Passkey from my macOS Credential Provider Extension is not being offered by AutoFill

App & System Services Core OS
jeremy.a.bannister OP
Created Jan ’24
Replies 15
Boosts 0
Views 2.9k
Participants 2

I am developing a Mac app which provides a Credential Provider extension and I'm having trouble with passkey integration. I wrote here about the issue I'm having with the iOS app. On the Mac I'm experiencing a different issue. As opposed to the iOS app (where I'm not even able to use my extension to create a new passkey in the first place) on the Mac I'm able to use my extension to create a passkey. I save the credential identity into the system AutoFill suggestions store without error. The problem is that when I attempt to authenticate on the same site the system does not offer my app's credential as a suggestion. Standard passwords are working fine. Can anyone help me understand how I can troubleshoot this type of problem?

Thanks!

-Jeremy

Replies  15
Boosts  0
Views  2.9k
Participants  2
jeremy.a.bannister OP
Feb ’24

Is there any information that I could add here to make this request more actionable? Is there anything I could clarify either about the information at hand or about what it is I’m asking? Thanks very much 🙏

0
Systems Engineer OP
Apple
Mar ’24

Hi Jeremy, you have two good options for how to proceed:

  1. You can try to debug this issue yourself. A good starting point is to look at the passkey logs, through something like log stream --predicate 'category == "Authorization" AND subsystem contains "com.apple.AuthenticationServices"' in the terminal. If it's a simple fix on your side, this may be enough and will likely be the fastest option.

  2. You can file this through Feedback Assistant and we can take a look ourselves. If you can take a screen recording showing the issue, then trigger capture of the logs through Feedback Assistant shortly after, we'll get those same logs (albeit a more redacted version than what you saw, for privacy reasons), and can match the timestamps in the logs with those in the screen recording to figure out exactly what's going on.

0
jeremy.a.bannister OP
Mar ’24

Thanks so much for getting back to me @garrett-davidson . I've filed a request through the Feedback Assistant, and I hope you don't mind that I also ask you a little bit more in this thread.

Firstly, the passkey logs via the terminal didn't yield anything very informative (I've pasted the logs all the way at the bottom).

Secondly, I realized that in my original post I didn't mention that there is a potentially relevant error that appears in the system console when I attempt to authenticate using the newly created passkey:

error	15:12:15.084213+0100	AuthenticationServicesAgent	0	<Missing Description>	No matched credentials are found in the platform attached authenticator.

Here is the error in the context of the surrounding console errors (just in case any of these other errors reveal something that I'm not picking up on):

error	15:12:15.082058+0100	nfcd	0	Logging	-[_NFHardwareManager listener:shouldAcceptNewConnection:]:84 PID 1573 () missing entitlement: com.apple.nfcd.hwmanager

error	15:12:15.082315+0100	AuthenticationServicesAgent	0	Logging	-[NFHardwareManager updateHWSupportWithXPC:waitForInit:]:361 Failed to get HW support : Error Domain=NSCocoaErrorDomain Code=4097 "connection to service named com.apple.nfcd.hwmanager" UserInfo={NSDebugDescription=connection to service named com.apple.nfcd.hwmanager}

error	15:12:15.082503+0100	nfcd	0	Logging	-[_NFHardwareManager listener:shouldAcceptNewConnection:]:84 PID 1573 () missing entitlement: com.apple.nfcd.hwmanager

error	15:12:15.082819+0100	nfcd	0	Logging	-[_NFHardwareManager listener:shouldAcceptNewConnection:]:84 PID 1573 () missing entitlement: com.apple.nfcd.hwmanager

error	15:12:15.082673+0100	AuthenticationServicesAgent	0	Logging	-[NFHardwareManager updateHWSupportWithXPC:waitForInit:]:361 Failed to get HW support : Error Domain=NSCocoaErrorDomain Code=4097 "connection to service named com.apple.nfcd.hwmanager" UserInfo={NSDebugDescription=connection to service named com.apple.nfcd.hwmanager}

error	15:12:15.082986+0100	AuthenticationServicesAgent	0	Logging	-[NFHardwareManager controllerInfoWithError:]:558 Error Domain=NSCocoaErrorDomain Code=4097 "connection to service named com.apple.nfcd.hwmanager" UserInfo={NSDebugDescription=connection to service named com.apple.nfcd.hwmanager}

error	15:12:15.084213+0100	AuthenticationServicesAgent	0	<Missing Description>	No matched credentials are found in the platform attached authenticator.

error	15:12:15.101763+0100	pkd	2232554	ls	could not create extension point record for <private>: Error Domain=NSOSStatusErrorDomain Code=-10814 UserInfo={_LSLine=85, _LSFunction=<private>}

error	15:12:15.309050+0100	com.apple.WebKit.WebContent	0	ProcessSuspension	0x10a040100 - [sessionID=9223372036854775944] WebProcess::markAllLayersVolatile: Failed to mark layers as volatile for webPageID=37958

error	15:12:15.724853+0100	CredentialProviderExtensionHelper	2232557	NSExtension	errors encountered while discovering extensions: Error Domain=PlugInKit Code=13 "query cancelled" UserInfo={NSLocalizedDescription=query cancelled}

I'll finish by briefly breaking down my understanding of the situation, in the hopes that it can narrow down the conversation:

  1. My extension's Info.plist contains NSExtension -> NSExtensionAttributes -> ASCredentialProviderExtensionCapabilities -> ProvidesPasskeys: YES, which is demonstrably working as evidenced by the fact that I can use my extension to create a passkey via a webpage (google.com, for example).

  2. When creating a passkey, the system invokes prepareInterfaceToProvideCredential(for credentialRequest: ASCredentialRequest) on my extension, passing in a value which I am successfully able to cast as an ASPasskeyCredentialRequest.

  3. My job is then to create the passkey, save it according to the business rules of my app, insert the corresponding credential identity into the ASCredentialIdentityStore, and finally call extensionContext.completeAssertionRequest(using:) passing in an ASPasskeyAssertionCredential that contains a correctly formatted binary blob of authenticatorData (among other things).

Based on my current knowledge and understanding, it seems to me that the only possible point of failure that could cause what I'm seeing is that, despite the ASCredentialIdentityStore accepting the credential identity without error, there is some issue with that identity which is causing it to not be recognized when I subsequently attempt to authenticate with the corresponding passkey. The main point I'm making here is that I think that if the authenticatorData binary blob is accepted by google.com and leads to a new passkey being added to my Google account, then that's not where the problem could lie. Is that a correct assumption? When I call extensionContext.completeAssertionRequest(using:) after creating the passkey does the system remember things about the ASPasskeyAssertionCredential that I pass in that could lead to my extension not being offered in the system modal when I try to authenticate later?

Thank you so much for any advice/feedback you can offer me - I've been stuck with this issue for quite a long time now and I'll feel so relieved when I have resolved it.

Very best,

Jeremy

Passkey Logs from terminal command

AuthenticationServicesAgent: (AuthenticationServicesCore)
[com.apple.AuthenticationServicesCore:Authorization] Initializing ASCAgent 0x1826a1e30.
1573
AuthenticationServicesAgent:
AuthenticationServicestore
[com.apple.AuthenticationServicesCore:Authorization] Received connection from com.apple.Safari
1573
AuthenticationServicesAgent:
(AuthenticationServicesCore) [com.apple.AuthenticationServicesCore:Authorization] Allowing request from web browser.

AuthenticationServicesAgent:
(AuthenticationServices) [com.apple.AuthenticationServices:Authorization] Beginning operation 6363A0C7-039-4FDC-A650-31912795FEE5 for com.apple.Safari.
1573
AuthenticationServicesAgent:
(AuthenticationServices)
[com.apple.AuthenticationServices:Authorization] Creating panel 0x103d2f5b0 for 6363A0C7-039-4FDC-A650-31912795FEE5.
0
Systems Engineer OP
Apple
Mar ’24

after creating the passkey does the system remember things about the ASPasskeyAssertionCredential that I pass in

No, the system only uses what you tell ASCredentialIdentityStore.

error 15:12:15.084213+0100 AuthenticationServicesAgent 0 <Missing Description> No matched credentials are found in the platform attached authenticator.

This error (which happens to be coming from an open source part of the implementation) most likely means there's an issue with the request coming from the website, specifically related to the allowCredentials argument. Something about the contents of allowCredentials told the system not to allow local passkeys. You can see all the conditions in produceHashSet near the top of that file.

0
jeremy.a.bannister OP
Mar ’24

Thank you! This is very encouraging. Being able to see the code that is deciding to throw this error makes the task of resolving the issue feel much more in my control. I'll add that I'm experiencing this error on google.com and kayak.com, which are the main two sites that I'm testing with so far.

Is there any way to step through the WebKit code as it executes or in any way gain access to the values of some the variables in play in that section of the code? If not it still seems like it may be enough of a lead to allow me to research my way to a solution, but some live inspection of values would presumably be extremely enlightening.

Thanks for everything.

0
Systems Engineer OP
Apple
Mar ’24

Unfortunately your options are pretty limited for introspecting things once they get here. You'll likely have better luck either using Web Inspector to look at the JavaScript invocation that those sites are making, or looking at the system logs which should show most or all of the relevant parameters. You may also want to try a WebAuthn test site like webauthn.me or webauthn.io, which give you control over all the arguments and let you inspect the outputs.

0
jeremy.a.bannister OP
Mar ’24

Thank you @garrett-davidson, your various pieces of insight and advice both emboldened and empowered me to figure out the mistake I was making, and that problem is now resolved... 🎉

However, I have run into a new error which has left me with a new question that I would love your feedback on if you're willing.

Now, the system recognizes that my extension can provide the passkey, and therefore the system modal displays my app icon and allows me to proceed. It shows my extension UI which prompts the user to authenticate. After my extension has called extensionContext.completeAssertionRequest(using:) the webpage tells me that an error has occurred.

