Google Git
Sign in
android / platform / libcore / 95730995b67 / . / src / jdk.incubator.jpackage / macosx / classes / jdk / incubator / jpackage / internal / MacAppImageBuilder.java
blob: c422c8a78f8d319f92271467c8bde633e24b1152 [file] [log] [blame]
/*
* Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package jdk.incubator.jpackage.internal;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.Writer;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.PosixFilePermission;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Consumer;
import java.util.stream.Stream;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathFactory;
import static jdk.incubator.jpackage.internal.MacAppBundler.BUNDLE_ID_SIGNING_PREFIX;
import static jdk.incubator.jpackage.internal.MacAppBundler.DEVELOPER_ID_APP_SIGNING_KEY;
import static jdk.incubator.jpackage.internal.MacBaseInstallerBundler.SIGNING_KEYCHAIN;
import static jdk.incubator.jpackage.internal.OverridableResource.createResource;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.APP_NAME;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.CONFIG_ROOT;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.COPYRIGHT;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.FA_CONTENT_TYPE;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.FA_DESCRIPTION;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.FA_EXTENSIONS;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.FA_ICON;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.FILE_ASSOCIATIONS;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.ICON;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.MAIN_CLASS;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.PREDEFINED_APP_IMAGE;
import static jdk.incubator.jpackage.internal.StandardBundlerParam.VERSION;
public class MacAppImageBuilder extends AbstractAppImageBuilder {
private static final ResourceBundle I18N = ResourceBundle.getBundle(
"jdk.incubator.jpackage.internal.resources.MacResources");
private static final String TEMPLATE_BUNDLE_ICON = "java.icns";
private static final String OS_TYPE_CODE = "APPL";
private static final String TEMPLATE_INFO_PLIST_LITE =
"Info-lite.plist.template";
private static final String TEMPLATE_RUNTIME_INFO_PLIST =
"Runtime-Info.plist.template";
private final Path root;
private final Path contentsDir;
private final Path resourcesDir;
private final Path macOSDir;
private final Path runtimeDir;
private final Path runtimeRoot;
private static List<String> keyChains;
public static final BundlerParamInfo<Boolean>
MAC_CONFIGURE_LAUNCHER_IN_PLIST = new StandardBundlerParam<>(
"mac.configure-launcher-in-plist",
Boolean.class,
params -> Boolean.FALSE,
(s, p) -> Boolean.valueOf(s));
public static final BundlerParamInfo<String> MAC_CF_BUNDLE_NAME =
new StandardBundlerParam<>(
Arguments.CLIOptions.MAC_BUNDLE_NAME.getId(),
String.class,
params -> null,
(s, p) -> s);
public static final BundlerParamInfo<String> MAC_CF_BUNDLE_IDENTIFIER =
new StandardBundlerParam<>(
Arguments.CLIOptions.MAC_BUNDLE_IDENTIFIER.getId(),
String.class,
params -> {
// Get identifier from app image if user provided
// app image and did not provide the identifier via CLI.
String identifier = extractBundleIdentifier(params);
if (identifier != null) {
return identifier;
}
return MacAppBundler.getIdentifier(params);
},
(s, p) -> s);
public static final BundlerParamInfo<File> ICON_ICNS =
new StandardBundlerParam<>(
"icon.icns",
File.class,
params -> {
File f = ICON.fetchFrom(params);
if (f != null && !f.getName().toLowerCase().endsWith(".icns")) {
Log.error(MessageFormat.format(
I18N.getString("message.icon-not-icns"), f));
return null;
}
return f;
},
(s, p) -> new File(s));
public static final StandardBundlerParam<Boolean> SIGN_BUNDLE =
new StandardBundlerParam<>(
Arguments.CLIOptions.MAC_SIGN.getId(),
Boolean.class,
params -> false,
// valueOf(null) is false, we actually do want null in some cases
(s, p) -> (s == null || "null".equalsIgnoreCase(s)) ?
