I have an MacOS App that get's accepted by Transporter/App Store Connect and is available to download in TestFlight. The App also installs fine. But when I try to open it I get this error:
“libgdx64.dylib” can’t be opened because Apple cannot check it for malicious software. This software needs to be updated. Contact the developer for more information.
When I click "Show in Finder" I get taken to this folder:
/private/var/folders/cs/bqb_3kr17f35kbtv34cw7s700000gn/T/<AppBundleID>/libgdxmayr/231c5cdb/libgdx64.dylib
When I try to pen this file in any capacity, e.g. in a hex editor, I get this error:
“libgdx64.dylib” is damaged and can’t be opened. You should move it to the Bin.
This is weird to me for multiple reasons. When I compare(with the diff command) the file to the original file in the package I sent to App Store Connect, there is no difference at all. And when I manually replace the broken file in the /private/var/folders/... directory with the working one, the file still gets marked as damaged, even though it worked a second earlier outside of that location.
The file actually gets copied to two other places as well.
1:
/private/var/folders/cs/bqb_3kr17f35kbtv34cw7s700000gn/T/<AppBundleID>/231c5cdb259220476539382411.tmp
This also is on a byte level the exactly same file as libgdx64.dylib.
2:
/Users/mayr/Library/Containers/69A9AB69-9ECB-4B55-A715-1A28FC7168B6/Data/.libgdx/231c5cdb/libgdx64.dylib
This location specifically seems to be a App Sandbox location, so I suppose the whole problem has to do with the Sandbox.
More Context:
The file libgdx64.dylib originally lives in a jar file in the Apps Resources folder. The file belongs to a java game engine framework, called libgdx. I have signed it myself and the signature persists, even to the 3 broken files.
No other files neither in my own code, nor from the framework, get copied anywhere. Only this specific dylib behaves this way.
When I click "OK" on the first popup, two others appear, for the other two files I mentioned earlier. If I say OK to all of them and approve all of them in the System Settings -> Security & Privacy Settings, the app starts as it normally would. So maybe it is also a signing issue, but as I wrote, I signed the file and the signature is visible on the broken files.
The file
libgdx64.dyliboriginally lives in a jar file in the Apps Resources folder.
This won’t fly on the Mac App Store. When you submit an app to the Mac App Store, you sign it with your distribution signing identity (either Apple Distribution, aka Apple Distribution: TTT, or Mac App Distribution, 3rd Party Mac Developer Application: TTT, where TTT identifies your team). The App Store ingestion process uses the resulting code signature to confirm that your code was signed by your and arrived intact. However, it doesn’t ship that version of your app to customers. Rather, it re-signs the app use in Apple signing identity.
You can confirm this with codesign:
% codesign -d -vv "/Applications/Tap Forms 5.app"
…
Authority=Apple Mac OS Application Signing
…
Note that the certificate in the signature is Apple Mac OS Application Signing, which looks nothing like the distribution signing identities I referenced above.
For this to work the App Store ingestion process has to be able to ‘see’ all the code in your app. If you stash code away in an archive, the App Store can’t re-sign it and you end up with problems like this.
There isn’t any way for you to fix this in your code signature, because you don’t have access to the Apple Mac OS Application Signing identity. The only solution is for you to change your app’s structure so that all code is visible to the App Store.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"