In the system console I see only this error:

Assertion failed: Error Domain=WKErrorDomain Code=31 "(null)"

I tried searching for the string "Assertion failed" in WebKit, and found three results but none of them seemed like the source of the error.

This error does not appear when I authenticate on webauthn.me, so I am limited in terms of the feedback I receive about what exactly is going wrong.

At the moment the only lead I have in mind is that I realized that the ASPasskeyCredentialRequest value that my extension receives does not have any property named challenge or anything similar. It has clientDataHash which comes with a documentation comment Hash of client data for credential provider to sign as part of the assertion/registration operation., so that's what I am currently signing with the passkey. The ASPasskeyAssertionCredential that my extension passes to extensionContext.completeAssertionRequest(using:) contains the signature, and the documentation for that property describes it as the signature for the assertion challenge.. I'm hoping that I'm signing the wrong thing and that that is why the assertion is failing.

Is there some other place that I'm supposed to be accessing the challenge data?

Thanks so much for all of your help so far and any more help that you provide.

0
Systems Engineer OP
Apple
Mar ’24

Error code 31 is NotAllowedError. If you search NotAllowedError in the WebAuthn spec, there are many different conditions that can trigger it, and the spec intentionally tells browsers not to provide much information for user privacy.

Off the top of my head I don't think an invalid signature will result in a NotAllowedError. It's likely that some other part of your response is invalid (maybe the relying party?).

0
jeremy.a.bannister OP
Mar ’24

Thank you, this is very helpful. So far it hasn't led me any obvious answers, but I'll keep investigating.

At first glance:

If I understand correctly, the error would be coming from the authenticatorGetAssertion operation. In the specification, there seem to be only two possible triggers:

Step 6: If credentialOptions is now empty, return an error code equivalent to "NotAllowedError" and terminate the operation.

or step 7, which ends in: If the user does not consent, return an error code equivalent to "NotAllowedError" and terminate the operation.

I think that the fact that the system modal offers the passkey via my extension means that step 6 should not be triggering an error.

Regarding step 7, the flags I'm returning have both bit 0 ("User Present") and bit 2 ("User Verified") set to true. Perhaps those two bits are not necessarily sufficient to prevent the error from being thrown in step 7?

I just thought I'd write this here in case it reveals some obvious flaw in my reasoning that's easy for you to spot and point out. Thanks for everything.

0
Systems Engineer OP
Apple
Mar ’24

You'll also need at least the Backup Eligible and Backup State bits set to true as well. Your extension should have received an error if those weren't set, but I'm not immediately sure how that would manifest to the website.

0
jeremy.a.bannister OP
Mar ’24

These are the flags I'm passing:

generateAuthDataFlags(
    userIsPresent: true,
    userHasBeenVerified: true,
    passkeyIsEligibleForBackup: true,
    passkeyIsBackedUp: true,
    includesAttestedCredentialData: false,
    includesExtensionData: false
)

where the function is defined as:

func generateAuthDataFlags(
    userIsPresent: Bool,
    userHasBeenVerified: Bool,
    passkeyIsEligibleForBackup: Bool,
    passkeyIsBackedUp: Bool,
    includesAttestedCredentialData : Bool,
    includesExtensionData: Bool
) -> UInt8 {
    
    ///
    UInt8(0b00000000)
        .plus(userIsPresent ?                  0b00000001 : 0)
        .plus(false ?                          0b00000010 : 0)
        .plus(userHasBeenVerified ?            0b00000100 : 0)
        .plus(passkeyIsEligibleForBackup ?     0b00001000 : 0)
        .plus(passkeyIsBackedUp ?              0b00010000 : 0)
        .plus(false ?                          0b00100000 : 0)
        .plus(includesAttestedCredentialData ? 0b01000000 : 0)
        .plus(includesExtensionData ?          0b10000000 : 0)
}

Also, you mentioned that the relying party identifier could be wrong, but I'm simply taking the value directly from the incoming ASPasskeyCredentialRequest.credentialIdentity.relyingPartyIdentifier.

Again, I'm providing additional info just in case the answer to my problem occurs to you easily, since you've been generously helping me debug this, not because I'm expecting you to wrack your brain trying to find the needle in my haystack from afar.

0
jeremy.a.bannister OP
Mar ’24

There is actually one more error message that shows up in the console that I hope might quickly lead to the answer of how to solve this (hopefully final) roadblock:

Request cancelled due to AuthenticatorManager::cancelRequest being called.

This message appears directly after the other message I mentioned: Assertion failed: Error Domain=WKErrorDomain Code=31 "(null)". They are separated by about half a second.

I believe the second error message is coming from this function that I found in WebKit:

void AuthenticatorManager::cancelRequest()
{
    invokePendingCompletionHandler(ExceptionData { ExceptionCode::NotAllowedError, "This request has been cancelled by the user."_s });
    RELEASE_LOG_ERROR(WebAuthn, "Request cancelled due to AuthenticatorManager::cancelRequest being called.");
    clearState();
    m_requestTimeOutTimer.stop();
}

@garrett-davidson, if you're willing, please let me know if you know of anything that I should check for that would cause this function to be called.

My extension initially invokes extensionContext.cancel(withErrorCode: .userInteractionRequired) to trigger the UI to appear, but that is not when the error appears. It is after my extension calls extensionContext.completeAssertionRequest(using:) that the message appears. I am not waiting a long time to trigger this call, so I don't think that any timeouts are being reached. After completing the assertion request, my extension does not invoke the cancel function itself. I'm experiencing this on google.com, and I doubt that they're accidentally invoking the cancel function in a place where they shouldn't. Note that the same error appears in the console if I click "Cancel" on the initial system modal instead of clicking "Continue" in order to summon my extension.

One final possible-relevant clue that I'll mention is that when I initiate the authentication operation I am actually still seeing the error:

No matched credentials are found in the platform attached authenticator.

despite the fact that the system modal successfully identifies my extension as having the requested passkey and allows me to proceed.

Thank you for reading 🙏

0
jeremy.a.bannister OP
Mar ’24

P.S. You said in your last reply: "Your extension should have received an error if those weren't set" but I'm not aware of how errors are propagated back to my extension. extensionContext.completeAssertionRequest(using:) is not a throwing function, and the completion handler variant does not pass any error value into the completion handler. If there's some mechanism for receiving errors in my extension that I am unaware of I would love to know about it!

0
jeremy.a.bannister OP
Mar ’24

Here I've attached the system logs that lead up to the failure, in the hopes that the golden nugget of insight that I so desperately need is in there...

The very last line is the one I mentioned above:

error 14:02:18.222529+0100 AuthenticationServicesAgent 19621528 <Missing Description> Request cancelled due to AuthenticatorManager::cancelRequest being called.

Scrolling upward (backwards in time) from that last line there are a number of logs that seem to me potentially relevant.

For example:

  1. default 14:02:18.222589+0100 CredentialProvider-macOS 0 connection [0x12a8c5b50] invalidated after getting a no-senders notification - client is gone

  2. default 14:02:18.222505+0100 AuthenticationServicesAgent 19593644 Authorization Received internal cancel. Dropping.

  3. default 14:02:18.222248+0100 AuthenticationServicesAgent 19593645 Authorization Asked to cancel operation 0420A06B-1595-4B97-9FB9-6915EA2EDDD8, override error: Error Domain=com.apple.AuthenticationServicesCore.AuthorizationError Code=12 "(null)"