null : Boolean.valueOf(s)
);
private static final StandardBundlerParam<String> FA_MAC_CFBUNDLETYPEROLE =
new StandardBundlerParam<>(
Arguments.MAC_CFBUNDLETYPEROLE,
String.class,
params -> "Editor",
(s, p) -> s
);
private static final StandardBundlerParam<String> FA_MAC_LSHANDLERRANK =
new StandardBundlerParam<>(
Arguments.MAC_LSHANDLERRANK,
String.class,
params -> "Owner",
(s, p) -> s
);
private static final StandardBundlerParam<String> FA_MAC_NSSTORETYPEKEY =
new StandardBundlerParam<>(
Arguments.MAC_NSSTORETYPEKEY,
String.class,
params -> null,
(s, p) -> s
);
private static final StandardBundlerParam<String> FA_MAC_NSDOCUMENTCLASS =
new StandardBundlerParam<>(
Arguments.MAC_NSDOCUMENTCLASS,
String.class,
params -> null,
(s, p) -> s
);
private static final StandardBundlerParam<String> FA_MAC_LSTYPEISPACKAGE =
new StandardBundlerParam<>(
Arguments.MAC_LSTYPEISPACKAGE,
String.class,
params -> null,
(s, p) -> s
);
private static final StandardBundlerParam<String> FA_MAC_LSDOCINPLACE =
new StandardBundlerParam<>(
Arguments.MAC_LSDOCINPLACE,
String.class,
params -> null,
(s, p) -> s
);
private static final StandardBundlerParam<String> FA_MAC_UIDOCBROWSER =
new StandardBundlerParam<>(
Arguments.MAC_UIDOCBROWSER,
String.class,
params -> null,
(s, p) -> s
);
@SuppressWarnings("unchecked")
private static final StandardBundlerParam<List<String>> FA_MAC_NSEXPORTABLETYPES =
new StandardBundlerParam<>(
Arguments.MAC_NSEXPORTABLETYPES,
(Class<List<String>>) (Object) List.class,
params -> null,
(s, p) -> Arrays.asList(s.split("(,|\\s)+"))
);
@SuppressWarnings("unchecked")
private static final StandardBundlerParam<List<String>> FA_MAC_UTTYPECONFORMSTO =
new StandardBundlerParam<>(
Arguments.MAC_UTTYPECONFORMSTO,
(Class<List<String>>) (Object) List.class,
params -> Arrays.asList("public.data"),
(s, p) -> Arrays.asList(s.split("(,|\\s)+"))
);
public MacAppImageBuilder(Path imageOutDir) {
super(imageOutDir);
this.root = imageOutDir;
this.contentsDir = root.resolve("Contents");
this.resourcesDir = appLayout.destktopIntegrationDirectory();
this.macOSDir = appLayout.launchersDirectory();
this.runtimeDir = appLayout.runtimeDirectory();
this.runtimeRoot = appLayout.runtimeHomeDirectory();
}
private void writeEntry(InputStream in, Path dstFile) throws IOException {
Files.createDirectories(dstFile.getParent());
Files.copy(in, dstFile);
}
@Override
public void prepareApplicationFiles(Map<String, ? super Object> params)
throws IOException {
Files.createDirectories(macOSDir);
Map<String, ? super Object> originalParams = new HashMap<>(params);
// Generate PkgInfo
File pkgInfoFile = new File(contentsDir.toFile(), "PkgInfo");
pkgInfoFile.createNewFile();
writePkgInfo(pkgInfoFile);
Path executable = macOSDir.resolve(getLauncherName(params));
// create the main app launcher
try (InputStream is_launcher =
getResourceAsStream("jpackageapplauncher")) {
// Copy executable and library to MacOS folder
writeEntry(is_launcher, executable);
}
executable.toFile().setExecutable(true, false);
// generate main app launcher config file
writeCfgFile(params);
// create additional app launcher(s) and config file(s)
List<Map<String, ? super Object>> entryPoints =
StandardBundlerParam.ADD_LAUNCHERS.fetchFrom(params);
for (Map<String, ? super Object> entryPoint : entryPoints) {
Map<String, ? super Object> tmp =
AddLauncherArguments.merge(originalParams, entryPoint);
// add executable for add launcher
Path addExecutable = macOSDir.resolve(getLauncherName(tmp));
try (InputStream is = getResourceAsStream("jpackageapplauncher");) {
writeEntry(is, addExecutable);
}
addExecutable.toFile().setExecutable(true, false);
// add config file for add launcher
writeCfgFile(tmp);
}
// Copy class path entries to Java folder
copyApplication(params);
/*********** Take care of "config" files *******/
createResource(TEMPLATE_BUNDLE_ICON, params)
.setCategory("icon")
.setExternal(ICON_ICNS.fetchFrom(params))
.saveToFile(resourcesDir.resolve(APP_NAME.fetchFrom(params)
+ ".icns"));
// copy file association icons
for (Map<String, ?
