feat: Allow custom .p12 certificates

Closes #216
electron-userland · Mar 9, 2016 · 6918916 · 6918916
1 parent 5d376e1
commit 6918916
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 8 deletions.
diff --git a/src/builder.ts b/src/builder.ts
@@ -31,6 +31,9 @@ export async function build(options: BuildOptions = {}): Promise<void> {
   if (options.cscLink == null) {
     options.cscLink = process.env.CSC_LINK
   }
+  if (options.csaLink == null) {
+    options.csaLink = process.env.CSA_LINK
+  }
   if (options.cscKeyPassword == null) {
     options.cscKeyPassword = process.env.CSC_KEY_PASSWORD
   }

diff --git a/src/codeSign.ts b/src/codeSign.ts
@@ -23,32 +23,32 @@ export function generateKeychainName(): string {
   return "csc-" + randomString() + ".keychain"
 }
 
-export function createKeychain(keychainName: string, cscLink: string, cscKeyPassword: string): Promise<CodeSigningInfo> {
-  const appleCertPath = path.join(tmpdir(), randomString() + ".cer")
+export function createKeychain(keychainName: string, cscLink: string, cscKeyPassword: string, csaLink?: string): Promise<CodeSigningInfo> {
+  const authorityCertPath = path.join(tmpdir(), randomString() + ".cer")
   const developerCertPath = path.join(tmpdir(), randomString() + ".p12")
 
   const keychainPassword = randomString()
   return executeFinally(BluebirdPromise.all([
-      download("https://developer.apple.com/certificationauthority/AppleWWDRCA.cer", appleCertPath),
+      download(csaLink || "https://developer.apple.com/certificationauthority/AppleWWDRCA.cer", authorityCertPath),
       download(cscLink, developerCertPath),
       BluebirdPromise.mapSeries([
         ["create-keychain", "-p", keychainPassword, keychainName],
         ["unlock-keychain", "-p", keychainPassword, keychainName],
         ["set-keychain-settings", "-t", "3600", "-u", keychainName]
       ], it => exec("security", it))
     ])
-    .then(() => importCerts(keychainName, appleCertPath, developerCertPath, cscKeyPassword)),
+    .then(() => importCerts(keychainName, authorityCertPath, developerCertPath, cscKeyPassword)),
     errorOccurred => {
-      const tasks = [deleteFile(appleCertPath, true), deleteFile(developerCertPath, true)]
+      const tasks = [deleteFile(authorityCertPath, true), deleteFile(developerCertPath, true)]
       if (errorOccurred) {
         tasks.push(deleteKeychain(keychainName))
       }
       return all(tasks)
     })
 }
 
-async function importCerts(keychainName: string, appleCertPath: string, developerCertPath: string, cscKeyPassword: string): Promise<CodeSigningInfo> {
-  await exec("security", ["import", appleCertPath, "-k", keychainName, "-T", "/usr/bin/codesign"])
+async function importCerts(keychainName: string, authorityCertPath: string, developerCertPath: string, cscKeyPassword: string): Promise<CodeSigningInfo> {
+  await exec("security", ["import", authorityCertPath, "-k", keychainName, "-T", "/usr/bin/codesign"])
   await exec("security", ["import", developerCertPath, "-k", keychainName, "-T", "/usr/bin/codesign", "-P", cscKeyPassword])
   let cscName = await extractCommonName(cscKeyPassword, developerCertPath)
   return {

diff --git a/src/macPackager.ts b/src/macPackager.ts
@@ -17,7 +17,7 @@ export default class MacPackager extends PlatformPackager<appdmg.Specification>
     if (this.options.cscLink != null && this.options.cscKeyPassword != null) {
       const keychainName = generateKeychainName()
       cleanupTasks.push(() => deleteKeychain(keychainName))
-      this.codeSigningInfo = createKeychain(keychainName, this.options.cscLink, this.options.cscKeyPassword)
+      this.codeSigningInfo = createKeychain(keychainName, this.options.cscLink, this.options.cscKeyPassword, this.options.csaLink)
     }
     else {
       this.codeSigningInfo = BluebirdPromise.resolve(null)

diff --git a/src/platformPackager.ts b/src/platformPackager.ts
@@ -26,6 +26,7 @@ export interface PackagerOptions {
   projectDir?: string
 
   cscLink?: string
+  csaLink?: string
   cscKeyPassword?: string
 }