How To codesign a Screen Saver for Yosemite

From Wurst-Wasser.net
Jump to navigation Jump to search

The Problem

Double-clicking the Screen Saver will bring up this:

“Flying Toasters.saver” can’t be opened because it is from an unidentified developer.
Your security preferences allow installation of only apps from the Mac App Store and identified developers.

Simple enough - just codesign it! But that turned out to be trickier than I thought.

The Analysis

I started off with googling and looking into Apple's Developer Forums. It seemed no-one had that problem (or solved it). So I did some research.

First I took a look at Yosemite[1] built-in screen savers...

Mac-OS-X-1010-Yosemite-VM:Screen Savers clarus$ codesign -v -d Flurry.saver/
Executable=/System/Library/Screen Savers/Flurry.saver/Contents/MacOS/Flurry
Identifier=com.apple.Flurry
Format=bundle with Mach-O thin (x86_64)
CodeDirectory v=20100 size=385 flags=0x0(none) hashes=13+3 location=embedded
Signature size=4097
Info.plist entries=18
TeamIdentifier=not set
Sealed Resources version=2 rules=14 files=6
Internal requirements count=1 size=64
Mac-OS-X-1010-Yosemite-VM:Screen Savers clarus$ codesign -vv Flurry.saver/
Flurry.saver/: resource envelope is obsolete (custom omit rules)
Mac-OS-X-1010-Yosemite-VM:Screen Savers clarus$

Interesting.

I then added this build phase to my Screen Saver[2]:

#!/bin/sh
#set -x
#codesign -s "${CODE_SIGN_IDENTITY}" --entitlements "${CODE_SIGN_ENTITLEMENTS}" -v "${TARGET_BUILD_DIR}"
codesign -s "${CODE_SIGN_IDENTITY}" --entitlements "${CODE_SIGN_ENTITLEMENTS}" -v "${TARGET_BUILD_DIR}/${WRAPPER_NAME}"

I made sure that the Identity used is Devloper ID Application: YOUR_NAME_HERE, leading to this:

WroDos-MacBook-Air:Desktop heiko$ codesign -v -d  /Users/heiko/Desktop/Flying\ Toasters/Users/heiko/Library/Screen\ Savers/Flying\ Toasters.saver
Executable=/Users/heiko/Desktop/Flying Toasters/Users/heiko/Library/Screen Savers/Flying Toasters.saver/Contents/MacOS/Flying Toasters
Identifier=net.wurst-wasser.FlyingToasters
Format=bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=535 flags=0x0(none) hashes=17+5 location=embedded
Signature size=8518
Timestamp=26.10.2014 18:36:40
Info.plist entries=18
TeamIdentifier=JQWR9K4NUM
Sealed Resources version=2 rules=12 files=21
Internal requirements count=1 size=224
WroDos-MacBook-Air:Desktop heiko$ codesign -vv  /Users/heiko/Desktop/Flying\ Toasters/Users/heiko/Library/Screen\ Savers/Flying\ Toasters.saver
/Users/heiko/Desktop/Flying Toasters/Users/heiko/Library/Screen Savers/Flying Toasters.saver: valid on disk
/Users/heiko/Desktop/Flying Toasters/Users/heiko/Library/Screen Savers/Flying Toasters.saver: satisfies its Designated Requirement
WroDos-MacBook-Air:Desktop heiko$

That looked good. And it was installed after double-clicking. But, it won't appear in the System Preferences. There had to be another problem.

The Solution

  • add a build phase for code signing
  • choose the right Developer ID
  • Pray. For my part, I've given up on getting FTS running on Yosemite - I have no clue what Apple has done. Other screen savers (code-signed or not) won't work either.

  1. Mac OS X 10.0
  2. For the records, I used Mac OS X Mavericks 10.9.5 and XCode 6.1