Hi at all, is there a way to count how many files have been marked with the codesign? Thanks in advance
General
RSS for tagDemystify code signing and its importance in app development. Get help troubleshooting code signing issues and ensure your app is properly signed for distribution.
Post
Replies
Boosts
Views
Activity
Hi,
I know my swiftui, but I'm completely new to macOS development. Using Xcode 16.2 I wrote a backup app that fits my needs. I got it to use iCloud Documents in its own container. It runs beautifully on my developing Mac.
When I copy it over to my other Mac and try to open it, I just get a message that macOS can't open the app ("Das Programm kann nicht geöffnet werden")
In terminal I get this message: "embedded provisioning profile not valid: file:///Users/niko/FlexBackup.app/Contents/embedded.provisionprofile error: Error Domain=CPProfileManager Code=-212 "Provisioning profile does not allow this device."
I have "automatically manage signing" turned on and a Xcode Managed Profile.
How can I run my app on all of y Macs?
ad hoc和enterprise都不行
Team "tao yang (Personal Team)" is not enrolled in the Apple Developer Program.
Hi,
I am a newbie to this, I am trying to build my own ios phone app.
I am using my own phone as the developers phone so its set to debug.
Using Flutter I do flutter run. it get so far and always stops on :
Could not build the precompiled application for the device.
Error (Xcode): Unknown platform: "ios".
/Users/admin/group2/ios/Runner/Assets.xcassets
Error launching application on iPhone XS Max.
I have tried everything, so I thought someone on here might have the answer. I am happy to share any files or anything that you might need to recreate the issue.
如果你的 App 执行设备端收据验证,请确保你的 App 支持 SHA-256 算法。
我的APP接入了apple内购,我需要如何验证我的app支持 SHA-256 算法呢?
from; tkinter; import *
from; tkinter; import ttk
import random
import time
import sqlite3
#Connect; to; the; database (create, if it doesnot exist)
conn = sqlite3.connect("quiz_database.db")
c = conn.cursor()
Create the table if it doesnot exist
c.execute(""'CREATE TABLE IF NOT EXISTS questions
(id INTEGER PRIMARY KEY AUTOINCREMENT,
question TEXT,
answer1 TEXT,
answer2 TEXT,
correct_answer INTEGER)""')
conn.commit()
Sample data (replace with your own questions)
sample_questions = [
("Is the Earth flat?", "True", "False", 2),
("Do birds fly?", "True", "False", 1),
("Is water wet?", "True", "False", 1),
("Can humans breathe underwater?", "True", "False", 2),
]
c.executemany("INSERT OR IGNORE INTO questions (question, answer1, answer2, correct_answer) VALUES (?, ?, ?, ?)", sample_questions)
conn.commit()
class QuizApp:
def init(self, master):
self.master = master
master.title("True/False Quiz")
# Initialize variables
self.questions = []
self.current_question = 0
self.score = 0
self.start_time = 0
self.time_limit = 60 # Time limit in seconds
# Get questions from the database
self.load_questions()
# Create GUI elements
self.question_label = Label(master, text="", font=("Arial", 16))
self.question_label.pack(pady=20)
self.true_button = Button(master, text="True", command=lambda: self.check_answer(1), width=15)
self.true_button.pack(side=LEFT, padx=10)
self.false_button = Button(master, text="False", command=lambda: self.check_answer(2), width=15)
self.false_button.pack(side=RIGHT, padx=10)
self.feedback_label = Label(master, text="", font=("Arial", 12))
self.feedback_label.pack(pady=10)
self.timer_label = Label(master, text="Time Left: 60s", font=("Arial", 12))
self.timer_label.pack()
self.progress_bar = ttk.Progressbar(master, orient=HORIZONTAL, length=200, mode="determinate")
self.progress_bar.pack(pady=10)
self.start_quiz()
def load_questions(self):
c.execute("SELECT * FROM questions")
self.questions = c.fetchall()
random.shuffle(self.questions)
def start_quiz(self):
self.start_time = time.time()
self.display_question()
self.update_timer()
def display_question(self):
if self.current_question < len(self.questions):
question = self.questions[self.current_question]
self.question_label.config(text=question[1]) # Display the question
self.progress_bar["maximum"] = len(self.questions)
self.progress_bar["value"] = self.current_question + 1 # Update progress bar
def check_answer(self, selected_answer):
correct_answer = self.questions[self.current_question][4]
if selected_answer == correct_answer:
self.feedback_label.config(text="Correct!", fg="green")
self.score += 1
else:
self.feedback_label.config(text="Incorrect!", fg="red")
self.current_question += 1
if self.current_question < len(self.questions):
self.display_question()
else:
self.end_quiz()
def update_timer(self):
elapsed_time = time.time() - self.start_time
remaining_time = self.time_limit - elapsed_time
if remaining_time > 0:
self.timer_label.config(text=f"Time Left: {int(remaining_time)}s")
self.master.after(1000, self.update_timer)
else:
self.end_quiz()
def end_quiz(self):
self.true_button.config(state=DISABLED)
self.false_button.config(state=DISABLED)
self.feedback_label.config(text=f"Quiz Over! Your score: {self.score}/{len(self.questions)}")
Run the application
root = Tk()
app = QuizApp(root)
root.mainloop()
Close the database connection
conn.close()
I exported an app from an Xcode project using the "Archive" feature. After signing and notarizing it, the app runs normally on my local machine. However, after packaging it with create-dmg or ditto and distributing it to another Mac, I get an error saying the application cannot run. When I execute the command open ***.app in Terminal, it shows _LSOpenURLsWithCompletionHandler() failed for the application /Applications/Maxi PC Suite.app with error -10810. Does anyone know why this is happening?