super Object> fa : FILE_ASSOCIATIONS.fetchFrom(params)) {
File f = FA_ICON.fetchFrom(fa);
if (f != null && f.exists()) {
try (InputStream in2 = new FileInputStream(f)) {
Files.copy(in2, resourcesDir.resolve(f.getName()));
}
}
}
copyRuntimeFiles(params);
sign(params);
}
private void copyRuntimeFiles(Map<String, ? super Object> params)
throws IOException {
// Generate Info.plist
writeInfoPlist(contentsDir.resolve("Info.plist").toFile(), params);
// generate java runtime info.plist
writeRuntimeInfoPlist(
runtimeDir.resolve("Contents/Info.plist").toFile(), params);
// copy library
Path runtimeMacOSDir = Files.createDirectories(
runtimeDir.resolve("Contents/MacOS"));
final Path jliName = Path.of("libjli.dylib");
try (Stream<Path> walk = Files.walk(runtimeRoot.resolve("lib"))) {
final Path jli = walk
.filter(file -> file.getFileName().equals(jliName))
.findFirst()
.get();
Files.copy(jli, runtimeMacOSDir.resolve(jliName));
}
}
private void sign(Map<String, ? super Object> params) throws IOException {
if (Optional.ofNullable(
SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.TRUE)) {
try {
addNewKeychain(params);
} catch (InterruptedException e) {
Log.error(e.getMessage());
}
String signingIdentity =
DEVELOPER_ID_APP_SIGNING_KEY.fetchFrom(params);
if (signingIdentity != null) {
prepareEntitlements(params);
signAppBundle(params, root, signingIdentity,
BUNDLE_ID_SIGNING_PREFIX.fetchFrom(params),
getConfig_Entitlements(params));
}
restoreKeychainList(params);
}
}
static File getConfig_Entitlements(Map<String, ? super Object> params) {
return new File(CONFIG_ROOT.fetchFrom(params),
getLauncherName(params) + ".entitlements");
}
static void prepareEntitlements(Map<String, ? super Object> params)
throws IOException {
createResource("entitlements.plist", params)
.setCategory(I18N.getString("resource.entitlements"))
.saveToFile(getConfig_Entitlements(params));
}
private static String getLauncherName(Map<String, ? super Object> params) {
return APP_NAME.fetchFrom(params);
}
private String getBundleName(Map<String, ? super Object> params) {
if (MAC_CF_BUNDLE_NAME.fetchFrom(params) != null) {
String bn = MAC_CF_BUNDLE_NAME.fetchFrom(params);
if (bn.length() > 16) {
Log.error(MessageFormat.format(I18N.getString(
"message.bundle-name-too-long-warning"),
MAC_CF_BUNDLE_NAME.getID(), bn));
}
return MAC_CF_BUNDLE_NAME.fetchFrom(params);
} else if (APP_NAME.fetchFrom(params) != null) {
return APP_NAME.fetchFrom(params);
} else {
String nm = MAIN_CLASS.fetchFrom(params);
if (nm.length() > 16) {
nm = nm.substring(0, 16);
}
return nm;
}
}
private void writeRuntimeInfoPlist(File file,
Map<String, ? super Object> params) throws IOException {
Map<String, String> data = new HashMap<>();
String identifier = StandardBundlerParam.isRuntimeInstaller(params) ?
