Post

Replies

Boosts

Views

Activity

Reply to Mac Silicon Ventura - To enable a system extension, it is from now necessary to modify the security settings in the recovery environment
The extension has been in production for several months, it was working on Monterey, Big Sur, Catalina. It's a system extension. The entitlement: <key>Entitlements</key> <dict> <key>com.apple.developer.endpoint-security.client</key> <true/> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.application-identifier</key> <string>XXXXXXXXXX.AAA.BBBBBBBBB.CCCC.DDDDDDDDDDDD.EEEEEEEEE</string> <key>keychain-access-groups</key> <array> <string>XXXXXXXXXX.*</string> </array> <key>com.apple.developer.team-identifier</key> <string>XXXXXXXXXX</string> </dict>
Topic: Privacy & Security SubTopic: General Tags:
Nov ’22
Reply to Mac Silicon Ventura - To enable a system extension, it is from now necessary to modify the security settings in the recovery environment
Thank you for your answer, but I'm not sure this is exactly the same issue. The workaround doesn't seem to work on M1 Macs: "Workaround: Go to System Settings > Privacy & Security > Full Disk Access, select the security product, use the minus (-) button to remove, and then use the plus (+) button to re-add the affected security product. A system restart might be required to restore expected functionality."
Topic: Privacy & Security SubTopic: General Tags:
Nov ’22
Reply to App crashing at startup with "Code Signature Invalid"
I finally managed to fix the problem. I created a dummy application in Xcode embedding my sysext and I was able to recover the right entitlements. Thank you, Quinn, for putting me on the path to the solution. % codesign -d --entitlements :- /Applications/myApp.app Executable=/Applications/myApp.app/Contents/MacOS/kDrive ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.application-identifier/key stringTTTTTTTT.a.b.c.d/string keycom.apple.developer.system-extension.install/key true/ keycom.apple.developer.team-identifier/key stringTTTTTTTT/string /dict /plist % codesign -d --entitlements :- /Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.mySysExt.systemextension Executable=/Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.mySysExt.systemextension/Contents/MacOS/a.b.c.d.mySysExt ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.application-identifier/key stringTTTTTTTT.a.b.c.d.mySysExt/string keycom.apple.developer.endpoint-security.client/key true/ keycom.apple.developer.team-identifier/key stringTTTTTTTT/string /dict /plist
Topic: App & System Services SubTopic: General Tags:
May ’21
Reply to App crashing at startup with "Code Signature Invalid"
I noticed that, in the embedded.provisionprofile of the app, there is: keycom.apple.application-identifier/key stringTTTTTTTT.a.b.c.d/string But the bundle id of the app is "a.b.c.d" (without the team id TTTTTTTT), could it be the problem? Also, in the embedded.provisionprofile of the sysext there is: keycom.apple.application-identifier/key stringTTTTTTTT.a.b.c.d.mySysExt/string Is it OK?
Topic: App & System Services SubTopic: General Tags:
May ’21
Reply to App crashing at startup with "Code Signature Invalid"