default	14:02:18.205210+0100	corebrightnessd	0	default	key = CBUserAuthentication | property = 0 | result = 0
default	14:02:18.205012+0100	coreauthd	0	connection	[0x130e2f790] invalidated on xpc_connection_cancel()
default	14:02:18.205383+0100	coreauthd	0	Server,Interactive	 dropped (mechanism finished)
debug	14:02:18.205378+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalytics matchEventFinished save _preArmedMatchEvent
debug	14:02:18.205411+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalytics stopBioOperation
default	14:02:18.205509+0100	coreauthd	0	MechanismUI	  on 
debug	14:02:18.205435+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalyticsDailyEvent dictionaryRepresentation
debug	14:02:18.205455+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalyticsDailyEvent calculateDailyValues
error	14:02:18.205491+0100	biometrickitd	0	Daemon-Common	BiometricKitCoreAnalyticsEvent(com.apple.biometrickit.mesa.dailyUpdate) valueForUndefinedKey: quickTapsCount
debug	14:02:18.205521+0100	biometrickitd	0	Daemon-Common	BiometricKitCoreAnalyticsEvent(com.apple.biometrickit.mesa.dailyUpdate) dictionaryRepresentation: 1
default	14:02:18.206337+0100	loginwindow	0	Standard	-[SessionAgentCom SACRemoveAssertScreenLockViaTouchIDBlocked:] | Enter
default	14:02:18.206728+0100	loginwindow	0	Standard	-[SessionAgentCom SACRemoveAssertScreenLockViaTouchIDBlocked:] |   sent by pid: 32835, name: coreautha
default	14:02:18.206758+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | clearTouchIDBlockScreenLockAssertionForClient: coreautha, with PID: 32835
debug	14:02:18.205627+0100	coreauthd	0	Server	 returned {
    14 = 1;
    7 = {length = 32, bytes = 0x2121e804 8e297774 bff66129 395eacd5 ... 993a4f84 d988167e };
    1 = 1;
    8 = 501;
}
default	14:02:18.206782+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | assertion timeout set to 3.000000 seconds from now
debug	14:02:18.206139+0100	coreauthd	0	AuthenticationManager	authentication completed: 
default	14:02:18.206865+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | current assertions: {
    17957 = "732402866.2295229";
    21858 = "732409330.1520129";
    24003 = "732411422.225437";
    30297 = "732458341.534927";
    32835 = "732459681.206804";
    7675 = "732400066.124355";
}
debug	14:02:18.205820+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalytics matchAttemptFinished: 1
default	14:02:18.205832+0100	coreautha	0	LAAssertions	TouchID assertion internal release for MechanismTouchId[714](par:717) of  from 2024-03-18 13:02:17 +0000 successful, 0 active assertions: (
)
default	14:02:18.206212+0100	coreauthd	0	Server,Interactive	MechanismUI[717] has finished with {
    14 = 1;
    7 = {length = 32, bytes = 0x2121e804 8e297774 bff66129 395eacd5 ... 993a4f84 d988167e };
    1 = 1;
    8 = 501;
}
default	14:02:18.206890+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | returning: 0
default	14:02:18.206226+0100	CredentialProvider-macOS	19621528	Client,Interactive	evaluatePolicy on LAContext[4:361:7682] cid:8 returned {
    14 = 1;
    7 = {length = 32, bytes = 0x2121e804 8e297774 bff66129 395eacd5 ... 993a4f84 d988167e };
    1 = 1;
    8 = 501;
}
debug	14:02:18.205852+0100	biometrickitd	0	Daemon-Statistics	-[BiometricKitDStatistics matchAttemptFinished:]: 1
debug	14:02:18.207334+0100	kernel	0		AppleBiometricServicesUserClient::externalMethod <- selector:0, arguments:, dispatch:0x0, target:0x0, reference:0x0
debug	14:02:18.205893+0100	coreautha	0	LAAssertions	TouchID Assertion timer stopped.
default	14:02:18.206356+0100	coreauthd	0	Server,Interactive	MechanismTouchId[714](par:717) has finished with {
    14 = 1;
    7 = {length = 32, bytes = 0x2121e804 8e297774 bff66129 395eacd5 ... 993a4f84 d988167e };
    1 = 1;
    8 = 501;
}
default	14:02:18.206180+0100	corebrightnessd	0	connection	[0x14ae1b1c0] invalidated after getting a no-senders notification - client is gone
default	14:02:18.206913+0100	loginwindow	0	Standard	-[SessionAgentCom SACRemoveAssertScreenLockViaTouchIDBlocked:] | returning success
debug	14:02:18.205916+0100	coreautha	0	LAAssertions	Will release TouchID assertion for MechanismTouchId[714](par:717) of  from 2024-03-18 13:02:17 +0000.
debug	14:02:18.205955+0100	biometrickitd	0	Daemon-Mesa	vibrate: 1
debug	14:02:18.207364+0100	kernel	0		AppleBiometricServicesUserClient::extPerform <- inObj:, inRef:, inArg:
default	14:02:18.206389+0100	coreauthd	0	BackoffCounter	  on 
debug	14:02:18.206698+0100	secd	19624533	serverxpc	XPC [CredentialProvid[33307]/1#10 LF=0] operation: copy_matching (1)
default	14:02:18.206106+0100	coreautha	0	SA_ScreenSaver	SACRemoveAssertScreenLockViaTouchIDBlocked:214: enter
default	14:02:18.207377+0100	kernel	0		AppleBiometricServicesUserClient::extPerform: in md =  out md =   out md size 4096
debug	14:02:18.206618+0100	launchservicesd	0	cas	MESSAGE: reply={cacheable=false, result={ApplicationType="UIElement", ChangeCount=529, LSApplicationHasSignalledItIsReady=true, LSDisplayName="coreautha", pid=32835, }, success=true, } (for client 190)
debug	14:02:18.205980+0100	biometrickitd	0	Daemon-Common	saveBioLockoutRecord
debug	14:02:18.206552+0100	CredentialProvider-macOS	19624533	xpc	flagAlways:false inEduMode:false flagOld:false
default	14:02:18.207093+0100	coreautha	0	SA_ScreenSaver	SACRemoveAssertScreenLockViaTouchIDBlocked:222: exit: result = 0
debug	14:02:18.207381+0100	kernel	0		AppleBiometricServices::performCommand <- inData:, outData:, outSize: --> _provider->performCommand
default	14:02:18.207138+0100	coreauthd	0	BackoffCounter	failures: 0, retryTime: (null)
debug	14:02:18.206015+0100	biometrickitd	0	Daemon-Mesa	performSaveBioLockoutRecordCommand: 0x12e722100
debug	14:02:18.206562+0100	CredentialProvider-macOS	19624533	xpc	not using system keychain
default	14:02:18.207129+0100	coreautha	0	LAAssertions	TouchID assertion release for MechanismTouchId[714](par:717) of  from 2024-03-18 13:02:17 +0000 successful, 0 active assertions: (
)
debug	14:02:18.207384+0100	kernel	0		IOBiometricService::performCommand <- inData:, outData:, outSize: --> performCommandGated
debug	14:02:18.206038+0100	biometrickitd	0	Daemon-Mesa	performCommand:inValue:inData:inSize:outData:outSize: --> performCommand:version:inValue:inData:inSize:outData:outSize:
default	14:02:18.207190+0100	coreauthd	0	BackoffCounter	 failures: 0, retryTime: (null) on 
default	14:02:18.207598+0100	coreautha	0	LAAuthMechanismUI	-[LAAuthMechanismUI dismissRemoteUIWasInvalidated:completionHandler:]  on 
debug	14:02:18.207324+0100	CredentialProvider-macOS	19624532	secpref	force=false mForceReloadEmptyFile=false prefsPath=/Users/jeremybannister/Library/Preferences/com.apple.security.plist
debug	14:02:18.207390+0100	kernel	0		IOBiometricService::performCommandGated <- inData:, outData:, outSize:
debug	14:02:18.206059+0100	biometrickitd	0	Daemon-Mesa	performCommand:version:inValue:inData:inSize:outData:outSize: 74 1 0 0x0 0 0x12f024e00 0x16f662408
debug	14:02:18.207241+0100	coreauthd	0	User Defaults	CFPrefsPlistSource<0x130f0b2f0> (Domain: com.apple.coreauthd, User: kCFPreferencesCurrentUser, ByHost: No, Container: (null), Contents Need Refresh: No) skipping setting already-present value for key failures
default	14:02:18.207624+0100	coreautha	0	LAAuthMechanismUI	Executing disappearBlock
debug	14:02:18.207343+0100	CredentialProvider-macOS	19624532	secpref	force=false mForceReloadEmptyFile=false prefsPath=/Library/Preferences/com.apple.security-common.plist
debug	14:02:18.207398+0100	kernel	0		performSpecificCommandGated <- cmd:, payload:, payloadSize:0 outData:, outSize:
debug	14:02:18.207052+0100	biometrickitd	0	User Defaults	setting  in CFPrefsPlistSource<0x12e70ad40> (Domain: com.apple.biometrickitd, User: kCFPreferencesAnyUser, ByHost: Yes, Container: (null), Contents Need Refresh: No)
default	14:02:18.207668+0100	coreautha	0	LAAuthMechanismUI	-[LAAuthMechanismUI _performOnMainQueueWhenAppeared:]_block_invoke  on 
debug	14:02:18.207288+0100	coreauthd	0	User Defaults	CFPrefsPlistSource<0x130f0b2f0> (Domain: com.apple.coreauthd, User: kCFPreferencesCurrentUser, ByHost: No, Container: (null), Contents Need Refresh: No) skipping setting already-present value for key retryTime
debug	14:02:18.207447+0100	CredentialProvider-macOS	19624532	dbsession	0x129728010 DataGetFirst(12a833fa0)
default	14:02:18.207402+0100	kernel	0		performSpecificCommandGated: command:SaveBioLockoutRecord (74), value:0, inLength:0, outLength:4096
debug	14:02:18.206479+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalytics stopBioOperation
default	14:02:18.207689+0100	coreautha	0	LAAuthMechanismUI	Dismissing dialog.
default	14:02:18.207396+0100	coreauthd	0	Server,Interactive	Dismissing <_NSXPCDistantObject: 0x130e23230> that belongs to MechanismUI[717], index:11
debug	14:02:18.207514+0100	CredentialProvider-macOS	19624532	handleobj	create 0x12af2192e for 0x12af21b20
default	14:02:18.207406+0100	kernel	0		sepTransactToIOMD <- command:0x70, inData:0x0, inDataSize:0, outData:, outOptBytesWritten:, flags:0x0
debug	14:02:18.207751+0100	biometrickitd	0	Daemon-Statistics	-[BiometricKitDStatistics cancel]: O:2 - M:3 - U:0 - _fO:1 - _hmr:1 - _wfmr:0, _client:
default	14:02:18.207706+0100	coreautha	0	LAAuthMechanismUI	-[LAAuthMechanismUI destroy]  on 
default	14:02:18.207673+0100	coreauthd	0	AuthenticationManager	clearing authentication: 
debug	14:02:18.207659+0100	CredentialProvider-macOS	19624532	dbsession	0x12a855dc0 DataGetFirst(12a990848)
debug	14:02:18.207775+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalytics matchOperationFinished: 0
default	14:02:18.207410+0100	kernel	0		AppleSEPGenericTransfer::transactToIOMD: command:0x70, inData:0x0, inDataSize:0, outData:, outOptBytesWritten:, flags:0x0
default	14:02:18.207782+0100	coreautha	0	LAAuthMechanismUI	-[LAAuthMechanismUI _destroyDialog]  on 
debug	14:02:18.207765+0100	CredentialProvider-macOS	19624532	handleobj	create 0x11f7e494f for 0x11f7e4b40
debug	14:02:18.207956+0100	biometrickitd	0	Daemon-Statistics	-[BiometricKitDStatistics matchOperationFinished:]: _matchOpInProgress: 0
default	14:02:18.207413+0100	kernel	0		AppleSEPGenericTransfer::transact: command:0x70, inData:0x0, inLength:0, outDataOut:, outLength:, flags:0x0
