Member-only story
Snake&Apple II—Code Signing
How the Code Signing works & how to read the Code Signature on macOS.
INTRO
Welcome to another article in the series on macOS security internals!
This article provides in-depth information about the Code Signature format and introduces how the Code Signing works. You will learn here:
- How to determine if a file has a valid Signature
- Where the entitlements and requirements are stored
- Low-level format of all Code Signature elements
- The concept of ad hoc signing and public key cryptography
- ASN.1 format and much more…
Additionally, this article will explain how to extract important information from Code Signature in human-readable form using Python and other tools.
Please note that some topics have been intentionally omitted and will be addressed in future articles. However, leave a comment if you have any questions or need clarification about anything written here while reading. I guarantee a response and will use your feedback for future articles.
The Snake&Apple II. Code Signing repository contains all of the code used.