codesign and notarization info:
codesign -vvv Maxi\ PC\ Suite.app
......
Maxi PC Suite.app: valid on disk
Maxi PC Suite.app: satisfies its Designated Requirement
syspolicy_check distribution Maxi\ PC\ Suite.app
App passed all pre-distribution checks and is ready for distribution.
I have an executable file named infogodesk, located in the directory /usr/local/SmpAgent/rustdesk/infogodesk. When I execute it using the terminal with ./infogodesk, the process gets terminated by the kernel. However, if I move the executable to another directory, it works fine.
This issue is very frustrating, and I hope to get some help. Below is the console log output:
默认 11:26:28.162205+0800 kernel ASP: Validation category (6) does not match top-level policy match (3) for process: /usr/local/SmpAgent/rustdesk/infogodesk
默认 11:26:28.162211+0800 kernel Validation category policy: Notifying syspolicyd about /usr/local/SmpAgent/rustdesk/infogodesk with PID 88264
默认 11:26:28.166695+0800 kernel CODE SIGNING: cs_invalid_page(0x104e04000): p=88264[infogodesk] final status 0x23000200, denying page sending SIGKILL
默认 11:26:28.166698+0800 kernel CODE SIGNING: process 88264[infogodesk]: rejecting invalid page at address 0x104e04000 from offset 0x0 in file "/usr/local/SmpAgent/rustdesk/infogodesk" (cs_mtime:1734509326.0 == mtime:1734509326.0) (depth:0)
默认 11:26:28.166738+0800 kernel infogodesk[88264] Corpse allowed 1 of 5
默认 11:26:28.255182+0800 ReportCrash ASI found [ReportCrash] (sensitive) 'Pid 88264 'infogodesk' CORPSE: Extracting
Completed 1, Recent: Pid 86766 'ReportCrash' CORPSE'
默认 11:26:28.261619+0800 ReportCrash ASI found [ReportCrash] (sensitive) 'Pid 88264 'infogodesk' CORPSE: Extracting
Completed 1, Recent: Pid 86767 'ReportCrash' CORPSE'
I want to code radeem for testflight
Chrome has started crashing almost immediately after startup. I've reported the issue to the Chrome team here: https://issues.chromium.org/issues/385433270
I'm hoping to debug the issue a bit more myself. This page from the Chrome team https://chromium.googlesource.com/chromium/src/+/master/docs/mac/debugging.md#chrome-builds suggests using the follow to strip off the protections:
codesign --force --sign - path/to/Google\ Chrome.app
However, applying that seems to have no effect:
% codesign --force --sign - /Applications/Google\ Chrome\ copy.app
/Applications/Google Chrome copy.app: replacing existing signature
/Applications/Google Chrome copy.app: resource fork, Finder information, or similar detritus not allowed
% lldb /Applications/Google\ Chrome\ copy.app
(lldb) target create "/Applications/Google Chrome copy.app"
Current executable set to '/Applications/Google Chrome copy.app' (arm64).
(lldb) run
error: process exited with status -1 (attach failed (Not allowed to attach to process. Look in the console messages (Console.app), near the debugserver entries, when the attach failed. The subsystem that denied the attach permission will likely have logged an informative message about why it was denied.))
