提交應用到 Mac App Store · Electron 中文文檔

# Mac App Store 應用提交向導自從 v0.34.0, Electron 就允許提交應用包到 Mac App Store (MAS) . 這個向導提供的信息有 : 如何提交應用和 MAS 構建的限制. __注意:__ 從 v0.36.0，當應用成為沙箱之后，會有一個 bug 阻止 GPU 進程開啟 , 所以在這個 bug 修復之前，建議使用 v0.35.x .更多查看 [issue #3871][issue-3871] . __注意:__ 提交應用到 Mac App Store 需要參加 [Apple Developer Program][developer-program] , 這需要花錢. ## 如何提交下面步驟介紹了一個簡單的提交應用到商店方法.然而，這些步驟不能保證你的應用被 Apple 接受；你仍然需要閱讀 Apple 的 [Submitting Your App][submitting-your-app] 關于如何滿足 Mac App Store 要求的向導. ### 獲得證書為了提交應用到商店，首先需要從 Apple 獲得一個證書.可以遵循 [existing guides][nwjs-guide]. ### App 簽名獲得證書之后，你可以使用 [Application Distribution](application-distribution.md) 打包你的應用, 然后前往提交你的應用.這個步驟基本上和其他程序一樣，但是這 key 一個個的標識 Electron 的每個依賴. 首先，你需要準備2個授權文件 . `child.plist`: ```xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.inherit</key> <true/> </dict> </plist> ``` `parent.plist`: ```xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.security.app-sandbox</key> <true/> </dict> </plist> ``` 然后使用下面的腳本標識你的應用 : ```bash #!/bin/bash # Name of your app. APP="YourApp" # The path of you app to sign. APP_PATH="/path/to/YouApp.app" # The path to the location you want to put the signed package. RESULT_PATH="~/Desktop/$APP.pkg" # The name of certificates you requested. APP_KEY="3rd Party Mac Developer Application: Company Name (APPIDENTITY)" INSTALLER_KEY="3rd Party Mac Developer Installer: Company Name (APPIDENTITY)" FRAMEWORKS_PATH="$APP_PATH/Contents/Frameworks" codesign --deep -fs "$APP_KEY" --entitlements child.plist "$FRAMEWORKS_PATH/Electron Framework.framework/Versions/A" codesign --deep -fs "$APP_KEY" --entitlements child.plist "$FRAMEWORKS_PATH/$APP Helper.app/" codesign --deep -fs "$APP_KEY" --entitlements child.plist "$FRAMEWORKS_PATH/$APP Helper EH.app/" codesign --deep -fs "$APP_KEY" --entitlements child.plist "$FRAMEWORKS_PATH/$APP Helper NP.app/" if [ -d "$FRAMEWORKS_PATH/Squirrel.framework/Versions/A" ]; then # Signing a non-MAS build. codesign --deep -fs "$APP_KEY" --entitlements child.plist "$FRAMEWORKS_PATH/Mantle.framework/Versions/A" codesign --deep -fs "$APP_KEY" --entitlements child.plist "$FRAMEWORKS_PATH/ReactiveCocoa.framework/Versions/A" codesign --deep -fs "$APP_KEY" --entitlements child.plist "$FRAMEWORKS_PATH/Squirrel.framework/Versions/A" fi codesign -fs "$APP_KEY" --entitlements parent.plist "$APP_PATH" productbuild --component "$APP_PATH" /Applications --sign "$INSTALLER_KEY" "$RESULT_PATH" ``` 如果你是 OS X 下的應用沙箱使用新手，應當仔細閱讀 Apple 的 [Enabling App Sandbox][enable-app-sandbox] 來有一點基礎,然后向授權文件添加你的應用需要的許可 keys . ### 上傳你的應用并檢查提交在簽名應用之后，可以使用應用 Loader 來上傳到 iTunes 鏈接處理 , 確保在上傳之前你已經 [created a record][create-record]. 然后你能 [submit your app for review][submit-for-review]. ## MAS構建限制為了讓你的應用沙箱滿足所有條件，在 MAS 構建的時候，下面的模塊被禁用了 : * `crashReporter` * `autoUpdater` 并且下面的行為也改變了: * 一些機子的視頻采集功能無效. * 某些特征不可訪問. * Apps 不可識別 DNS 改變. 