Signing MacOS Bundles (& maybe code which may address newer iOS?)

[btsimonh]

Hi All,
I've just pushed updates on my fork which go a long way towards MacOS app bundle signing her:
https://github.com/btsimonh/isign-MacOS

Note that the hacks will make it not work for iOS bundles any more... (hardcoded /Content)

The modifications add a second code directory segment, with sha256 hashes, and it matches Apple pretty well.

The remaining issue is the actual signature. Apple has added timestamps and a custom part to the signature which is beyond my Python/OpenSSL ability; indeed may be beyond Python's OpenSSL bindings ability. My next port of call was going to be to port everything to nodejs, but I found an alternative way around my signing issue which means I only need to sign once now; so this code is now abandoned.
Posted here in case anyone wants to take it onwards....

s