Improve check for code signatures

2025-09-17 21:06:38 +08:00 · 2022-11-01 06:45:20 +01:00 · 2022-11-01 06:45:20 +01:00 · c7d55dc880
commit c7d55dc880
parent bc4c3dc942
3 changed files with 11 additions and 2 deletions
--- a/compile_macosx.sh
+++ b/compile_macosx.sh
@ -74,6 +74,11 @@ if [ $# -gt 4 ]
  then
    chmod +x $WORK_DIR/macosx_codesign.sh
    bash $WORK_DIR/macosx_codesign.sh $(pwd) "$5" $6 $7 $8 $9
+    retVal=$?
+    if [ $retVal -ne 0 ]; then
+        echo "Binaries are not correctly signed"
+        exit 1
+    fi
 fi

 #Pack binary_distrib
--- a/macosx_codesign.sh
+++ b/macosx_codesign.sh
@ -51,11 +51,15 @@ bash macosx_codesign_zip.sh "$APP_DIR/$APP_NAME/Contents/Java/jogl-all-natives-m
 bash macosx_codesign_zip.sh "$APP_DIR/$APP_NAME/Contents/Java/jogl-all-natives-macosx-universal.jar" "natives/macosx-universal/libjogl_mobile.dylib" "$2"
 bash macosx_codesign_zip.sh "$APP_DIR/$APP_NAME/Contents/Java/jogl-all-natives-macosx-universal.jar" "natives/macosx-universal/libnewt_head.dylib" "$2"
 bash macosx_codesign_zip.sh "$APP_DIR/$APP_NAME/Contents/Java/jogl-all-natives-macosx-universal.jar" "natives/macosx-universal/libjogl_desktop.dylib" "$2"
-codesign --force --options runtime --entitlements "$ENTITLEMENTS_BROWSER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME/Contents/MacOS/JavaAppLauncher"
 codesign --force --options runtime --entitlements "$ENTITLEMENTS_BROWSER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME"
 bash macosx_notarize.sh "$APP_DIR/$APP_NAME" "$2" $3 org.jcef.jcef $4 $5 $6

 echo "Checking notarization validity"
 spctl -vvv --assess --type exec "$APP_DIR/$APP_NAME"
+retVal=$?
+if [ $retVal -ne 0 ]; then
+    echo "Binaries are not correctly signed"
+    exit 1
+fi

 echo "Done signing binaries"
--- a/macosx_notarize.sh
+++ b/macosx_notarize.sh
@ -49,6 +49,6 @@ rm -f notarization.log
 echo ""

 # staple
-xcrun stapler -v staple "$1"
+xcrun stapler staple -v "$1"

 echo "##########################################################"