MAC_CF_BUNDLE_IDENTIFIER.fetchFrom(params) :
"com.oracle.java." + MAC_CF_BUNDLE_IDENTIFIER.fetchFrom(params);
data.put("CF_BUNDLE_IDENTIFIER", identifier);
String name = StandardBundlerParam.isRuntimeInstaller(params) ?
getBundleName(params): "Java Runtime Image";
data.put("CF_BUNDLE_NAME", name);
data.put("CF_BUNDLE_VERSION", VERSION.fetchFrom(params));
data.put("CF_BUNDLE_SHORT_VERSION_STRING", VERSION.fetchFrom(params));
createResource(TEMPLATE_RUNTIME_INFO_PLIST, params)
.setPublicName("Runtime-Info.plist")
.setCategory(I18N.getString("resource.runtime-info-plist"))
.setSubstitutionData(data)
.saveToFile(file);
}
private void writeStringArrayPlist(StringBuilder sb, String key,
List<String> values) {
if (values != null && !values.isEmpty()) {
sb.append(" <key>").append(key).append("</key>\n").append(" <array>\n");
values.forEach((value) -> {
sb.append(" <string>").append(value).append("</string>\n");
});
sb.append(" </array>\n");
}
}
private void writeStringPlist(StringBuilder sb, String key, String value) {
if (value != null && !value.isEmpty()) {
sb.append(" <key>").append(key).append("</key>\n").append(" <string>")
.append(value).append("</string>\n").append("\n");
}
}
private void writeBoolPlist(StringBuilder sb, String key, String value) {
if (value != null && !value.isEmpty()) {
sb.append(" <key>").append(key).append("</key>\n").append(" <")
.append(value).append("/>\n").append("\n");
}
}
private void writeInfoPlist(File file, Map<String, ? super Object> params)
throws IOException {
Log.verbose(MessageFormat.format(I18N.getString(
"message.preparing-info-plist"), file.getAbsolutePath()));
//prepare config for exe
//Note: do not need CFBundleDisplayName if we don't support localization
Map<String, String> data = new HashMap<>();
data.put("DEPLOY_ICON_FILE", APP_NAME.fetchFrom(params) + ".icns");
data.put("DEPLOY_BUNDLE_IDENTIFIER",
MAC_CF_BUNDLE_IDENTIFIER.fetchFrom(params));
data.put("DEPLOY_BUNDLE_NAME",
getBundleName(params));
data.put("DEPLOY_BUNDLE_COPYRIGHT", COPYRIGHT.fetchFrom(params));
data.put("DEPLOY_LAUNCHER_NAME", getLauncherName(params));
data.put("DEPLOY_BUNDLE_SHORT_VERSION", VERSION.fetchFrom(params));
data.put("DEPLOY_BUNDLE_CFBUNDLE_VERSION", VERSION.fetchFrom(params));
StringBuilder bundleDocumentTypes = new StringBuilder();
StringBuilder exportedTypes = new StringBuilder();
for (Map<String, ? super Object>
fileAssociation : FILE_ASSOCIATIONS.fetchFrom(params)) {
List<String> extensions = FA_EXTENSIONS.fetchFrom(fileAssociation);
if (extensions == null) {
Log.verbose(I18N.getString(
"message.creating-association-with-null-extension"));
}
String itemContentType = MAC_CF_BUNDLE_IDENTIFIER.fetchFrom(params)
+ "." + ((extensions == null || extensions.isEmpty())
? "mime" : extensions.get(0));
String description = FA_DESCRIPTION.fetchFrom(fileAssociation);
File icon = FA_ICON.fetchFrom(fileAssociation);
bundleDocumentTypes.append(" <dict>\n");
