{"id":36701,"date":"2022-08-08T15:50:12","date_gmt":"2022-08-08T19:50:12","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=36701"},"modified":"2022-08-08T16:53:01","modified_gmt":"2022-08-08T20:53:01","slug":"reimplementation-of-apple-code-signing-and-notarization","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2022\/08\/08\/reimplementation-of-apple-code-signing-and-notarization\/","title":{"rendered":"Reimplementation of Apple Code Signing and Notarization"},"content":{"rendered":"<p><a href=\"https:\/\/gregoryszorc.com\/blog\/2022\/08\/08\/achieving-a-completely-open-source-implementation-of-apple-code-signing-and-notarization\/\">Gregory Szorc<\/a>:<\/p>\n<blockquote cite=\"https:\/\/gregoryszorc.com\/blog\/2022\/08\/08\/achieving-a-completely-open-source-implementation-of-apple-code-signing-and-notarization\/\"><p>I&rsquo;m very excited to announce that we now have a pure Rust implementation of a client for Apple&rsquo;s Notary API in the apple-codesign crate. This means we can now notarize Apple software from any machine where you can get the Rust crate to compile. This means we no longer have a dependency on the 3rd party Apple Transporter application. Notarization, like code signing, is 100% open source Rust code.<\/p><p>[&#8230;]<\/p><p>There are probably thousands of\ncompanies and individuals who have wanted to release Apple software from\nnon-macOS operating systems. (The existence and popularity of tools like\n<a href=\"https:\/\/fastlane.tools\/\">fastlane<\/a> seems to confirm this.) The historical\nlack of an Apple code signing and notarization solution that worked outside\nmacOS has prevented this. Well, that barrier has officially fallen.<\/p><\/blockquote>\n<p>It&rsquo;s available <a href=\"https:\/\/github.com\/indygreg\/PyOxidizer\/tree\/main\/apple-codesign\">here<\/a>.<\/p>\n<p>Update (2022-08-08): See also: <a href=\"https:\/\/news.ycombinator.com\/item?id=32386762\">Hacker News<\/a>.<\/p>\n\n<p><a href=\"https:\/\/news.ycombinator.com\/item?id=32388407\">bri3d<\/a>:<\/p>\n<blockquote cite=\"https:\/\/news.ycombinator.com\/item?id=32388407\"><p>Apple&rsquo;s code signing tool is open source, but heavily dependent on Cocoa\/OSX libraries like CoreFoundation.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Gregory Szorc: I&rsquo;m very excited to announce that we now have a pure Rust implementation of a client for Apple&rsquo;s Notary API in the apple-codesign crate. This means we can now notarize Apple software from any machine where you can get the Rust crate to compile. This means we no longer have a dependency on [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2022-08-08T19:50:14Z","apple_news_api_id":"1940234a-f4ff-46cb-af42-d7515ff4c179","apple_news_api_modified_at":"2022-08-08T20:53:04Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAQ==","apple_news_api_share_url":"https:\/\/apple.news\/AGUAjSvT_RsuvQtdRX_TBeQ","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[466,861,75,30,2077,1842,74,71,408],"class_list":["post-36701","post","type-post","status-publish","format-standard","hentry","category-technology","tag-codesigning","tag-core-foundation","tag-developertool","tag-mac","tag-macos-12","tag-notarization","tag-opensource","tag-programming","tag-rust-lang"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/36701","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=36701"}],"version-history":[{"count":3,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/36701\/revisions"}],"predecessor-version":[{"id":36707,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/36701\/revisions\/36707"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=36701"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=36701"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=36701"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}