Closed indygreg closed 10 months ago
As found in #95, our automatic code requirements when signing with a self-signed or otherwise non-Apple signed certificate are wrong.
e.g.
- - 'designated(3): 0: (identifier "com.DefaultCompany.TrivialProject") and (anchor -1 H"e1c7216e46533c923b7cfc94e86c7043790b96e9");' + - 'designated(3): 0: (identifier "com.DefaultCompany.TrivialProject") and ((anchor apple generic) and ((certificate leaf[subject.CN] = "Apple Development: RSA Apple Development (test)") and (certificate 1[field.1.2.840.113635.100.6.2.1] /* exists */)));'
We shouldn't be putting anchor apple generic unless it is true.
anchor apple generic
As found in #95, our automatic code requirements when signing with a self-signed or otherwise non-Apple signed certificate are wrong.
e.g.
We shouldn't be putting
anchor apple genericunless it is true.