writeStringArrayPlist(bundleDocumentTypes, "LSItemContentTypes",
Arrays.asList(itemContentType));
writeStringPlist(bundleDocumentTypes, "CFBundleTypeName", description);
writeStringPlist(bundleDocumentTypes, "LSHandlerRank",
FA_MAC_LSHANDLERRANK.fetchFrom(fileAssociation));
writeStringPlist(bundleDocumentTypes, "CFBundleTypeRole",
FA_MAC_CFBUNDLETYPEROLE.fetchFrom(fileAssociation));
writeStringPlist(bundleDocumentTypes, "NSPersistentStoreTypeKey",
FA_MAC_NSSTORETYPEKEY.fetchFrom(fileAssociation));
writeStringPlist(bundleDocumentTypes, "NSDocumentClass",
FA_MAC_NSDOCUMENTCLASS.fetchFrom(fileAssociation));
writeBoolPlist(bundleDocumentTypes, "LSIsAppleDefaultForType",
"true");
writeBoolPlist(bundleDocumentTypes, "LSTypeIsPackage",
FA_MAC_LSTYPEISPACKAGE.fetchFrom(fileAssociation));
writeBoolPlist(bundleDocumentTypes, "LSSupportsOpeningDocumentsInPlace",
FA_MAC_LSDOCINPLACE.fetchFrom(fileAssociation));
writeBoolPlist(bundleDocumentTypes, "UISupportsDocumentBrowser",
FA_MAC_UIDOCBROWSER.fetchFrom(fileAssociation));
if (icon != null && icon.exists()) {
writeStringPlist(bundleDocumentTypes, "CFBundleTypeIconFile",
icon.getName());
}
bundleDocumentTypes.append(" </dict>\n");
exportedTypes.append(" <dict>\n");
writeStringPlist(exportedTypes, "UTTypeIdentifier",
itemContentType);
writeStringPlist(exportedTypes, "UTTypeDescription",
description);
writeStringArrayPlist(exportedTypes, "UTTypeConformsTo",
FA_MAC_UTTYPECONFORMSTO.fetchFrom(fileAssociation));
if (icon != null && icon.exists()) {
writeStringPlist(exportedTypes, "UTTypeIconFile", icon.getName());
}
exportedTypes.append("\n")
.append(" <key>UTTypeTagSpecification</key>\n")
.append(" <dict>\n")
.append("\n");
writeStringArrayPlist(exportedTypes, "public.filename-extension",
extensions);
writeStringArrayPlist(exportedTypes, "public.mime-type",
FA_CONTENT_TYPE.fetchFrom(fileAssociation));
writeStringArrayPlist(exportedTypes, "NSExportableTypes",
FA_MAC_NSEXPORTABLETYPES.fetchFrom(fileAssociation));
exportedTypes.append(" </dict>\n").append(" </dict>\n");
}
String associationData;
if (bundleDocumentTypes.length() > 0) {
associationData =
"\n <key>CFBundleDocumentTypes</key>\n <array>\n"
+ bundleDocumentTypes.toString()
+ " </array>\n\n"
+ " <key>UTExportedTypeDeclarations</key>\n <array>\n"
+ exportedTypes.toString()
+ " </array>\n";
} else {
associationData = "";
}
data.put("DEPLOY_FILE_ASSOCIATIONS", associationData);
createResource(TEMPLATE_INFO_PLIST_LITE, params)
.setCategory(I18N.getString("resource.app-info-plist"))
.setSubstitutionData(data)
.setPublicName("Info.plist")
.saveToFile(file);
}
private void writePkgInfo(File file) throws IOException {
//hardcoded as it does not seem we need to change it ever
String signature = "????";
try (Writer out = Files.newBufferedWriter(file.toPath())) {
out.write(OS_TYPE_CODE + signature);
out.flush();
}
}
public static void addNewKeychain(Map<String, ? super Object> params)