default	14:02:18.207926+0100	coreautha	0	LAAuthDialogController	-[LAAuthDialogController invalidate]  on 
debug	14:02:18.207418+0100	kernel	0		AppleSEPGenericTransfer::getEndpoint: -> 0,
debug	14:02:18.207984+0100	biometrickitd	0	Daemon-Mesa	MesaCoreAnalytics matchEventFinished
default	14:02:18.207421+0100	kernel	0		AppleSEPGenericTransfer::sendRawMessage: Message to SEP, request = 0xfc, command = 0x70, 0: 0 = 0 + 0
default	14:02:18.208034+0100	coreautha	0	LAAuthDialogController	-[LAAuthDialogController closeDialog]  on 
debug	14:02:18.207916+0100	cfprefsd	0	cfprefsd	Process 32735 (biometrickitd) sent a request related to { com.apple.biometrickitd, user: kCFPreferencesAnyUser, kCFPreferencesCurrentHost, /Library/Preferences/com.apple.biometrickitd.plist, managed: 0 } (0x13b706200)
debug	14:02:18.208383+0100	secd	19624535	serverxpc	XPC [CredentialProvid[33307]/1#10 LF=0] operation: copy_matching (1)
debug	14:02:18.208128+0100	CredentialProvider-macOS	19624535	xpc	flagAlways:false inEduMode:false flagOld:false
debug	14:02:18.208105+0100	coreautha	0	LAUnmanagedWindowSpace	Unmanaged screen space does not exist. Cannot remove window (41153).
debug	14:02:18.208098+0100	cfprefsd	0	cfprefsd	Process 32735 (biometrickitd) wrote the key(s) com.apple.biometrickit.mesa.dailyUpdate in { com.apple.biometrickitd, kCFPreferencesAnyUser, kCFPreferencesCurrentHost, /Library/Preferences/com.apple.biometrickitd.plist, managed: 0 }
debug	14:02:18.208760+0100	kernel	0		AppleBiometricServicesUserClient::externalMethod <- selector:0, arguments:, dispatch:0x0, target:0x0, reference:0x0
error	14:02:18.208271+0100	biometrickitd	0	Daemon-Mesa	AssertMacros: _currentEvent == _matchEvent (value = 0x0),  file: /AppleInternal/Library/BuildRoots/306e25c1-8def-11ee-9dfa-cedaeb4cabe2/Library/Caches/com.apple.xbs/Sources/Mesa_NonUI/AppleBiometricServices/MesaCoreAnalytics/MesaCoreAnalytics.m, line: 392
debug	14:02:18.208213+0100	DTServiceHub	0		Data Size: 0, Rows Sent: 0, Stack depth: 12
debug	14:02:18.208214+0100	CredentialProvider-macOS	19624535	xpc	not using system keychain
default	14:02:18.208075+0100	coreauthd	0	connection	[0x132208e50] invalidated on xpc_connection_cancel()
default	14:02:18.208208+0100	coreautha	0	Window	window LAAuthWindow a0c1 finishing close
debug	14:02:18.208784+0100	kernel	0		AppleBiometricServicesUserClient::extPerform <- inObj:, inRef:, inArg:
debug	14:02:18.208707+0100	biometrickitd	0	Daemon-Mesa	performCommand:inValue:inData:inSize:outData:outSize: --> performCommand:version:inValue:inData:inSize:outData:outSize:
debug	14:02:18.208740+0100	CredentialProvider-macOS	19624534	secpref	force=false mForceReloadEmptyFile=false prefsPath=/Users/jeremybannister/Library/Preferences/com.apple.security.plist
default	14:02:18.208313+0100	coreauthd	0	Server,Environment	Assertions XPC connection was invalidated.
debug	14:02:18.208327+0100	coreautha	0	User Defaults	found no value for key NSAutomaticWindowAnimationsEnabled in CFPrefsSearchListSource<0x600000b41ef0> (Domain: com.apple.LocalAuthentication.UIAgent, Container: (null))
default	14:02:18.208797+0100	kernel	0		AppleBiometricServicesUserClient::extPerform: in md =  out md = 0x0  out md size 0
debug	14:02:18.208731+0100	biometrickitd	0	Daemon-Mesa	performCommand:version:inValue:inData:inSize:outData:outSize: 12 1 0 0x0 0 0x0 0x0
debug	14:02:18.208759+0100	CredentialProvider-macOS	19624534	secpref	force=false mForceReloadEmptyFile=false prefsPath=/Library/Preferences/com.apple.security-common.plist
debug	14:02:18.208381+0100	coreauthd	0	default	BSCI dealloc
default	14:02:18.208456+0100	coreautha	0	connection	[0x157b49eb0] invalidated after getting a no-senders notification - client is gone
debug	14:02:18.208801+0100	kernel	0		AppleBiometricServices::performCommand <- inData:, outData:0x0, outSize: --> _provider->performCommand
default	14:02:18.208414+0100	coreauthd	0	default	Register notification block
debug	14:02:18.208801+0100	CredentialProvider-macOS	19624534	dbsession	0x129728010 DataGetFirst(12a833fa0)
debug	14:02:18.208899+0100	biometrickitd	0	Daemon-Mesa	performCommand:version:inValue:inData:inSize:outData:outSize: -> [0: Success]
default	14:02:18.208550+0100	coreautha	0	LAAssertions	Will release 0 outstanding TouchID assertions: (
)
debug	14:02:18.208805+0100	kernel	0		IOBiometricService::performCommand <- inData:, outData:0x0, outSize: --> performCommandGated
default	14:02:18.209304+0100	loginwindow	0	Standard	-[SessionAgentCom SACRemoveAssertScreenLockViaTouchIDBlocked:] | Enter
debug	14:02:18.208925+0100	biometrickitd	0	Daemon-Common	cancelWithClient: -> 0
debug	14:02:18.208817+0100	CredentialProvider-macOS	19624534	handleobj	create 0x121142260 for 0x121142070
debug	14:02:18.208635+0100	coreautha	0	LAAssertions	Will release TouchID assertion for dropOutstandingTouchIdAssertions.
debug	14:02:18.208808+0100	kernel	0		IOBiometricService::performCommandGated <- inData:, outData:0x0, outSize:
debug	14:02:18.208838+0100	CredentialProvider-macOS	19624534	dbsession	0x12a855dc0 DataGetFirst(12a990848)
debug	14:02:18.208849+0100	CredentialProvider-macOS	19624534	handleobj	create 0x121142261 for 0x121142070
debug	14:02:18.208817+0100	kernel	0		performSpecificCommandGated <- cmd:, payload:, payloadSize:0 outData:0x0, outSize:
default	14:02:18.209145+0100	coreautha	0	SA_ScreenSaver	SACRemoveAssertScreenLockViaTouchIDBlocked:214: enter
debug	14:02:18.209505+0100	launchservicesd	0	cas	MESSAGE: reply={cacheable=false, result={ApplicationType="UIElement", ChangeCount=529, LSApplicationHasSignalledItIsReady=true, LSDisplayName="coreautha", pid=32835, }, success=true, } (for client 190)
default	14:02:18.208821+0100	kernel	0		performSpecificCommandGated: command:Cancel (12), value:0, inLength:0, outLength:0
default	14:02:18.209630+0100	loginwindow	0	Standard	-[SessionAgentCom SACRemoveAssertScreenLockViaTouchIDBlocked:] |   sent by pid: 32835, name: coreautha
debug	14:02:18.208823+0100	kernel	0		IOBiometricService::lockCommandAccess <-
default	14:02:18.209665+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | clearTouchIDBlockScreenLockAssertionForClient: coreautha, with PID: 32835
debug	14:02:18.208827+0100	kernel	0		checkSensorState <- msDelay:0
default	14:02:18.209690+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | assertion timeout set to 3.000000 seconds from now
debug	14:02:18.208836+0100	kernel	0		IOBiometricService::unlockCommandAccess <-
debug	14:02:18.208837+0100	kernel	0		performSpecificCommandGated -> err:0x0
debug	14:02:18.208839+0100	kernel	0		IOBiometricService::performCommandGated -> err:0x0
debug	14:02:18.208857+0100	kernel	0		sensorStateHandler <- sender: (_commandMode:1, _sensorState:5, _sensorErrorCounter:0)
debug	14:02:18.208859+0100	kernel	0		lockSensorAccess <- _sensorAccessState:0
debug	14:02:18.208863+0100	kernel	0		unlockSensorAccess <- _sensorAccessState:1
debug	14:02:18.208864+0100	kernel	0		sensorStateHandler -> void
debug	14:02:18.208865+0100	kernel	0		accessoryStateHandler <- sender: (_commandMode:1, _hostSuspended:0, _systemSleepState:0)
debug	14:02:18.208869+0100	kernel	0		MesaAccessoryManager::iterateAccessories <-
debug	14:02:18.208872+0100	kernel	0		MesaAccessoryManager::iterateAccessories -> err:0x0
debug	14:02:18.208842+0100	kernel	0		AppleBiometricServicesUserClient::extPerform -> err:0x0
debug	14:02:18.208889+0100	kernel	0		AppleBiometricServicesUserClient::externalMethod -> err:0x0
default	14:02:18.209889+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | current assertions: {
    17957 = "732402866.2295229";
    21858 = "732409330.1520129";
    24003 = "732411422.225437";
    30297 = "732458341.534927";
    32835 = "732459681.209709";
    7675 = "732400066.124355";
}
default	14:02:18.210211+0100	coreautha	0	SA_ScreenSaver	SACRemoveAssertScreenLockViaTouchIDBlocked:222: exit: result = 0
default	14:02:18.209917+0100	loginwindow	0	Standard	-[LWTouchIDLockScreen clearTouchIDBlockScreenLockAssertionForClient:withPID:withDebounce:] | returning: 0
debug	14:02:18.210017+0100	CredentialProvider-macOS	19624537	xpc	flagAlways:false inEduMode:false flagOld:false
debug	14:02:18.210108+0100	secd	19624537	serverxpc	XPC [CredentialProvid[33307]/1#10 LF=0] operation: copy_matching (1)
default	14:02:18.210257+0100	coreautha	0	LAAssertions	TouchID assertion release for dropOutstandingTouchIdAssertions successful, 0 active assertions: (
)
debug	14:02:18.210030+0100	CredentialProvider-macOS	19624537	xpc	not using system keychain
default	14:02:18.209934+0100	loginwindow	0	Standard	-[SessionAgentCom SACRemoveAssertScreenLockViaTouchIDBlocked:] | returning success
debug	14:02:18.210278+0100	coreautha	0	coreautha	Assertions XPC connection was invalidated
debug	14:02:18.210524+0100	CredentialProvider-macOS	19624536	secpref	force=false mForceReloadEmptyFile=false prefsPath=/Users/jeremybannister/Library/Preferences/com.apple.security.plist
debug	14:02:18.210541+0100	CredentialProvider-macOS	19624536	secpref	force=false mForceReloadEmptyFile=false prefsPath=/Library/Preferences/com.apple.security-common.plist
debug	14:02:18.210608+0100	CredentialProvider-macOS	19624536	dbsession	0x129728010 DataGetFirst(12a833fa0)
debug	14:02:18.210623+0100	CredentialProvider-macOS	19624536	handleobj	create 0x12ab48312 for 0x12ab48100
debug	14:02:18.210649+0100	CredentialProvider-macOS	19624536	dbsession	0x12a855dc0 DataGetFirst(12a990848)
debug	14:02:18.210661+0100	CredentialProvider-macOS	19624536	handleobj	create 0x12ab48313 for 0x12ab48100
default	14:02:18.210752+0100	WindowServer	19624068	connection	[0x600001754960] activating connection: mach=true listener=false peer=false name=com.apple.tccd.system
debug	14:02:18.210771+0100	CredentialProvider-macOS	19624538	EndpointProvider	runningInSystemContext = 0
debug	14:02:18.210782+0100	CredentialProvider-macOS	19624538	EndpointProvider	runningInLoginWindowContext = 0
default	14:02:18.210808+0100	CredentialProvider-macOS	19624538	connection	[0x12ab04c70] activating connection: mach=true listener=false peer=false name=com.apple.ctkd.token-client
default	14:02:18.211034+0100	tccd	19624068	connection	[0x13da1fcc0] activating connection: mach=false listener=false peer=true name=com.apple.tccd.system.peer.0x13da1fcc0
