How To codesign a Screen Saver for Yosemite

From Wurst-Wasser.net
Jump to navigation Jump to search

The Problem

Double-clicking the Screen Saver will bring up this:
ScreenSaverWontImportYosemite00.png

“Flying Toasters.saver” can’t be opened because it is from an unidentified developer.
Your security preferences allow installation of only apps from the Mac App Store and identified developers.

Simple enough - just codesign it! But that turned out to be trickier than I thought.

The Analysis

I started off with googling in looking into Apple's Developer Forums. It seemed no-one had that problem (or solved it). So I did some research.

First I took a look at Yosemite[1] built-in screen savers...

Mac-OS-X-1010-Yosemite-VM:Screen Savers clarus$ codesign -v -d Flurry.saver/
Executable=/System/Library/Screen Savers/Flurry.saver/Contents/MacOS/Flurry
Identifier=com.apple.Flurry
Format=bundle with Mach-O thin (x86_64)
CodeDirectory v=20100 size=385 flags=0x0(none) hashes=13+3 location=embedded
Signature size=4097
Info.plist entries=18
TeamIdentifier=not set
Sealed Resources version=2 rules=14 files=6
Internal requirements count=1 size=64
Mac-OS-X-1010-Yosemite-VM:Screen Savers clarus$ codesign -vv Flurry.saver/
Flurry.saver/: resource envelope is obsolete (custom omit rules)
Mac-OS-X-1010-Yosemite-VM:Screen Savers clarus$

Interesting.

I then added this build phase to my Screen Saver[2]:

#!/bin/sh
#set -x
#codesign -s "${CODE_SIGN_IDENTITY}" --entitlements "${CODE_SIGN_ENTITLEMENTS}" -v "${TARGET_BUILD_DIR}"
codesign -s "${CODE_SIGN_IDENTITY}" --entitlements "${CODE_SIGN_ENTITLEMENTS}" -v "${TARGET_BUILD_DIR}/${WRAPPER_NAME}"

I made sure that the Identity used is Devloper ID Application: YOUR_NAME_HERE, leading to this:

WroDos-MacBook-Air:Desktop heiko$ codesign -v -d  /Users/heiko/Desktop/Flying\ Toasters/Users/heiko/Library/Screen\ Savers/Flying\ Toasters.saver
Executable=/Users/heiko/Desktop/Flying Toasters/Users/heiko/Library/Screen Savers/Flying Toasters.saver/Contents/MacOS/Flying Toasters
Identifier=net.wurst-wasser.FlyingToasters
Format=bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=535 flags=0x0(none) hashes=17+5 location=embedded
Signature size=8518
Timestamp=26.10.2014 18:36:40
Info.plist entries=18
TeamIdentifier=JQWR9K4NUM
Sealed Resources version=2 rules=12 files=21
Internal requirements count=1 size=224
WroDos-MacBook-Air:Desktop heiko$ codesign -vv  /Users/heiko/Desktop/Flying\ Toasters/Users/heiko/Library/Screen\ Savers/Flying\ Toasters.saver
/Users/heiko/Desktop/Flying Toasters/Users/heiko/Library/Screen Savers/Flying Toasters.saver: valid on disk
/Users/heiko/Desktop/Flying Toasters/Users/heiko/Library/Screen Savers/Flying Toasters.saver: satisfies its Designated Requirement
WroDos-MacBook-Air:Desktop heiko$

That looked good. And it was installed after double-clicking. But, it won't appear in the System Preferences. There had to be another flaw in my project.

<TBD>

The Solution

  • add a build phase for code signing
  • choose the right Developer ID
  • If you are upgrading a really old project[3], make sure, you set this:
    • TBD

  1. Mac OS X 10.0
  2. For the records, I used Mac OS X Mavericks 10.9.5 and XCode 6.1
  3. like I am