throws IOException, InterruptedException {
if (Platform.getMajorVersion() < 10 ||
(Platform.getMajorVersion() == 10 &&
Platform.getMinorVersion() < 12)) {
// we need this for OS X 10.12+
return;
}
String keyChain = SIGNING_KEYCHAIN.fetchFrom(params);
if (keyChain == null || keyChain.isEmpty()) {
return;
}
// get current keychain list
String keyChainPath = new File (keyChain).getAbsolutePath().toString();
List<String> keychainList = new ArrayList<>();
int ret = IOUtils.getProcessOutput(
keychainList, "security", "list-keychains");
if (ret != 0) {
Log.error(I18N.getString("message.keychain.error"));
return;
}
boolean contains = keychainList.stream().anyMatch(
str -> str.trim().equals("\""+keyChainPath.trim()+"\""));
if (contains) {
// keychain is already added in the search list
return;
}
keyChains = new ArrayList<>();
// remove "
keychainList.forEach((String s) -> {
String path = s.trim();
if (path.startsWith("\"") && path.endsWith("\"")) {
path = path.substring(1, path.length()-1);
}
keyChains.add(path);
});
List<String> args = new ArrayList<>();
args.add("security");
args.add("list-keychains");
args.add("-s");
args.addAll(keyChains);
args.add(keyChain);
ProcessBuilder pb = new ProcessBuilder(args);
IOUtils.exec(pb);
}
public static void restoreKeychainList(Map<String, ? super Object> params)
throws IOException{
if (Platform.getMajorVersion() < 10 ||
(Platform.getMajorVersion() == 10 &&
Platform.getMinorVersion() < 12)) {
// we need this for OS X 10.12+
return;
}
if (keyChains == null || keyChains.isEmpty()) {
return;
}
List<String> args = new ArrayList<>();
args.add("security");
args.add("list-keychains");
args.add("-s");
args.addAll(keyChains);
ProcessBuilder pb = new ProcessBuilder(args);
IOUtils.exec(pb);
}
static void signAppBundle(
Map<String, ? super Object> params, Path appLocation,
String signingIdentity, String identifierPrefix, File entitlements)
throws IOException {
AtomicReference<IOException> toThrow = new AtomicReference<>();
String appExecutable = "/Contents/MacOS/" + APP_NAME.fetchFrom(params);
String keyChain = SIGNING_KEYCHAIN.fetchFrom(params);
// sign all dylibs and executables
try (Stream<Path> stream = Files.walk(appLocation)) {
stream.peek(path -> { // fix permissions
try {
Set<PosixFilePermission> pfp =
Files.getPosixFilePermissions(path);
if (!pfp.contains(PosixFilePermission.OWNER_WRITE)) {
pfp = EnumSet.copyOf(pfp);
pfp.add(PosixFilePermission.OWNER_WRITE);
Files.setPosixFilePermissions(path, pfp);
}
} catch (IOException e) {
Log.verbose(e);
}
}).filter(p -> Files.isRegularFile(p) &&
(Files.isExecutable(p) || p.toString().endsWith(".dylib"))
&& !(p.toString().endsWith(appExecutable)
|| p.toString().contains("/Contents/runtime")
|| p.toString().contains("/Contents/Frameworks"))
).forEach(p -> {
// noinspection ThrowableResultOfMethodCallIgnored
if (toThrow.get() != null) return;
// If p is a symlink then skip the signing process.