default	14:02:18.211133+0100	tccd	19624068	access	REQUEST: tccd_uid=0, sender_pid=186, sender_uid=88, sender_auid=-1, function=TCCAccessRequest, msgID=186.6475
default	14:02:18.211121+0100	ctkd	19624538	connection	[0x139005e80] activating connection: mach=false listener=false peer=true name=com.apple.ctkd.token-client.peer.0x139005e80
default	14:02:18.211236+0100	CredentialProvider-macOS	19624538	connection	[0x12ab04c70] invalidated on xpc_connection_cancel()
default	14:02:18.211361+0100	ctkd	19624538	connection	[0x13920b630] activating connection: mach=false listener=false peer=true name=com.apple.xpc.anonymous.0x1392058c0.peer.0x13920b630
default	14:02:18.211258+0100	CredentialProvider-macOS	19624538	connection	[0x12af2d200] activating connection: mach=false listener=false peer=false name=(anonymous)
debug	14:02:18.211535+0100	ctkd	19624538	sepkey	 parsed for CredentialProvider-macOS<33307> from objectID: ACL=
default	14:02:18.211707+0100	CredentialProvider-macOS	19624538	connection	[0x12af2d200] invalidated on xpc_connection_cancel()
default	14:02:18.211523+0100	ctkd	0	connection	[0x139005e80] invalidated after getting a no-senders notification - client is gone
debug	14:02:18.211813+0100	CredentialProvider-macOS	19624539	client	operation:4 algo:algid:keyexchange:ECDHC
debug	14:02:18.211832+0100	CredentialProvider-macOS	19624539	EndpointProvider	runningInSystemContext = 0
debug	14:02:18.211842+0100	CredentialProvider-macOS	19624539	EndpointProvider	runningInLoginWindowContext = 0
default	14:02:18.211863+0100	CredentialProvider-macOS	19624539	connection	[0x12115a910] activating connection: mach=true listener=false peer=false name=com.apple.ctkd.token-client
default	14:02:18.212274+0100	CredentialProvider-macOS	19624539	connection	[0x12115a910] invalidated on xpc_connection_cancel()
default	14:02:18.212101+0100	tccd	19624068	access	AUTHREQ_CTX: msgID=186.6475, function=, service=kTCCServiceScreenCapture, preflight=yes, query=1, client_dict=(null), daemon_dict=
default	14:02:18.212294+0100	CredentialProvider-macOS	19624539	connection	[0x12115a910] activating connection: mach=false listener=false peer=false name=(anonymous)
default	14:02:18.212151+0100	tccd	19624068	access	AUTHREQ_ATTRIBUTION: msgID=186.6475, attribution={accessing={TCCDProcess: identifier=com.apple.LocalAuthentication.UIAgent, pid=32835, auid=501, euid=501, binary_path=/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha}, requesting={TCCDProcess: identifier=com.apple.WindowServer, pid=186, auid=88, euid=88, binary_path=/System/Library/PrivateFrameworks/SkyLight.framework/Versions/A/Resources/WindowServer}, },
default	14:02:18.212163+0100	ctkd	0	connection	[0x13920b630] invalidated after getting a no-senders notification - client is gone
default	14:02:18.212192+0100	ctkd	19624539	connection	[0x139005e80] activating connection: mach=false listener=false peer=true name=com.apple.ctkd.token-client.peer.0x139005e80
default	14:02:18.212228+0100	tccd	19624068	access	requestor: TCCDProcess: identifier=com.apple.WindowServer, pid=186, auid=88, euid=88, binary_path=/System/Library/PrivateFrameworks/SkyLight.framework/Versions/A/Resources/WindowServer is checking access for accessor TCCDProcess: identifier=com.apple.LocalAuthentication.UIAgent, pid=32835, auid=501, euid=501, binary_path=/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha
default	14:02:18.212403+0100	ctkd	0	connection	[0x139005e80] invalidated after getting a no-senders notification - client is gone
default	14:02:18.212408+0100	ctkd	19624539	connection	[0x139708470] activating connection: mach=false listener=false peer=true name=com.apple.xpc.anonymous.0x1392058c0.peer.0x139708470
debug	14:02:18.212549+0100	ctkd	19624539	sepkey	 parsed for CredentialProvider-macOS<33307> from objectID: ACL=
debug	14:02:18.212578+0100	ctkd	19624539	sepkey	creating temporary context(sn=3)
default	14:02:18.212599+0100	ctkd	19624539	Client,LAContext	Creating LAContext new cid:5
default	14:02:18.212647+0100	ctkd	19624539	connection	[0x13900dd90] activating connection: mach=true listener=false peer=false name=com.apple.CoreAuthentication.agent
default	14:02:18.212853+0100	coreauthd	19624539	connection	[0x13271d5a0] activating connection: mach=false listener=false peer=true name=com.apple.CoreAuthentication.agent.peer.0x13271d5a0
default	14:02:18.213418+0100	coreauthd	0	AuthenticationManager	-[AuthenticationManager _bkIsBusy] -> 1 on 
default	14:02:18.213490+0100	coreauthd	0	AuthenticationManager	Will not run idle blocks now, BK operation in progress.
default	14:02:18.213426+0100	coreauthd	19624539	Server,LAContext	Context[362:7683] created
debug	14:02:18.213470+0100	tccd	19624068	csresource	0x12cd507d0 rule ^Contents$ added (weight 0, flags 0x12)
debug	14:02:18.213514+0100	tccd	19624068	csresource	0x12cd210e0 rule ^(\.LSOverride|\.DS_Store|Icon
|\.SoftwareDepot\.tracking)$ added (weight 0, flags 0x9)
debug	14:02:18.213531+0100	tccd	19624068	dirval	entering /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
default	14:02:18.213674+0100	coreauthd	19624539	Server	AgentProxy for coreauthd[29072] (agent for user 501) has registered uuid ed4b97c => RemoteContext registration for Context[362:7683] in coreauthd[29072] (agent for user 501)
debug	14:02:18.213567+0100	tccd	19624068	dirval	entering /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents
debug	14:02:18.213581+0100	tccd	19624068	dirval	leaving /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents
debug	14:02:18.213588+0100	tccd	19624068	dirval	leaving /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
debug	14:02:18.204035+0100	mdbulkimport	0	csresource	0x133fbcfc0 rule ^.* added (weight 20, flags 0x42)
default	14:02:18.213826+0100	coreauthd	19624539	Server,LAContext	Tracking [7683]
debug	14:02:18.213891+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha,0x0,0x1b6) = 7
default	14:02:18.213910+0100	coreauthd	19624539	Server,LAContext	ContextProxy[33471:3:362:7683] created for Context[362:7683] uid:501
debug	14:02:18.214116+0100	deleted	19624508	xpc	connection <0x133c2adc0/0/0> released; cnt = 3
debug	14:02:18.214251+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha,0x0,0x1b6) = 8
default	14:02:18.214099+0100	ctkd	19624539	Client,LAContext	LAContext[3:362:7683] created new cid:5
default	14:02:18.214163+0100	deleted	0	unspecified	container_create_or_lookup_user_managed_assets_path: error = ((container_error_t)71) PATH_NOT_FOUND
default	14:02:18.214354+0100	coreauthd	19624539	Server	externalizedContextWithReply on ContextProxy[33471:3:362:7683] rid:380
debug	14:02:18.214268+0100	tccd	19624068	macho	0x12cd507d0 is a thin file (arm64e)
debug	14:02:18.214279+0100	tccd	19624068	unixio	close(7) err: 0
debug	14:02:18.214484+0100	tccd	19624068	machorep	7554 signing bytes in 5 blob(s) from /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha(arm64e)
debug	14:02:18.214605+0100	tccd	19624068	cfloadfile	failed to fetch /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/_CodeSignature/CodeRequirements-1 error=-10
debug	14:02:18.214157+0100	mdbulkimport	0	csresource	0x133e04080 rule ^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/ added (weight 0, flags 0x44)
debug	14:02:18.214620+0100	tccd	19624068	staticCode	SecStaticCode network default: NO
debug	14:02:18.214572+0100	mdbulkimport	0	csresource	0x133ecb700 rule ^_CodeSignature$ added (weight 0, flags 0x10)
default	14:02:18.214634+0100	coreauthd	19624539	Server	AgentProxy for coreauthd[29072] (agent for user 501) has registered hash e2a8743 (uuid ed4b97c) => RemoteContext registration for Context[362:7683] in coreauthd[29072] (agent for user 501)
debug	14:02:18.214638+0100	tccd	19624068	access	IDENTITY_ATTRIBUTION: starting for: /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha
debug	14:02:18.214626+0100	mdbulkimport	0	csresource	0x133e20800 rule ^CodeResources$ added (weight 0, flags 0x10)
default	14:02:18.214823+0100	ctkd	19624539	Client,SPI,LAContext	externalizedContext on LAContext[3:362:7683] cid:6 returned e2a8743
debug	14:02:18.214909+0100	mdbulkimport	0	csresource	0x133ea4490 rule ^_MASReceipt$ added (weight 0, flags 0x10)
default	14:02:18.214835+0100	tccd	19624068	access	AUTHREQ_SUBJECT: msgID=186.6475, subject=com.apple.LocalAuthentication.UIAgent,
debug	14:02:18.215065+0100	tccd	19624068	csresource	0x12cd24fb0 rule ^Contents$ added (weight 0, flags 0x12)
debug	14:02:18.215095+0100	tccd	19624068	csresource	0x12cd53780 rule ^(\.LSOverride|\.DS_Store|Icon
|\.SoftwareDepot\.tracking)$ added (weight 0, flags 0x9)
debug	14:02:18.215076+0100	tccd	19624068	access	register with resolver: binary:file:///System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha, bundle file:///System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/ -- failed: isApp:0
debug	14:02:18.215114+0100	tccd	19624068	dirval	entering /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
debug	14:02:18.215147+0100	tccd	19624068	dirval	entering /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents
debug	14:02:18.215107+0100	mdbulkimport	0	csresource	0x133fa1450 rule ^MacOS/MIDI$ added (weight 0, flags 0x30)
debug	14:02:18.215142+0100	mdbulkimport	0	rdirenum	entering /System/Library/Spotlight/MIDI.mdimporter/Contents
debug	14:02:18.215159+0100	tccd	19624068	dirval	leaving /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents
debug	14:02:18.215178+0100	tccd	19624068	dirval	leaving /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
debug	14:02:18.215207+0100	tccd	19624068	error	Constructing NSError NSOSStatusErrorDomain/-10811 at _LSFindBundleWithInfo_NoIOFiltered:175
debug	14:02:18.215270+0100	tccd	19624068	error	Converted OSStatus -10811 to error Error Domain=NSOSStatusErrorDomain Code=-10811 "kLSNotAnApplicationErr: Item needs to be an application, but is not" UserInfo={_LSLine=175, _LSFunction=_LSFindBundleWithInfo_NoIOFiltered}
debug	14:02:18.215289+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha,0x0,0x1b6) = 7
debug	14:02:18.215320+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha,0x0,0x1b6) = 9
