会将它放在 GitHub 或其他地方。
#!/bin/sh # codesign_remove_for_real -- working `codesign --remove-signature`
# (c) 2018 G. Nixon. BSD 2-clause minus retain/reproduce license requirements.
total_size(){
# Why its so damn hard to get decent recursive filesize total in the shell?
# - Darwin `du` doesn't do *bytes* (or anything less than 512B blocks)
# - `find` size options are completely non-standardized and doesn't recurse
# - `stat` is not in POSIX at all, and its options are all over the map...
# - ... etc.
# So: here we just use `find` for a recursive list of *files*, then wc -c
# and total it all up. Which sucks, because we have to read in every bit
# of every file. But its the only truly portable solution I think.
find "$@" -type f -print0 | xargs -0n1 cat | wc -c | tr -d '[:space:]'
}
# Get an accurate byte count before we touch anything. Zero would be bad.
size_total=$(total_size "$@") && [ $size_total -gt 0 ] || exit 1
recursively_repeat_remove_signature(){
# `codesign --remove-signature` randomly fails in a few ways.
# If you're lucky, you'll get an error like:
# [...]/codesign_allocate: can't write output file: [...] (Invalid argument)
# [...] the codesign_allocate helper tool cannot be found or used
# or something to that effect, in which case it will return non-zero.
# So we'll try it (suppressing stderr), and if it fails we'll just try again.
codesign --remove-signature --deep "$@" 2>/dev/null ||
recursively_repeat_remove_signature "$@"
# Unfortunately, the other very common way it fails is to do something? that
# hugely increases the binary size(s) by a seemingly arbitrary amount and
# then exits 0. `codesign -v` will tell you that there's no signature, but
# there are other telltale signs its not completely removed. For example,
# if you try stripping an executable after this, you'll get something like
# strip: changes being made to the file will invalidate the code signature
# So, the solution (well, my solution) is to do a file size check; once
# we're finally getting the same result, we've probably been sucessful.
# We could of course also use checksums, but its much faster this way.
[ $size_total == $(total_size "$@") ] ||
recursively_repeat_remove_signature "$@"
# Finally, remove any leftover _CodeSignature directories.
find "$@" -type d -name _CodeSignature -print0 | xargs -0n1 rm -rf
}
signature_info(){
# Get some info on code signatures. Not really required for anything here.
for info in "-dr-" "-vv"; do codesign $info "$@"; done # "-dvvvv"
}
# If we want to be be "verbose", check signature before. Un/comment out:
# echo >&2; echo "Current Signature State:" >&2; echo >&2; signature_info "$@"
# So we first remove any extended attributes and/or ACLs (which are common,
# and tend to interfere with the process here) then run our repeat scheme.
xattr -rc "$@" && chmod -RN "$@" && recursively_repeat_remove_signature "$@"
# Done!
# That's it; at this point, the executable or bundle(s) should sucessfully
# have truly become stripped of any code-signing. To test, one could
# try re-signing it again with an ad-hoc signature, then removing it again:
# (un/comment out below, as you see fit)
# echo >&2 && echo "Testing..." >&2; codesign -vvvvs - "$@" &&
# signature_info "$@" && recursively_repeat_remove_signature "$@"
# And of course, while it sometimes returns false positives, lets at least:
codesign -dvvvv "$@" || echo "Signature successfully removed!" >&2 && exit 0