if (Files.isSymbolicLink(p)) {
Log.verbose(MessageFormat.format(I18N.getString(
"message.ignoring.symlink"), p.toString()));
} else if (isFileSigned(p)) {
// executable or lib already signed
Log.verbose(MessageFormat.format(I18N.getString(
"message.already.signed"), p.toString()));
} else {
List<String> args = new ArrayList<>();
args.addAll(Arrays.asList("codesign",
"--timestamp",
"--options", "runtime",
"-s", signingIdentity,
"--prefix", identifierPrefix,
"-vvvv"));
if (keyChain != null && !keyChain.isEmpty()) {
args.add("--keychain");
args.add(keyChain);
}
if (Files.isExecutable(p)) {
if (entitlements != null) {
args.add("--entitlements");
args.add(entitlements.toString());
}
}
args.add(p.toString());
try {
Set<PosixFilePermission> oldPermissions =
Files.getPosixFilePermissions(p);
File f = p.toFile();
f.setWritable(true, true);
ProcessBuilder pb = new ProcessBuilder(args);
IOUtils.exec(pb);
Files.setPosixFilePermissions(p, oldPermissions);
} catch (IOException ioe) {
toThrow.set(ioe);
}
}
});
}
IOException ioe = toThrow.get();
if (ioe != null) {
throw ioe;
}
// sign all runtime and frameworks
Consumer<? super Path> signIdentifiedByPList = path -> {
//noinspection ThrowableResultOfMethodCallIgnored
if (toThrow.get() != null) return;
try {
List<String> args = new ArrayList<>();
args.addAll(Arrays.asList("codesign",
"--timestamp",
"--options", "runtime",
"--force",
"-s", signingIdentity, // sign with this key
"--prefix", identifierPrefix,
// use the identifier as a prefix
"-vvvv"));
if (keyChain != null && !keyChain.isEmpty()) {
args.add("--keychain");
args.add(keyChain);
}
args.add(path.toString());
ProcessBuilder pb = new ProcessBuilder(args);
IOUtils.exec(pb);
} catch (IOException e) {
toThrow.set(e);
}
};
Path javaPath = appLocation.resolve("Contents/runtime");
if (Files.isDirectory(javaPath)) {
signIdentifiedByPList.accept(javaPath);
ioe = toThrow.get();
if (ioe != null) {
throw ioe;
}
}
Path frameworkPath = appLocation.resolve("Contents/Frameworks");
if (Files.isDirectory(frameworkPath)) {
try (var fileList = Files.list(frameworkPath)) {
fileList.forEach(signIdentifiedByPList);
}
ioe = toThrow.get();
if (ioe != null) {
throw ioe;
}
}
// sign the app itself
List<String> args = new ArrayList<>();
args.addAll(Arrays.asList("codesign",
"--timestamp",
"--options", "runtime",
"--force",
"-s", signingIdentity,
"-vvvv"));
if (keyChain != null && !keyChain.isEmpty()) {
args.add("--keychain");
args.add(keyChain);
}
if (entitlements != null) {
args.add("--entitlements");
args.add(entitlements.toString());
}
args.add(appLocation.toString());
ProcessBuilder pb =
new ProcessBuilder(args.toArray(new String[args.size()]));
IOUtils.exec(pb);
}
private static boolean isFileSigned(Path file) {
ProcessBuilder pb =
new ProcessBuilder("codesign", "--verify", file.toString());
try {
IOUtils.exec(pb);
} catch (IOException ex) {
return false;
}
return true;
}
private static String extractBundleIdentifier(Map<String, Object> params) {
if (PREDEFINED_APP_IMAGE.fetchFrom(params) == null) {
return null;
}
try {
File infoPList = new File(PREDEFINED_APP_IMAGE.fetchFrom(params) +
File.separator + "Contents" +
File.separator + "Info.plist");
DocumentBuilderFactory dbf
= DocumentBuilderFactory.newDefaultInstance();
dbf.setFeature("http://apache.org/xml/features/" +
"nonvalidating/load-external-dtd", false);
DocumentBuilder b = dbf.newDocumentBuilder();
org.w3c.dom.Document doc = b.parse(new FileInputStream(
infoPList.getAbsolutePath()));
XPath xPath = XPathFactory.newInstance().newXPath();
// Query for the value of <string> element preceding <key>
// element with value equal to CFBundleIdentifier
String v = (String) xPath.evaluate(
"//string[preceding-sibling::key = \"CFBundleIdentifier\"][1]",
doc, XPathConstants.STRING);
if (v != null && !v.isEmpty()) {
return v;
}
} catch (Exception ex) {
Log.verbose(ex);
}
return null;
}
}