mirror of https://github.com/sparrowwallet/signpackage.git synced 2026-06-18 15:15:46 +00:00

Recursively signs certain files, even inside jar files, with "codesign" on macOS

Kotlin 97.7%
Shell 2.3%

Find a file

Craig Raw 5e36c2b7cc upgrade kotlin version to 2.1.10 for java 25.0.2 support		2026-02-04 12:34:18 +02:00
src/main/java/com/dgunia/signpackage	Merge remote-tracking branch 'origin/master'	2023-06-28 14:41:16 +02:00
.gitignore	fork to handle jnilib files	2020-08-04 14:29:08 +02:00
build.sh	fork to handle jnilib files	2020-08-04 14:29:08 +02:00
LICENSE	Initial commit	2020-03-25 08:36:22 +01:00
pom.xml	upgrade kotlin version to 2.1.10 for java 25.0.2 support	2026-02-04 12:34:18 +02:00
README.md	Fixed typo	2021-05-03 13:21:33 +02:00

README.md

SignPackage

To notarize Java apps on macOS it is necessary to sign all jar and dylib files in the .app package with the same signature. dylib files can even exist inside jar files and have to be signed inside the jar file, too. This program here performs the codesign process. You can use it e.g. like this:

java -jar SignPackage.jar -d appimageoutput -t -r -k "Developer ID Application: John Public (XXXXXXXXXX)" -e "src/main/deploy/package/macosx/MyApp.entitlements"

The parameters are:

-d The directory that contains the files that have to be codesigned.
-t Set secure timestamp using the codesign timestamp parameter
-r Harden using the codesign runtime parameter
-k Key name
-e Entitlements file
-x Excludes files from being signed. Can be used multiple times to specify multiple files. You have to specify the path including directories.

It is explained further here: https://blog.dgunia.de/2020/02/12/signed-macos-programs-with-java-14/

To build the SignPackage.jar file just run build.sh.