debug	14:02:18.215332+0100	tccd	19624068	macho	0x12cd16480 is a fat file with 2 architectures
debug	14:02:18.215327+0100	tccd	19624068	strings	Bundle: , key: NSOSStatusErrorDomain, value: NSOSStatusErrorDomain, table: Error, localizationNames: (null), result: OSStatus
debug	14:02:18.215373+0100	tccd	19624068	strings	Bundle: , key: The operation couldn\U2019t be completed. (%@ error %ld.), value: The operation couldn\U2019t be completed. (%@ error %ld.), table: Error, localizationNames: (null), result: The operation couldn’t be completed. (%1$@ error %2$ld.)
debug	14:02:18.215339+0100	mdbulkimport	0	rdirenum	entering /System/Library/Spotlight/MIDI.mdimporter/Contents/_CodeSignature
debug	14:02:18.215372+0100	mdbulkimport	0	rscan	test _CodeSignature
error	14:02:18.215421+0100	tccd	19624068	access	Failed to create LSApplicationRecord for file:///System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/: 'The operation couldn’t be completed. (OSStatus error -10811.)'
debug	14:02:18.215440+0100	mdbulkimport	0	rscan	try ^MacOS/MIDI$
debug	14:02:18.215557+0100	tccd	19624068	unixio	close(7) err: 0
debug	14:02:18.215563+0100	mdbulkimport	0	rscan	try ^_MASReceipt$
debug	14:02:18.215615+0100	tccd	19624068	macho	64-bit linkedit is valid
debug	14:02:18.215596+0100	mdbulkimport	0	rscan	try ^CodeResources$
debug	14:02:18.215632+0100	tccd	19624068	machorep	7554 signing bytes in 5 blob(s) from /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha(arm64e)
debug	14:02:18.215655+0100	mdbulkimport	0	rscan	try ^_CodeSignature$
debug	14:02:18.215662+0100	tccd	19624068	cfloadfile	failed to fetch /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/_CodeSignature/CodeRequirements-1 error=-10
debug	14:02:18.215684+0100	mdbulkimport	0	rscan	match
debug	14:02:18.215677+0100	tccd	19624068	staticCode	SecStaticCode network default: NO
debug	14:02:18.215708+0100	mdbulkimport	0	rscan	excluded
default	14:02:18.215689+0100	tccd	19624068	access	-[TCCDAccessIdentity staticCode]: static code for: identifier com.apple.LocalAuthentication.UIAgent, type: 0: 0x12cd1d730 at /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
debug	14:02:18.215732+0100	mdbulkimport	0	rdirenum	leaving /System/Library/Spotlight/MIDI.mdimporter/Contents/_CodeSignature
debug	14:02:18.215703+0100	tccd	19624068	notarization	Extracting ticket from bundle: /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
debug	14:02:18.215754+0100	mdbulkimport	0	rdirenum	entering /System/Library/Spotlight/MIDI.mdimporter/Contents/MacOS
debug	14:02:18.215749+0100	tccd	19624068	staticCode	SecStaticCode network blocked: YES
debug	14:02:18.215778+0100	mdbulkimport	0	rscan	test MacOS
debug	14:02:18.215766+0100	tccd	19624068	staticCode	SecStaticCode network blocked: YES
debug	14:02:18.215804+0100	mdbulkimport	0	rscan	try ^MacOS/MIDI$
debug	14:02:18.215899+0100	tccd	19624068	staticCode	SecStaticCode network blocked: YES
debug	14:02:18.216031+0100	DTServiceHub	0		Data Size: 0, Rows Sent: 0, Stack depth: 12
debug	14:02:18.216077+0100	trustd	19624241	serverxpc	XPC [tccd[189]/1#12 LF=0] operation: trust_evaluate (8)
debug	14:02:18.216043+0100	mdbulkimport	0	rscan	try ^_MASReceipt$
debug	14:02:18.216173+0100	trustd	19624241	http	network access disabled by policy
debug	14:02:18.215960+0100	tccd	19624241	xpc	no query dict to determine whether for system keychain: Error Domain=NSOSStatusErrorDomain Code=-50 "no object for key query" (paramErr: error in user parameter list) UserInfo={numberOfErrorsDeep=0, NSDescription=no object for key query}
debug	14:02:18.216146+0100	mdbulkimport	0	rscan	try ^CodeResources$
debug	14:02:18.216173+0100	mdbulkimport	0	rscan	try ^_CodeSignature$
debug	14:02:18.216197+0100	mdbulkimport	0	rscan	try ^.*
debug	14:02:18.216222+0100	mdbulkimport	0	rscan	match
debug	14:02:18.216244+0100	mdbulkimport	0	rscan	try ^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/
debug	14:02:18.216283+0100	mdbulkimport	0	rscan	choosing ^.* (20,0x42)
debug	14:02:18.216367+0100	trustd	19624241	seckey	SecKeyVerifySignature failed: Error Domain=NSOSStatusErrorDomain Code=-67808 "RSA signature verification failed, no match" UserInfo={numberOfErrorsDeep=0, NSDescription=RSA signature verification failed, no match}
debug	14:02:18.216443+0100	trustd	19624241	seckey	SecKeyVerifySignature failed: Error Domain=NSOSStatusErrorDomain Code=-67808 "RSA signature verification failed, no match" UserInfo={numberOfErrorsDeep=0, NSDescription=RSA signature verification failed, no match}
debug	14:02:18.216435+0100	mdbulkimport	0	rdirenum	file /System/Library/Spotlight/MIDI.mdimporter/Contents/MacOS/MIDI
debug	14:02:18.216511+0100	mdbulkimport	0	rscan	test MacOS/MIDI
debug	14:02:18.216481+0100	trustd	19624241	reject	non ev score: 1107 , ,  >
debug	14:02:18.216537+0100	mdbulkimport	0	rscan	try ^MacOS/MIDI$
debug	14:02:18.216505+0100	trustd	19624241	reject	non ev score: 112 lower than 1107 ,  >
debug	14:02:18.216592+0100	linkd	0	binding	+++ PeopleMessageService on / (B:0xa57c, C:0x0) (null)
debug	14:02:18.216566+0100	mdbulkimport	0	rscan	match
debug	14:02:18.216522+0100	trustd	19624241	reject	non ev score: 111 lower than 1107  >
debug	14:02:18.216592+0100	mdbulkimport	0	rscan	excluded
debug	14:02:18.216614+0100	mdbulkimport	0	rdirenum	leaving /System/Library/Spotlight/MIDI.mdimporter/Contents/MacOS
debug	14:02:18.216722+0100	linkd	0	binding	1 bindings found
debug	14:02:18.216638+0100	mdbulkimport	0	rdirenum	file /System/Library/Spotlight/MIDI.mdimporter/Contents/Info.plist
debug	14:02:18.216876+0100	mdbulkimport	0	rscan	test Info.plist
debug	14:02:18.216931+0100	trustd	19624241	policy	cert[2]: skipped exception error AnchorTrusted
debug	14:02:18.216989+0100	trustd	19624241	User Defaults	found no value for key TrustEvaluationEventAnalyticsRate in CFPrefsSearchListSource<0x121f12c00> (Domain: com.apple.security, Container: (null))
debug	14:02:18.217035+0100	mdbulkimport	0	rscan	try ^MacOS/MIDI$
debug	14:02:18.217022+0100	trustd	19624241	trust	completed: , ,  > details: (
        {
    },
        {
    },
        {
    }
) result: 1
debug	14:02:18.217134+0100	tccd	19624068	codedir	0x14800c030 validating slot -7
debug	14:02:18.217164+0100	tccd	19624068	cfloadfile	failed to fetch /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/_CodeSignature/CodeRepSpecific error=-10
debug	14:02:18.217120+0100	mdbulkimport	0	rscan	try ^_MASReceipt$
debug	14:02:18.217180+0100	tccd	19624068	codedir	0x14800c030 validating slot -5
debug	14:02:18.217221+0100	mdbulkimport	0	rscan	try ^CodeResources$
debug	14:02:18.217248+0100	mdbulkimport	0	rscan	try ^_CodeSignature$
debug	14:02:18.217196+0100	tccd	19624068	cfloadfile	failed to fetch /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/_CodeSignature/CodeTopDirectory error=-10
debug	14:02:18.217277+0100	mdbulkimport	0	rscan	try ^.*
debug	14:02:18.217209+0100	tccd	19624068	codedir	0x14800c030 validating slot -2
debug	14:02:18.217300+0100	mdbulkimport	0	rscan	match
debug	14:02:18.217242+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/Info.plist,0x0,0x1b6) = 7
debug	14:02:18.217324+0100	mdbulkimport	0	rscan	try ^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/
debug	14:02:18.217263+0100	tccd	19624068	unixio	close(7) err: 0
debug	14:02:18.217353+0100	mdbulkimport	0	rscan	choosing ^.* (20,0x42)
debug	14:02:18.217277+0100	tccd	19624068	codedir	0x14800c030 validating slot -1
debug	14:02:18.217380+0100	mdbulkimport	0	rdirenum	file /System/Library/Spotlight/MIDI.mdimporter/Contents/version.plist
debug	14:02:18.217288+0100	tccd	19624068	codedir	0x14800c030 validating slot -1
debug	14:02:18.217403+0100	mdbulkimport	0	rscan	test version.plist
debug	14:02:18.217325+0100	tccd	19624068	staticCode	0x12cd1d748 loaded InfoDict 0x12ce08340
debug	14:02:18.217428+0100	mdbulkimport	0	rscan	try ^MacOS/MIDI$
debug	14:02:18.217343+0100	tccd	19624068	codedir	0x14800c030 validating slot -7
debug	14:02:18.217454+0100	mdbulkimport	0	rscan	try ^_MASReceipt$
debug	14:02:18.217425+0100	tccd	19624068	staticCode	0x12cd1d748 loaded DER blob with length 385
debug	14:02:18.217479+0100	mdbulkimport	0	rscan	try ^CodeResources$
debug	14:02:18.217462+0100	tccd	19624068	staticCode	0x12cd1d748 creating new CEQueryContext DER blob with length 377
debug	14:02:18.217504+0100	mdbulkimport	0	rscan	try ^_CodeSignature$
debug	14:02:18.217530+0100	mdbulkimport	0	rscan	try ^.*
debug	14:02:18.217555+0100	mdbulkimport	0	rscan	match
debug	14:02:18.217580+0100	mdbulkimport	0	rscan	try ^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/
debug	14:02:18.217607+0100	mdbulkimport	0	rscan	choosing ^.* (20,0x42)
debug	14:02:18.217633+0100	mdbulkimport	0	rdirenum	leaving /System/Library/Spotlight/MIDI.mdimporter/Contents
debug	14:02:18.217840+0100	mdbulkimport	0	unixio	close(5) err: 0
debug	14:02:18.217972+0100	tccd	19624068	csresource	0x13da21230 rule ^Contents$ added (weight 0, flags 0x12)
debug	14:02:18.218046+0100	tccd	19624068	csresource	0x13da19050 rule ^(\.LSOverride|\.DS_Store|Icon
|\.SoftwareDepot\.tracking)$ added (weight 0, flags 0x9)
debug	14:02:18.218086+0100	tccd	19624068	dirval	entering /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
debug	14:02:18.217978+0100	mdbulkimport	0	Import	APPLE SIGNED:1 
debug	14:02:18.218168+0100	tccd	19624068	dirval	entering /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents
debug	14:02:18.218208+0100	tccd	19624068	dirval	leaving /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents
debug	14:02:18.218240+0100	tccd	19624068	dirval	leaving /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle
debug	14:02:18.218403+0100	mdbulkimport	0	resources	Resource lookup at 
	Request       : schema type: strings localization: English
	Result        : None
debug	14:02:18.218502+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha,0x0,0x1b6) = 7
debug	14:02:18.218575+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha,0x0,0x1b6) = 10
debug	14:02:18.218607+0100	tccd	19624068	macho	0x13da21230 is a thin file (x86_64)
debug	14:02:18.218636+0100	tccd	19624068	unixio	close(7) err: 0
debug	14:02:18.218683+0100	tccd	19624068	macho	64-bit linkedit is valid
debug	14:02:18.218765+0100	tccd	19624068	macho	64-bit linkedit is valid
