Releases: indygreg/apple-platform-rs
Releases · indygreg/apple-platform-rs
Apple Codesign 0.20.0
Release Info
Changelog
- Zip notarization support. APIs and the
notary-submit
CLI command now recognize
zip files and will upload them to the Notary API without modifications. Neither
zip file signing nor stapling are supported. Feature contributed by @deansheather.
(#20) - When signing the main binary in a bundle, we now prefer the identifier from
the bundle'sInfo.plist
over the identifier already present in the Mach-O.
This ensures that the identifier is consistent across multiple Mach-O in a
fat/universal binary and is consistent with the value advertised in the
Info.plist
. (#12, #22) - It is now possible to sign Mach-O binaries where the
__LINKEDIT
segment
wasn't the final advertised segment in Mach-O headers. Previously, a
__LINKEDIT isn't final Mach-O segment
error would occur when attempting to
sign a Mach-O whose headers declared a__LINKEDIT
segment before other
segments, even if__LINKEDIT
was truly at the highest file offset. (This
scenario is common in Go binaries.) (#17) - The
--pem-source
argument can now decode PKCS#1 private keys as encoded
withRSA PRIVATE KEY
. Previously, anunhandled PEM tag RSA PRIVATE KEY; ignoring
warning would have been printed. (#26) - Most code from
main.rs
has been moved intocli.rs
so it is part of the
library. aws-config
,aws-smithy-http
upgraded from 0.47 -> 0.49.aws-sdk-s3
upgraded from 0.17 -> 0.19.clap
upgraded from 3.1 -> 4.0. This entailed a lot of code changes to
argument parsing. Argument parsing behavior should be backwards compatible
(unless otherwise documented in this section) and any change in behavior is
a bug.
Apple Codesign 0.19.0
Release Info
This is the first release of Apple Codesign from its new home at https://github.com/indygreg/apple-platform-rs. The final release from its old home can be found at https://github.com/indygreg/PyOxidizer/releases/tag/apple-codesign%2F0.17.0.
Changelog (0.19.0)
- Canonical home of project moved from https://github.com/indygreg/PyOxidizer to
https://github.com/indygreg/apple-platform-rs. - Universal Mach-O creation logic inlined from
tugger-apple
crate to remove
crate dependency. - Switched from
tugger-file-manifest
crate tosimple-file-manifest
. (The
crate was effectively renamed.)
Changelog (0.18.0)
(This version was tagged but binaries were not produced for the release. Multiple versions were tagged in a short time window to facilitate the project's migration to a new repository.)
- Mach-O digesting code now digests file-level data without looking at segment
boundaries. This fixes a bug where we were computing the incorrect digests when
Mach-O segments weren't aligned at 4096 byte boundaries. (Go binaries commonly
don't have 4k aligned segment boundaries.) - Optimizations to computing cryptographic digests of binaries. We eliminate a
a redundant digest that was used to compute the final size of the code digests.
Therayon
crate is now used to perform digests in parallel, yielding a
~linear speedup with the number of CPUs available. - (API)
app_store_connect
module has been split up into multiple modules
to facilitate better grouping. - (API) Various changes for upgrades of crates related to cryptography.
- der crate upgraded from 0.5 to 0.6.
- elliptic-curve crate upgraded from 0.11 to 0.12.
- oid-registry crate upgraded from 0.5 to 0.6.
- p256 crate upgraded from 0.10 to 0.11.
- pkcs1 crate upgraded from 0.3 to 0.4.
- pkcs8 crate upgraded from 0.8 to 0.9.
- spki crate upgraded from 0.5 to 0.6.
- yubikey crate upgraded from 0.4 to 0.6.
- (API) The
code_hash
module had its content folded into the new function
MachOBinary::code_digests()
.