Skip to content

Code Signing

Jump to bottom
Zorg edited this page Mar 23, 2024 · 3 revisions

Creating a Self-signed Certificate

Below are instructons on how to create a self-signed certificate Bit Slicer uses in its Debug scheme. These instructions are derived from lldb's guide on code signing; the primary difference is that we use bitslicer_codesign instead of lldb_codesign. And although requiring to reboot your computer may be annoying - well, life can be tough..

  1. If you have tried this before, first delete all bitslicer_codesign items in your keychain, delete all build folders that contain old signed items, and reboot your computer
  2. Open Keychain Access and select "login" keychain in the "Keychain" list in the upper left hand corner of the window. Select the "My Certificates" tab and ensure no item in the table is selected (deselect if necessary).
  3. Create a new certificate (Keychain Access -> Certificate Assistant -> Create a Certificate…)
  4. Set the following settings:
    • Name = bitslicer_codesign
    • Identity Type = Self Signed Root
    • Certificate Type = Codesigning

If you choose to further Override the default settings, you can lengthen the expiration time of the certificate.

  1. Click Create, click Continue, click Done

  2. Click on the "My Certificates" category on the left and double click your new bitslicer_codesign certificate

  3. Turn down the "Trust" disclosure triangle and change "When using this certificate:" to Always Trust. Close the window and enter your login password to update the settings

  4. Copy (command+c) the new bitslicer_codesign certificate from the login keychain and paste (command+v) it in the System keychain. You will be asked to authorize a few times, set it to "Always trusted" when asked

  5. Make sure there's no bitslicer_codesign.cer file on your Desktop. If there is, remove it first

  6. Switch to the System keychain and drag the copy bitslicer_codesign you just made there onto the desktop

  7. Switch to Terminal, and run the following two commands:

    sudo security add-trust -d -r trustRoot -p basic -p codeSign -k /Library/Keychains/System.keychain ~/Desktop/bitslicer_codesign.cer
rm -f ~/Desktop/bitslicer_codesign.cer

  8. Right click on the "bitslicer_codesign" certificate in the "System" keychain (make sure this is the one in your "System" keychain, not the one in your "login" one) and select "Delete "bitslicer_codesign"" to remove it from the System keychain. Enter your login password again if prompted

  9. Reboot your computer

  10. Clean by removing all previous created code signed binaries and rebuild Bit Slicer; this should do the trick.

  11. Repeat process when certificate expires (probably 1 year).

Bit Slicer

Searching

Memory

Debugging

Scripting

Clone this wiki locally