debug	14:02:18.218801+0100	tccd	19624068	machorep	7554 signing bytes in 5 blob(s) from /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/MacOS/coreautha(x86_64)
debug	14:02:18.218852+0100	tccd	19624068	cfloadfile	failed to fetch /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/_CodeSignature/CodeRequirements-1 error=-10
debug	14:02:18.218890+0100	tccd	19624068	staticCode	SecStaticCode network default: NO
debug	14:02:18.218972+0100	tccd	19624068	staticCode	SecStaticCode network blocked: YES
debug	14:02:18.219008+0100	tccd	19624068	staticCode	SecStaticCode network blocked: YES
debug	14:02:18.219129+0100	mdbulkimport	0	resources	Resource lookup at 
	Request       : schema type: stringsdict localization: English
	Result        : None
debug	14:02:18.219306+0100	tccd	19624068	staticCode	SecStaticCode network blocked: YES
debug	14:02:18.219448+0100	tccd	19624242	xpc	no query dict to determine whether for system keychain: Error Domain=NSOSStatusErrorDomain Code=-50 "no object for key query" (paramErr: error in user parameter list) UserInfo={numberOfErrorsDeep=0, NSDescription=no object for key query}
debug	14:02:18.219578+0100	trustd	19624242	serverxpc	XPC [tccd[189]/1#12 LF=0] operation: trust_evaluate (8)
debug	14:02:18.219573+0100	mdbulkimport	0	binding	BindingEvaluator::CreateWithBundleInfo(ID=, name=, CC=????, vers=(null))
error	14:02:18.219567+0100	deleted	0	daemon	Unable to recycle fd for : Operation not permitted
debug	14:02:18.219664+0100	trustd	19624242	http	network access disabled by policy
debug	14:02:18.219614+0100	mdbulkimport	0	binding	BindingEvaluator::~BindingEvaluator(0x16d2855a8)
debug	14:02:18.219687+0100	mdbulkimport	0	binding	Running evaluator 0x16d2853e8
debug	14:02:18.219715+0100	mdbulkimport	0	binding	Adding user preferences
debug	14:02:18.219738+0100	mdbulkimport	0	binding	Adding weak binding
debug	14:02:18.219764+0100	mdbulkimport	0	binding	0 bindings found
debug	14:02:18.219789+0100	mdbulkimport	0	binding	Truncating a list of bindings to max 1 known-good ones.
debug	14:02:18.219857+0100	trustd	19624242	seckey	SecKeyVerifySignature failed: Error Domain=NSOSStatusErrorDomain Code=-67808 "RSA signature verification failed, no match" UserInfo={numberOfErrorsDeep=0, NSDescription=RSA signature verification failed, no match}
debug	14:02:18.219927+0100	trustd	19624242	seckey	SecKeyVerifySignature failed: Error Domain=NSOSStatusErrorDomain Code=-67808 "RSA signature verification failed, no match" UserInfo={numberOfErrorsDeep=0, NSDescription=RSA signature verification failed, no match}
debug	14:02:18.219959+0100	mdbulkimport	0	binding	Adding and sorting bundles
debug	14:02:18.219960+0100	trustd	19624242	reject	non ev score: 1107 , ,  >
debug	14:02:18.219981+0100	trustd	19624242	reject	non ev score: 112 lower than 1107 ,  >
debug	14:02:18.219996+0100	trustd	19624242	reject	non ev score: 111 lower than 1107  >
debug	14:02:18.220128+0100	trustd	19624242	policy	cert[2]: skipped exception error AnchorTrusted
debug	14:02:18.220177+0100	trustd	19624242	User Defaults	found no value for key TrustEvaluationEventAnalyticsRate in CFPrefsSearchListSource<0x121f12c00> (Domain: com.apple.security, Container: (null))
debug	14:02:18.220206+0100	trustd	19624242	trust	completed: , ,  > details: (
        {
    },
        {
    },
        {
    }
) result: 1
debug	14:02:18.220299+0100	tccd	19624068	codedir	0x14880a030 validating slot -7
debug	14:02:18.220324+0100	tccd	19624068	cfloadfile	failed to fetch /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/_CodeSignature/CodeRepSpecific error=-10
debug	14:02:18.220336+0100	tccd	19624068	codedir	0x14880a030 validating slot -5
debug	14:02:18.220133+0100	mdbulkimport	0	binding	+++ library on / (B:0xb7dc, C:0x0) (null)
debug	14:02:18.220352+0100	tccd	19624068	cfloadfile	failed to fetch /System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/_CodeSignature/CodeTopDirectory error=-10
debug	14:02:18.220364+0100	tccd	19624068	codedir	0x14880a030 validating slot -2
debug	14:02:18.220395+0100	tccd	19624068	unixio	open(/System/Library/Frameworks/LocalAuthentication.framework/Support/coreautha.bundle/Contents/Info.plist,0x0,0x1b6) = 7
debug	14:02:18.220417+0100	tccd	19624068	unixio	close(7) err: 0
debug	14:02:18.220427+0100	tccd	19624068	codedir	0x14880a030 validating slot -1
debug	14:02:18.220437+0100	tccd	19624068	codedir	0x14880a030 validating slot -1
debug	14:02:18.220469+0100	tccd	19624068	staticCode	0x13da46b78 loaded InfoDict 0x12ce08a50
debug	14:02:18.220463+0100	mdbulkimport	0	binding	1 bindings found
debug	14:02:18.220479+0100	tccd	19624068	codedir	0x14880a030 validating slot -7
debug	14:02:18.220489+0100	tccd	19624068	staticCode	0x13da46b78 loaded DER blob with length 385
debug	14:02:18.220532+0100	mdbulkimport	0	binding	Truncating a list of bindings to max 1 known-good ones.
debug	14:02:18.220501+0100	tccd	19624068	staticCode	0x13da46b78 creating new CEQueryContext DER blob with length 377
debug	14:02:18.220551+0100	tccd	19624068	unixio	close(10) err: 0
default	14:02:18.220599+0100	tccd	19624068	access	Platform binary prompting is 'Deny' because: is Platform Binary
default	14:02:18.220654+0100	tccd	19624068	access	AUTHREQ_RESULT: msgID=186.6475, authValue=1, authReason=5, authVersion=1, error=(null),
debug	14:02:18.220674+0100	mdbulkimport	0	binding	+++ library on / (B:0xb7dc, C:0x0) (null)
debug	14:02:18.220685+0100	tccd	19624068	unixio	close(9) err: 0
debug	14:02:18.220704+0100	tccd	19624068	unixio	close(8) err: 0
default	14:02:18.220793+0100	WindowServer	19624068	connection	[0x600001754960] invalidated after the last release of the connection object
default	14:02:18.220738+0100	tccd	19624068	access	REPLY: (0) function=TCCAccessRequest, msgID=186.6475
default	14:02:18.220827+0100	tccd	0	connection	[0x13da1fcc0] invalidated after getting a no-senders notification - client is gone
debug	14:02:18.220779+0100	mdbulkimport	0	binding	Best binding found for evaluator 0x16d285658: 
debug	14:02:18.220943+0100	mdbulkimport	0	binding	BindingEvaluator::~BindingEvaluator(0x16d2853e8)
debug	14:02:18.220969+0100	mdbulkimport	0	binding	BindingEvaluator::~BindingEvaluator(0x16d285658)
debug	14:02:18.221024+0100	mdbulkimport	0	error	Constructing NSError NSOSStatusErrorDomain/-10811 at _LSRegisterBundleNode:2465
debug	14:02:18.221081+0100	mdbulkimport	0	error	Launch Services generated an error at _LSRegisterBundleNode:2465, converting to OSStatus -10811: Error Domain=NSOSStatusErrorDomain Code=-10811 "kLSNotAnApplicationErr: Item needs to be an application, but is not" UserInfo={_LSLine=2465, _LSFunction=_LSRegisterBundleNode}
debug	14:02:18.221424+0100	ctkd	19624539	sepkey	: computed shared secret
default	14:02:18.221515+0100	CredentialProvider-macOS	19624539	connection	[0x12115a910] invalidated on xpc_connection_cancel()
default	14:02:18.221585+0100	ctkd	0	connection	[0x139708470] invalidated after getting a no-senders notification - client is gone
debug	14:02:18.221618+0100	deleted	0	daemon	 role: 64
debug	14:02:18.221769+0100	deleted	0	daemon	nobrowse && !AllowNoBrowse
default	14:02:18.221923+0100	deleted	0	daemon	AppCache: created an app cache: 
default	14:02:18.222017+0100	deleted	0		(501) Adopting Voucher for accountID:8AED534D-1919-46F3-A762-ADBAAD1AEFE4
default	14:02:18.222177+0100	CredentialProvider-macOS	19621528	NSExtension	preparing to call _completeRequestReturningItems:forExtensionContextWithUUID: UUID: E5DFB90C-316D-4F67-982D-D67F67C87B2F
default	14:02:18.222174+0100	deleted	0		(501) AllKeys is:8AED534D-1919-46F3-A762-ADBAAD1AEFE4
default	14:02:18.222203+0100	AuthenticationServicesAgent	19593644	Authorization	Completing authorization: 0x133d107e0  (null) 0420A06B-1595-4B97-9FB9-6915EA2EDDD8
default	14:02:18.222248+0100	AuthenticationServicesAgent	19593645	Authorization	Asked to cancel operation 0420A06B-1595-4B97-9FB9-6915EA2EDDD8, override error: Error Domain=com.apple.AuthenticationServicesCore.AuthorizationError Code=12 "(null)"
default	14:02:18.222268+0100	AuthenticationServicesAgent	19593645	Authorization	Tearing down operation 0420A06B-1595-4B97-9FB9-6915EA2EDDD8.
default	14:02:18.222239+0100	CredentialProvider-macOS	19621528	NSExtension	call _completeRequestReturningItems:forExtensionContextWithUUID:
default	14:02:18.222358+0100	com.apple.AuthenticationServices.Helper	19621528	connection	[0x151e67b30] invalidated on xpc_connection_cancel()
default	14:02:18.222409+0100	CredentialProvider-macOS	19624542	NSExtension	calling out to _completeRequestReturningItemsSecondHalf
default	14:02:18.222372+0100	com.apple.AuthenticationServices.Helper	19621531	NSExtension	in EXConcreteExtensionTearDownRequestCompletion for plugin pid 33307
default	14:02:18.222384+0100	AuthenticationServicesAgent	0	connection	[0x133ebb4f0] invalidated after getting a no-senders notification - client is gone
default	14:02:18.222429+0100	CredentialProvider-macOS	19624542	NSExtension	in _NSExtensionCompleteRequestReturningItemsContinuation
default	14:02:18.222408+0100	com.apple.AuthenticationServices.Helper	19621531	NSExtension	tearing down extension request E5DFB90C-316D-4F67-982D-D67F67C87B2F to extension  {id = io.secretchest.SecretChest.CredentialProvider-macOS} (last known pid 33307)
error	14:02:18.222408+0100	AuthenticationServicesAgent	19593645	Authorization	Assertion failed: Error Domain=WKErrorDomain Code=31 "(null)"
debug	14:02:18.222436+0100	com.apple.AuthenticationServices.Helper	19621531	NSExtension	invalidated extension context:  - UUID: E5DFB90C-316D-4F67-982D-D67F67C87B2F - _isHost: YES
_isDummyExtension:NO
inputItems:
(
)
default	14:02:18.222457+0100	com.apple.AuthenticationServices.Helper	19621531	connection	[0x151e6df60] invalidated on xpc_connection_cancel()
default	14:02:18.222476+0100	AuthenticationServicesAgent	19593644	Authorization	Completing authorization: 0x133d107e0 (null) Error Domain=com.apple.AuthenticationServicesCore.AuthorizationError Code=12 "(null)" 0420A06B-1595-4B97-9FB9-6915EA2EDDD8
default	14:02:18.222902+0100	runningboardd	19624577	ttl	Acquiring assertion targeting [xpcservice:30371])(501)>:30663:30663])(501)>:33307] from originator [xpcservice:30371])(501)>:30663:30663])(501)>:33307] with description ,
	