I have tried other variations like the following based on Stack Overflow, this forum, etc., but with the same result. (I'm still a little vague on the meaning for some flags, sorry.) Though codesign says that it's "replacing existing signature", as far as I can tell, nothing is changing:
% cat <<EOF > debuggee-entitlement.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.get-task-allow</key>
<true/>
</dict>
</plist>
EOF
% codesign --verbose=4 -fs - --options library-validation --entitlements debuggee-entitlement.xml /Applications/Google\ Chrome\ copy.app
/Applications/Google Chrome copy.app: replacing existing signature
/Applications/Google Chrome copy.app: resource fork, Finder information, or similar detritus not allowed
file with invalid attached data: Disallowed xattr com.apple.FinderInfo found on /Applications/Google Chrome copy.app
lldb still fails the same way.
Here's what I see after the above:
% codesign -d -vvv /Applications/Google\ Chrome\ copy.app
Executable=/Applications/Google Chrome copy.app/Contents/MacOS/Google Chrome
Identifier=com.google.Chrome
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=1821 flags=0x12a00(kill,restrict,library-validation,runtime) hashes=46+7 location=embedded
Hash type=sha256 size=32
CandidateCDHash sha256=5d7beab2b03d9892426076b24acc19815d7a3ff8
CandidateCDHashFull sha256=5d7beab2b03d9892426076b24acc19815d7a3ff8c1446966e422c3c10672626b
Hash choices=sha256
CMSDigest=5d7beab2b03d9892426076b24acc19815d7a3ff8c1446966e422c3c10672626b
CMSDigestType=2
CDHash=5d7beab2b03d9892426076b24acc19815d7a3ff8
Signature size=8989
Authority=Developer ID Application: Google LLC (EQHXZ8M8AV)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Dec 17, 2024 at 2:47:58 PM
Notarization Ticket=stapled
Info.plist entries=44
TeamIdentifier=EQHXZ8M8AV
Runtime Version=15.0.0
Sealed Resources version=2 rules=13 files=63
Internal requirements count=1 size=288
From what I can tell, my codesign runs have changed nothing... I see no diff as compared with what I see running codesign -d on a fresh copy.
Is it possible to strip off the protections on my local instance to allow debugging with lldb? If so, could someone share a command for accomplishing that?
Although I'm asking about this because of Chrome specifically, I'm hoping to learn more about codesigning in general and to be more empowered as a user to be able to debug when an app I depend on is crashing.
Thanks much! Happy Holidays!
Xcode 16.2 無法在IOS 18.2 Debug
Xcode 16.2
iOS 18.2
直接建立新專案
Xcode -> Create New Project -> Multiplatform -> Application -> App
選擇 實體手機 -> 執行
error: attach by pid '1050' failed -- attach failed (Not allowed to attach to process. Look in the console messages (Console.app), near the debugserver entries, when the attach failed. The subsystem that denied the attach permission will likely have logged an informative message about why it was denied.)
Logging Error: Failed to initialize logging system due to time out. Log messages may be missing. If this issue persists, try setting IDEPreferLogStreaming=YES in the active scheme actions environment variables.
note technically code-signing but related......
Why has there been no update to the documentation at:
https://developer.apple.com/documentation/appstorereceipts/validating_receipts_on_the_device
To demonstrate how to validate an SHA256 app store hash ???
The January deadline is looming and I can find no working example code which sucessfully validates an SHA256 hash
HELP !!!!
For some reason Xcode said my certificate was revoked. Developer support says it’s active. Could someone point me towards the steps to reactivate it?
We have an enterprise application which customers are using since long.
Suddenly some customers have reported they are unable to open app in iOS 18 OS. On lower versions like 17 it is working fine.
We have a deploy this enterprise application on our server from that link our customer can download and install the app in iPhone. Now they are blocked due to this error. After installing the app when they open app below error message is shown to them.
"AppName" is no longer available.
Hello, I have been implementing faceID authentication using LocalAuthentication, and I've noticed that if i use swift 5 this code compiles but when i change to swift 6 it gives me a crash saying this compile error:
i have just created this project for this error purpose so this is my codebase:
import LocalAuthentication
import SwiftUI
struct ContentView: View {
@State private var isSuccess: Bool = false
var body: some View {
VStack {
if isSuccess {
Text("Succed")
} else {
Text("not succeed")
}
}
.onAppear(perform: authenticate)
}
func authenticate() {
let context = LAContext()
var error: NSError?
if context.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error) {
let reason = "We need to your face to open the app"
context.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: reason) { sucexd, error in
if sucexd {
let success = sucexd
Task { @MainActor [success] in
isSuccess = success
}
} else {
print(error?.localizedDescription as Any)
}
}
} else {
print(error as Any)
}
}
}
#Preview {
ContentView()
}
also i have tried to not use the task block and also gives me the same error. i think could be something about the LAContext NSObject that is not yet adapted for swift 6 concurrency?
also i tried to set to minimal but is the same error
Im using xcode 16.1 (16B40) with M1 using MacOS Seqouia 15.0.1
Help.
