codesign
Provides code signing support. More...
| Since: | Qbs 1.19 | 
Properties
- certificatePassword : string
- certificatePath : string
- codesignFlags : stringList
- codesignName : string
- codesignPath : string
- crossCertificatePath : string
- enableCodeSigning : bool
- hashAlgorithm : string
- keyAlias : string
- keyPassword : string
- keystorePassword : string
- keystorePath : string
- provisioningProfile : string
- provisioningProfilesPath : path
- rootSubjectName : string
- signingIdentity : string
- signingTimestamp : string
- signingType : string
- subjectName : string
- teamIdentifier : string
- timestampAlgorithm : string
- useApksigner : bool
Detailed Description
The codesign module contains properties and rules for code signing on Apple and Android platforms.
Relevant File Tags
| Tag | Auto-tagged File Names | Since | Description | 
|---|---|---|---|
| "codesign.entitlements" | *.entitlements | 1.19.0 | Xcode entitlements | 
| "codesign.provisioningprofile" | *.mobileprovision, *.provisionprofile | 1.19.0 | Xcode provisioning profiles | 
| "codesign.signed_artifact" | n/a | 1.19.0 | This tag is attached to all signed artifacts such as applications or libraries | 
Property Documentation
| [since Qbs 1.19] certificatePassword : string | 
Specifies the password to use when opening a signing certificate file (*.pfx).
Default: undefined
This property is specific to Windows.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] certificatePath : string | 
Specifies the full path to the signing certificate file (*.pfx).
Default: undefined
This property is specific to Windows.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] codesignFlags : stringList | 
Additional flags passed to the codesign tool.
Default: Undefined
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] codesignName : string | 
The name of the codesign binary.
Default: Determined automatically
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] codesignPath : string | 
Path to the codesign tool.
Default: Determined automatically
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] crossCertificatePath : string | 
Specifies the full path to the additional certificate file (*.cer).
Default: undefined
This property is specific to Windows.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] enableCodeSigning : bool | 
Whether to actually perform code signing.
Default: false
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] hashAlgorithm : string | 
Specifies the default hash algorithm used on the signing certificate. The possible values are sha1, sha256, sha384, and sha512.
Note: Only available in Windows 10 kit builds 20236 and later.
Default: undefined
This property is specific to Windows.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] keyAlias : string | 
The key alias.
Default: "androiddebugkey"
This property is specific to Android platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] keyPassword : string | 
The key password.
Default: "android"
This property is specific to Android platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] keystorePassword : string | 
The keystore password.
Default: "android"
This property is specific to Android platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] keystorePath : string | 
The absolute path to the keystore file.
Default: "${HOME}/.android/debug.keystore"
This property is specific to Android platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] provisioningProfile : string | 
Name or UUID of the provisioning profile to embed in the product. Typically this should be left blank to allow Qbs to use automatic provisioning.
Default: undefined
This property is specific to Apple platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] provisioningProfilesPath : path | 
Path to directory containing provisioning profiles installed on the system. This should not normally need to be changed.
Default: "~/Library/MobileDevice/Provisioning Profiles"
This property is specific to Apple platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] rootSubjectName : string | 
Specifies the name of the subject of the root certificate that the signing certificate must chain to. This value may be a substring of the entire subject name of the root certificate.
Default: undefined
This property is specific to Windows.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] signingIdentity : string | 
Search string used to find the certificate to sign the product. This does not have to be a full certificate name like "Mac Developer: John Doe (XXXXXXXXXX)", and can instead be a partial string like "Mac Developer" or the certificate's SHA1 fingerprint. The search string should generally be one of the following:
- 3rd Party Mac Developer Application
- 3rd Party Mac Developer Installer
- Developer ID Application
- Developer ID Installer
- iPhone Developer
- iPhone Distribution
- Mac Developer
It is also possible to use the special "-" value to use the ad-hoc signing.
See Maintaining Your Signing Identities and Certificates for complete documentation on the existing certificate types. In general you should use signingType instead.
Default: Determined by signingType
This property is specific to Apple platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] signingTimestamp : string | 
URL of the timestamp authority RFC 3161 server to be contacted to authenticate code signing. undefined or empty indicates that a system-specific default should be used; "none" explicitly disables the use of timestamp services on Apple platforms.
Default: "none" on Apple, undefined otherwise
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] signingType : string | 
Type of code signing to use. This should generally be used in preference to an explicit signing identity like "Mac Developer: John Doe (XXXXXXXXXX)" since it is not user specific and can be set in a project file. Possible values include: "app-store", "apple-id", "ad-hoc", which sign for the App Store or Mac App Store, Developer ID, and Ad-hoc code signing, respectively.
Relation between the signingType and signingIdentity
The following table shows how the signingIdentity's default value is calculated.
| qbs.targetOS | codesign.signingType | qbs.buildVariant | codesign.signingIdentity | 
|---|---|---|---|
| "macos" | "ad-hoc" | any | "-" | 
| "app-store" | "debug","profiling" | "MacDeveloper" | |
| "release" | "3rdParty Mac Developer Application" | ||
| "apple-id" | any | "DeveloperID Application" | |
| "ios","tvos","watchos" | "app-store" | "debug","profiling" | "iPhoneDeveloper" | 
| "release" | "iPhoneDistribution" | 
Default: Determined automatically
This property is specific to Apple platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] subjectName : string | 
Specifies the name of the subject of the signing certificate. This value can be a substring of the entire subject name.
Default: undefined
This property is specific to Windows.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19] teamIdentifier : string | 
Human readable name or 10-digit identifier of the Apple development team that the signing identity belongs to. This is used to disambiguate between multiple certificates of the same type in different teams. Typically this can be left blank if the development machine is only signed in to a single development team, and should be set in a profile otherwise.
Default: undefined
This property is specific to Apple platforms.
This property was introduced in Qbs 1.19.
| [since Qbs 1.19.2] timestampAlgorithm : string | 
Specifies the default timestamp algorithm used together with the signingTimestamp property. The possible values are sha1, sha256.
Note: If this value is not set, then the default sha1 algorithm will be used.
Default: undefined
This property is specific to Windows.
This property was introduced in Qbs 1.19.2.
| [since Qbs 1.19] useApksigner : bool | 
If true, the package is signed using apksignerFilePath binary. Set this property to false to use the jarsignerFilePath one. Set by the Android.sdk module.
Default: true
This property is specific to Android platforms.
This property was introduced in Qbs 1.19.