	]>
debug	14:02:18.222585+0100	CredentialProvider-macOS	19624592	NSExtension	invalidated extension context:  - UUID: E5DFB90C-316D-4F67-982D-D67F67C87B2F - _isHost: NO
_isDummyExtension:NO
inputItems:
(
)
default	14:02:18.222476+0100	com.apple.AuthenticationServices.Helper	19621531	connection	[0x157db7c60] invalidated on xpc_connection_cancel()
default	14:02:18.222505+0100	AuthenticationServicesAgent	19593644	Authorization	Received internal cancel. Dropping.
default	14:02:18.222946+0100	runningboardd	19624577	ttl	Assertion 192-33307-893730 (target:[xpcservice:30371])(501)>:30663:30663])(501)>:33307]) will be created as inactive as start-time-defining assertions exist
default	14:02:18.222589+0100	CredentialProvider-macOS	0	connection	[0x12a8c5b50] invalidated after getting a no-senders notification - client is gone
default	14:02:18.222489+0100	com.apple.AuthenticationServices.Helper	19621531	connection	[0x155253a20] invalidated on xpc_connection_cancel()
error	14:02:18.222529+0100	AuthenticationServicesAgent	19621528		Request cancelled due to AuthenticatorManager::cancelRequest being called.
0
jeremy.a.bannister OP
Apr ’24

@garrett-davidson I tried a huge number of variations, and one factor that proved to be key was that of the aaguid. In an earlier iteration I was using 00000000-0000-0000-0000-000000000000, but then at some point I thought it seemed weird that that would work better than a real UUID that actually uniquely identified the device, so I made the switch but was still blocked by other issues. After resolving all of those other issues, everything finally worked when I eventually set the aaguid back to 00000000-0000-0000-0000-000000000000 as I had had it many iterations prior.

0
Passkey from my macOS Credential Provider Extension is not being offered by AutoFill
First post date Last post date
 
 
Q