Here are the console messages in case that helps. 06:39:23.937315+0200 amfid Requirements for restricted entitlements failed to validate, error -67050, requirements: 'private', error: (null) 06:39:23.937344+0200 amfid Restricted entitlements not validated, bailing out. Error: (null) 06:39:23.937546+0200 kernel AMFI: code signature validation failed. 06:39:23.937516+0200 amfid /Applications/myApp.app/Contents/MacOS/myApp signature not valid: -67050 06:39:23.937551+0200 kernel AMFI: bailing out because of restricted entitlements. 06:39:23.937563+0200 kernel mac_vnode_check_signature: /Applications/myApp.app/Contents/MacOS/myApp: code signature validation failed fatally: When validating /Applications/myApp.app/Contents/MacOS/myApp: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: 06:39:23.937587+0200 kernel proc 1659: load code signature error 4 for file "myApp"
Topic: App & System Services SubTopic: General Tags:
May ’21
Reply to App crashing at startup with "Code Signature Invalid"
% security cms -D -i /Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.e.Extension.systemextension/Contents/embedded.provisionprofile ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keyAppIDName/key string.../string keyApplicationIdentifierPrefix/key array string.../string /array keyCreationDate/key date2021-05-20T06:31:00Z/date keyPlatform/key array stringOSX/string /array keyIsXcodeManaged/key false/ keyDeveloperCertificates/key array dataMIIFtjCCBJ6gAwIBAgIIDPP2OBmNMQwwDQYJKoZIhvcNAQELBQAweTEtMCsGA1UEAwwkRGV2ZWxvcGVyIElEIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMjAwNjIyMTE1OTI1WhcNMjUwNjIzMTE1OTI1WjCBpTEaMBgGCgmSJomT8ixkAQEMCjg2NFZEQ1MyUVkxRTBDBgNVBAMMPERldmVsb3BlciBJRCBBcHBsaWNhdGlvbjogSW5mb21hbmlhayBOZXR3b3JrIFNBICg4NjRWRENTMlFZKTETMBEGA1UECwwKODY0VkRDUzJRWTEeMBwGA1UECgwVSW5mb21hbmlhayBOZXR3b3JrIFNBMQswCQYDVQQGEwJDSDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPkChyZl1hPMQNeU+YEBi+lDQxQsFFmpjrFPpZNlM3noLKvzP8KI9uBs/TEt0Yx/OpbbuQHT+z0afr/eVepffT/c001dMMy96AwesjT0L3VI5tApzBC8Ds+iAXV0LBSkj41rcnxoRSH7tnOcIQ7pQbe2RJVBsc0R686b3lf8RTDDnKsDbYQ0NjLLRu+gg3XQaaF2YkGwavYlOH4W674UbhauyDp427yL4rHmpWqsWB16iKVLngATvhRsIAoMMDQNiqgpwFQvgM+RE87gWITXtMeiLJsN11ycZgC+NwIVlAgk6niLZkPJyQyRXtC/dMYUGlju0OxQJlR3aZ4FDUhl8UCAwEAAaOCAhMwggIPMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUVxftos/cfJihEOD8voctLPLjF1QwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDAzLWRldmlkMDYwggEdBgNVHSAEggEUMIIBEDCCAQwGCSqGSIb3Y2QFATCB/jCBwwYIKwYBBQUHAgIwgbYMgbNSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBwcmFjdGljZSBzdGF0ZW1lbnRzLjA2BggrBgEFBQcCARYqaHR0cDovL3d3dy5hcHBsZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBQSsj8IO9I/UtSJbMvBWka5Yp6GyTAOBgNVHQ8BAf8EBAMCB4AwHwYKKoZIhvdjZAYBIQQRDA8yMDE5MDkxNjAwMDAwMFowEwYKKoZIhvdjZAYBDQEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBABL6WyRaT4OIK8kEpcbAiLyy3J2MRuB9sWIyQR0iYoqZyd3D+I+kEhd25UCuMyxUN48nK1juNoKdHqtkEjl6xJqOioNMAGbBga3jHl8LTmOWZ8u5Vg2ODzsI2uX/oTmHelh1g6dAxk6nl2UBhiJdCTpszJXMPvOHUqIpbH8kRHhQUq+OoRXkkB32bJPd/fLyPjxnPz30tN4OFu6ms6rO08e1Z9avhQntwAMPi6OYy3LAED2n7NOSkdtpP8j9rFCz6yrcZyNjG0D045G1bIA8mVzU95j5bc68Bpb4NUKxC9vqkoUbNbM8vkTOVJmceuBqt3i+3bLRnfkeFwKrtDSeP00=/data /array keyEntitlements/key dict keycom.apple.developer.endpoint-security.client/key true/ keycom.apple.developer.system-extension.install/key true/ keycom.apple.application-identifier/key string....a.b.c.d.e.Extension/string keykeychain-access-groups/key array string....