App is built using jdk21, jpackage to create dmg, pulls in the needed jre.
Been working fine until about a week ago when notarize start failing bad signing, which when examined it's complaining modified files - a handful of jre license and copyright text files.
DMGs built, signed and notarised successfully are now failing codesign verification.
Has a macOS 15.1.1 release or Xcode 16.1 patched something, is there new behaviour to be aware of plse?
Hi, I am a long time programmer in C#, and newer to Rust, and a rookie to MacOS 15.1.
Over the past few days I have made numerous attempts to run a Rust GUI binary that I compiled on Mac.
Here are some examples of things I have tried using.
Executable compiled in M1 mac not running on Apple Silicon Mac - help - The Rust Programming Language Forum
And here....
How to run unsigned apps in macOS 15.1
Also here... "sudo spctl --master-disable"
There are many more that I have tried.
I also tried moving the binary from my developer folder to the Application folder and running....
xattr -r -d com.apple.quarantine /Applications/csv
Note that "csv" is the name of my binary.
You have probably seen this 100 times, so can you point me to me to something that allows my Rust binaries to run under MacOS?
PS The Rust program code works just fine under Linux. I can either type Cargo Run and run the binary from the Terminal or go directly to the executable and double click on it to open the GUI application. The only thing that MacOS lets me do it open the GUI from the Terminal. Commander One says that I do not have the proper credentials to open the file directly. Finder also does not allow me to open the binary directly.
Thanks, Jim
Hello,
I am on maxOS 14.6 and I developed a C++ application for macOS with graphical-user interface by using wxWidgets. The .app application bundle is built correctly and the application runs. Now I would like to sign it to get it notarized.
I get the following error
sudo codesign -vvv --deep --strict MyApp.app/Contents/MacOS/MyApp MyApps.app/Contents/MacOS/MyApp: code has no resources but signature indicates they must be present
If I check the signature I get
% pkgutil --check-signature MyApp.app Package "MyApp": Status: package is invalid (checksum did not verify)
How may I fix this?
Thank you!
Hello,
I'm new at developing an ios app, but I have created a basic app, I plan to use just for me using xcode and the language swift.
I intend to use this app, to display a video and images on ipads that will be used as KIOS on a trade show. I don't need this app to be published on the app store as I intend to use it solely for my use.
Is there a way I can do something like this that won't be restricted with the 10 days restriction?
I learned xcode/swift as little as I could to create the app, but now I'm limited to the 10 days, and only 3 devices. Is there a way I can create an offline app, that doesn't have the all the restrictions? I plan to use these ipads over and over again on tradeshows to display my work.
I am working on releasing my macOS arm64 app. My problem is that after the user downloads the dmg, double-clicking my.app in the dmg, a Gatekeeper pop-up box will appear with a warning that the developer cannot be verified.
Question: Can an application signed with "com.apple.security.cs.disable-library-validation" be published as trusted?
If yes, what steps have I missed?
If not, can I get an official response from Apple?
(Because I referred to this post, it seems to mention that it is possible to publish trusted software.I have looked up similar questions on the forum and tried many things, but nothing works. )
Here are my steps:
Use the codesign to sign my.app. Because my app needs to access third-party dynamic libraries, entitlements.plist contains a "com.apple.security.cs.disable-library-validation". After the "codesign -dvvv" check, the signature was successful.✅
Use the "xcrun notarytool" command to notarize my app, and the status is displayed as accepted.✅
Use "xcrun stapler staple" to attach the notarization to my app, and it returns success.✅
Use the "spctl -a -v " command to verify whether my app has passed Gatekeeper, and it returns that it has passed.✅
Then I packaged my.app into a dmg, and then attached the notarization mark to the dmg, which was successful.✅
I completed the above steps and distributed the dmg. When I downloaded the dmg as a user test and double-clicked my.app in it, the Gatekeeper pop-up box still appeared, and the developer cannot be verified.❌