Notarizing my application issues

Question

Created Nov ’21

Replies 5

Boosts 0

Views 1.4k

Participants 2

Hello,

I'm trying to get my application notarized and I had a lot of issues on the first try, after following the guidelines I have reduced the "errors" to only one that I just can't get rid of.

My application is a ".pkg" installer and when I send it to be notarized I'm getting this error message.

{
  "logFormatVersion": 1,
  "jobId": "acbd0607-58e4-41ee-b7c3-2c5b313b26cc",
  "status": "Invalid",
  "statusSummary": "Archive contains critical validation errors",
  "statusCode": 4000,
  "archiveFilename": "sb-simulator-mac-installer-2.3.1-28.pkg",
  "uploadDate": "2021-10-26T11:40:01Z",
  "sha256": "badb2dafa1462415b7dc67131a661fe549a91f7693a293dfa393e84d8410da9b",
  "ticketContents": null,
  "issues": [
    {
      "severity": "error",
      "code": null,
      "path": "sb-simulator-mac-installer-2.3.1-28.pkg/SBSimulator.pkg Contents/Payload/Applications/SafeBreach EPS.app/Contents/MacOS/SafeBreach EPS",
      "message": "The signature of the binary is invalid.",
      "docUrl": null,
      "architecture": "x86_64"
    }
  ]
}

I have tried to follow multiple guides including the official common issues but nothing worked.

The file in the error message is signed exactly like all the other files in the package so I'm not sure what else is left to be done.

Boost

Answer 1

DTS Engineer OP

Apple

Nov ’21

Try this:

Find the installer package file that you submitted to the notary service. It should be named sb-simulator-mac-installer-2.3.1-28.pkg and have a SHA-256 checksum that matches the one in the notarisation log you posted.
Unpack it manually. I use Pacifist for this sort of thing but, in the absence of that, see my Unpacking Apple Archives.

Verify the code signature of your app:

% codesign -v -vvv "/path/to/SafeBreach EPS.app"

What do you see?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

SafeBreach OP

Dec ’21

Thanks for the reply.

I have extracted the file Contents/Payload/Applications/SafeBreach EPS.app/Contents/MacOS/SafeBreach EPS from the sb-simulator-mac-installer-2.3.1-28.pkg file using Pacifist and this is the result:

codesign -v -vvv "SafeBreach EPS"
SBSimulatorPackage/build/SafeBreach EPS: invalid Info.plist (plist or signature have been modified)
In architecture: x86_64

When I'm running it on the original file:

codesign -v -vvv "./SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/MacOS/SafeBreach EPS"
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftAppKit.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftAppKit.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreImage.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreImage.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftXPC.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftXPC.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftObjectiveC.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftObjectiveC.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCore.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCore.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreGraphics.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreGraphics.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftMetal.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftMetal.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreData.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreData.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftDispatch.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftDispatch.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreFoundation.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreFoundation.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftos.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftos.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCloudKit.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCloudKit.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftDarwin.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftDarwin.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/CocoaAsyncSocket.framework/Versions/Current/.
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/CocoaAsyncSocket.framework/Versions/Current/.
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftContacts.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftContacts.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftIOKit.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftIOKit.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftQuartzCore.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftQuartzCore.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftFoundation.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftFoundation.dylib
--prepared:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreLocation.dylib
--validated:/Volumes/workspace/workspace/Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Frameworks/libswiftCoreLocation.dylib
./SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/MacOS/SafeBreach EPS: valid on disk
./SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/MacOS/SafeBreach EPS: satisfies its Designated Requirement

So it seems that something is wrong after the packing, how can I tell what?

0

Answer 3

DTS Engineer OP

Apple

Dec ’21

So it seems that something is wrong after the packing

Well, most likely during the packaging.

Given the error from codesign it seems most likely that this is associated with your main app’s Info.plist, that is, SafeBreach EPS.app/Contents/Info.plist. If you diff that against the same file in the input to your installer package creation workflow, has it changed?

Also, what tool are you using to create your installer package?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 4

SafeBreach OP

Dec ’21

I looked into the Info.plist file and it seems that it is the same before and after the pack

md5 "./Build-Mac-EP-New/SBSimulatorPackage/build/SafeBreach EPS.app/Contents/Info.plist" "./Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Info.plist"
MD5 (./Build-Mac-EP-New/SBSimulatorPackage/build/SafeBreach EPS.app/Contents/Info.plist) = e9be84f77bf23176a8d337fbce83aeb2
MD5 (./Build-Mac-EP-New/SafeBreachMenuBar/Build/Products/Release/SafeBreach EPS.app/Contents/Info.plist) = e9be84f77bf23176a8d337fbce83aeb2

I'm using Packages (http://s.sudre.free.fr/Software/Packages/about.html) to create the final .pkg file.

0

Answer 5

DTS Engineer OP

Apple

Dec ’21

I'm using Packages … to create the final .pkg file.

Hmmm. If you package your app using Apple tools and then unpackage it the same way (Pacifist ftw!), do you still see the problem?

For instructions on how to package an app using Apple tools, see Signing a Mac Product For Distribution.

If the Apple tools work, you have a choice:

You can either continue using Apple tools.
You can escalate this with your third-party third-party tool provider.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0