hoakley July 20, 2019 Macs, Technology

How to add a custom icon to an app without breaking its signature

I’ve recently been extolling the virtues of apps checking their own integrity, and we’re all aware that Mojave and Catalina introduce tougher checks on app signatures. One of the casualties of this is the dubious practice of some users who customise apps in various ways: altering the contents of app bundles can cause them to fail signature checks, and stop them running.

This article explains how you can safely change the icon displayed by an app without breaking its signature, even when it has yet to go through full ‘first run’ checks with its quarantine flag set.

What you can’t do is tamper with the app’s icons inside its Resources folder. Although the Resources folder is excluded from some signature checks, it is checked at first run and now on some other occasions. Change anything in there and the app is at significant risk of failing more extended signature checks, and may as a result stop launching.

The ‘official’ way to change an app’s icon uses the Finder’s Get Info dialog. Click on the icon in the top left corner to select it, and you can paste in another icon in its place.

If you want to use an altered version of the existing app icon, perhaps with a version number superimposed, copy the original icon into a suitable editor such as GraphicConverter using PNG format, change it to your liking, then ensure that it uses a single layer. If you’ve added superimposed text, for example, you may need to save it as a PNG and reopen that file, or the text may be omitted.

Select the whole of the modified icon, with its transparent background, copy and paste it into the Get Info dialog for the app.

What happens then is rather ingenious. Instead of the Finder altering the icons within the app bundle, a new file named Icon? is created at the top level in the bundle, alongside the Contents folder. That file contains the custom icon, but not as data, which could break the signature, but as a traditional resource fork, an extended attribute of type com.apple.ResourceFork, as shown in xattred.

When checksums/hashes are calculated for a bundle’s signatures, they only take into account the data fork of each file in the bundle, not their extended attibutes. This is essential because of the quarantine flag, which is also attached to files as an extended attribute. If signature checksums included extended attributes, attaching quarantine flags would instantly break the signature, so macOS wisely excludes them.

That copy of your app now has the custom icon attached inside it without breaking any signature checks. The only disadvantage with this method is that, if the app is passed through a medium which doesn’t copy all extended attributes, the custom icon could be stripped.

(Thanks to Joxster for inspiring this.)

13Comments

Add yours

1

EcleX on July 20, 2019 at 7:25 am

Amazing. Thanks!

LikeLiked by 1 person
- 2
  
  hoakley on July 20, 2019 at 8:00 am
  
  Thank you. It’s a fascinating use of extended attributes, I think.
  Howard.
  
  LikeLiked by 1 person
3

Valdo on July 20, 2019 at 4:37 pm

There is also a free app for this, the LiteIcon (https://freemacsoft.net/liteicon/). This works on all non Apple apps. Apple protects own apps from changing icons. I even cannot change the plain blue Utilities folder with an icon. But the described manual procedure is more techie 🙂
I’m using their own AppCleaner, its very good and remove leftovers, unfortunately not all.

LikeLiked by 2 people
- 4
  
  hoakley on July 20, 2019 at 7:41 pm
  
  Thank you, Valdo. I would have thought that this was just as simple as using an app, but if you like the app, why not.
  Apple’s apps bundled with Mojave are all protected by SIP, so you can’t make theses changes to them, I’m afraid.
  Howard.
  
  LikeLike
5

johannesrexx on July 20, 2019 at 9:49 pm

The method for changing the icon of a file or a folder has worked since the early days of macOS 7. I’ve not seen this trick discussed in a very long time so It’s nice to see it discussed again here in new light.

When Howard releases a new revision of his apps, he ships it in a plain vanilla folder. I use the no-longer-available app “Telling Folders” (https://www.macupdate.com/app/mac/27795/telling-folders) to stamp the application icon onto the folder image. Telling Folders still works under Mojave.

LikeLiked by 2 people
- 6
  
  hoakley on July 20, 2019 at 10:08 pm
  
  Thank you. Of course back in the day of System 7, the new icon wasn’t added as a file in this way, but as a resource, which was saved in the resource fork when there were only two forks for files, data and resource. Code signatures didn’t exist either, and users could and did edit all sort of features of their apps. Happy days!
  Howard.
  
  LikeLiked by 1 person
7

theJoesen on September 4, 2019 at 9:10 am

Changing the icon with the Get Info dialog didn’t completely work in my case – though the new icon is shown in Finder and the Dock but once the app is launched, the original icon is used… any ideas of how to change the icon? (it is an app out of the App Store)

LikeLiked by 1 person
- 8
  
  hoakley on September 4, 2019 at 9:15 am
  
  I don’t think that you’ll be able to change it any more thoroughly, I’m afraid. Unless someone else has a suggestion?
  Howard.
  
  LikeLiked by 1 person
9

Valdo on September 14, 2019 at 7:22 am

Highjacking this topic to ask something somehow related.
What happens in case of renaming an AppStore and nonAppStore app?
Cannot find nothing related on net. Thank you

LikeLiked by 1 person
- 10
  
  hoakley on September 14, 2019 at 7:56 am
  
  The name of an app isn’t internal: it’s just the name of the top-level .app folder. If an item is protected by SIP, then you probably can’t change its name either. You should be able to change App Store app names fine, though, and you definitely can rename non-App Store apps as you wish.
  However, there may be penalties. If you change the name of an App Store app, it might not get updated properly; that used to be true, for example, if you moved them into a folder. I don’t know how that might affect other update mechanisms such as Sparkle either, although I suspect that should still work fine, as it works within the app folder.
  Howard.
  
  LikeLike
  - 11
    
    Valdo on September 14, 2019 at 8:24 am
    
    Thank you Howard.
    I renamed an AppStore app which shortly will get an update. Let’s see….
    The app name is “Agenda: Widget+”. Funkiest thing is that the first attempt to rename the app to “Agenda: Widget” I get the message that I cannot use punctuation marks, so I ended with “Agenda” only.
    
    LikeLiked by 1 person
    - 12
      
      hoakley on September 14, 2019 at 8:37 am
      
      Ah: you can’t use the colon : character in the Finder, as it’s the path delimiter there, just as you can’t use the slash / in Terminal.
      You may find the app name has cheated by using a different Unicode character which looks like the colon.
      Howard.
      
      LikeLike
13

Valdo on September 14, 2019 at 8:48 am

After restart the AppStore recognise that the app is installed and also AppStore delete style is available for this app. Let’s see what will happens with the update.

LikeLiked by 1 person