也由于應用沙箱的使用方法，應用可以訪問的資源被嚴格限制了 ; 閱讀更多信息 [App Sandboxing][app-sandboxing] . ## Electron 使用的加密算法取決于你所在地方的國家和地區 , Mac App Store 或許需要記錄你應用的加密算法 , 甚至要求你提交一個 U.S 加密注冊(ERN) 許可的復印件. Electron 使用下列加密算法: * AES - [NIST SP 800-38A](http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf), [NIST SP 800-38D](http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf), [RFC 3394](http://www.ietf.org/rfc/rfc3394.txt) * HMAC - [FIPS 198-1](http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf) * ECDSA - ANS X9.62–2005 * ECDH - ANS X9.63–2001 * HKDF - [NIST SP 800-56C](http://csrc.nist.gov/publications/nistpubs/800-56C/SP-800-56C.pdf) * PBKDF2 - [RFC 2898](https://tools.ietf.org/html/rfc2898) * RSA - [RFC 3447](http://www.ietf.org/rfc/rfc3447) * SHA - [FIPS 180-4](http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf) * Blowfish - https://www.schneier.com/cryptography/blowfish/ * CAST - [RFC 2144](https://tools.ietf.org/html/rfc2144), [RFC 2612](https://tools.ietf.org/html/rfc2612) * DES - [FIPS 46-3](http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf) * DH - [RFC 2631](https://tools.ietf.org/html/rfc2631) * DSA - [ANSI X9.30](http://webstore.ansi.org/RecordDetail.aspx?sku=ANSI+X9.30-1%3A1997) * EC - [SEC 1](http://www.secg.org/sec1-v2.pdf) * IDEA - "On the Design and Security of Block Ciphers" book by X. Lai * MD2 - [RFC 1319](http://tools.ietf.org/html/rfc1319) * MD4 - [RFC 6150](https://tools.ietf.org/html/rfc6150) * MD5 - [RFC 1321](https://tools.ietf.org/html/rfc1321) * MDC2 - [ISO/IEC 10118-2](https://www.openssl.org/docs/manmaster/crypto/mdc2.html) * RC2 - [RFC 2268](https://tools.ietf.org/html/rfc2268) * RC4 - [RFC 4345](https://tools.ietf.org/html/rfc4345) * RC5 - http://people.csail.mit.edu/rivest/Rivest-rc5rev.pdf * RIPEMD - [ISO/IEC 10118-3](http://webstore.ansi.org/RecordDetail.aspx?sku=ISO%2FIEC%2010118-3:2004) 如何獲取 ERN 許可, 可看這篇文章: [How to legally submit an app to Apple’s App Store when it uses encryption (or how to obtain an ERN)][ern-tutorial]. [developer-program]: https://developer.apple.com/support/compare-memberships/ [submitting-your-app]: https://developer.apple.com/library/mac/documentation/IDEs/Conceptual/AppDistributionGuide/SubmittingYourApp/SubmittingYourApp.html [nwjs-guide]: https://github.com/nwjs/nw.js/wiki/Mac-App-Store-%28MAS%29-Submission-Guideline#first-steps [enable-app-sandbox]: https://developer.apple.com/library/ios/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/EnablingAppSandbox.html [create-record]: https://developer.apple.com/library/ios/documentation/LanguagesUtilities/Conceptual/iTunesConnect_Guide/Chapters/CreatingiTunesConnectRecord.html [submit-for-review]: https://developer.apple.com/library/ios/documentation/LanguagesUtilities/Conceptual/iTunesConnect_Guide/Chapters/SubmittingTheApp.html [app-sandboxing]: https://developer.apple.com/app-sandboxing/ [issue-3871]: https://github.com/electron/electron/issues/3871 [ern-tutorial]: https://carouselapps.com/2015/12/15/legally-submit-app-apples-app-store-uses-encryption-obtain-ern/