*/string /array keycom.apple.developer.team-identifier/key string.../string /dict keyExpirationDate/key date2039-05-16T06:31:00Z/date keyName/key string.../string keyProvisionsAllDevices/key true/ keyTeamIdentifier/key array string.../string /array keyTeamName/key string.../string keyTimeToLive/key integer6570/integer keyUUID/key string459e51b3-949a-46c2-bfe7-849223959889/string keyVersion/key integer1/integer /dict /plist Into the app bundle, there is also a FinderSync ext and a LoginItem agent. For them, the App Group is mandatory, I think, otherwise, they don't work. % codesign -d --entitlements :- /Applications/myApp.app/Contents/PlugIns/Extension.appex              Executable=/Applications/myApp.app/Contents/PlugIns/Extension.appex/Contents/MacOS/Extension ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.security.app-sandbox/key true/ keycom.apple.security.application-groups/key array string....a.b.c.d/string /array /dict /plist % codesign -d --entitlements :- /Applications/myApp.app/Contents/Library/LoginItems/....a.b.c.d.LoginItemAgent.app Executable=/Applications/myApp.app/Contents/Library/LoginItems/....a.b.c.d.LoginItemAgent.app/Contents/MacOS/....a.b.c.d.LoginItemAgent ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.security.app-sandbox/key true/ keycom.apple.security.application-groups/key array string....a.b.c.d/string /array /dict /plist
Topic: App & System Services SubTopic: General Tags:
May ’21
Reply to App crashing at startup with "Code Signature Invalid"
Unfortunately, the problem persists. % codesign -d --entitlements :- /Applications/myApp.app              Executable=/Applications/myApp.app/Contents/MacOS/myApp ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.developer.system-extension.install/key true/ /dict /plist % codesign -d --entitlements :- /Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.e.Extension.systemextension Executable=/Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.e.Extension.systemextension/Contents/MacOS/a.b.c.d.e.Extension ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.developer.endpoint-security.client/key true/ /dict /plist % security cms -D -i /Applications/myApp.app/Contents/embedded.provisionprofile ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keyAppIDName/key string.../string keyApplicationIdentifierPrefix/key array string.../string /array keyCreationDate/key date2021-05-20T06:30:38Z/date keyPlatform/key array stringOSX/string /array keyIsXcodeManaged/key false/ keyDeveloperCertificates/key array dataMIIFtjCCBJ6gAwIBAgIIDPP2OBmNMQwwDQYJKoZIhvcNAQELBQAweTEtMCsGA1UEAwwkRGV2ZWxvcGVyIElEIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMjAwNjIyMTE1OTI1WhcNMjUwNjIzMTE1OTI1WjCBpTEaMBgGCgmSJomT8ixkAQEMCjg2NFZEQ1MyUVkxRTBDBgNVBAMMPERldmVsb3BlciBJRCBBcHBsaWNhdGlvbjogSW5mb21hbmlhayBOZXR3b3JrIFNBICg4NjRWRENTMlFZKTETMBEGA1UECwwKODY0VkRDUzJRWTEeMBwGA1UECgwVSW5mb21hbmlhayBOZXR3b3JrIFNBMQswCQYDVQQGEwJDSDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPkChyZl1hPMQNeU+YEBi+lDQxQsFFmpjrFPpZNlM3noLKvzP8KI9uBs/TEt0Yx/OpbbuQHT+z0afr/eVepffT/c001dMMy96AwesjT0L3VI5tApzBC8Ds+iAXV0LBSkj41rcnxoRSH7tnOcIQ7pQbe2RJVBsc0R686b3lf8RTDDnKsDbYQ0NjLLRu+gg3XQaaF2YkGwavYlOH4W674UbhauyDp427yL4rHmpWqsWB16iKVLngATvhRsIAoMMDQNiqgpwFQvgM+RE87gWITXtMeiLJsN11ycZgC+NwIVlAgk6niLZkPJyQyRXtC/dMYUGlju0OxQJlR3aZ4FDUhl8UCAwEAAaOCAhMwggIPMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUVxftos/cfJihEOD8voctLPLjF1QwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDAzLWRldmlkMDYwggEdBgNVHSAEggEUMIIBEDCCAQwGCSqGSIb3Y2QFATCB/jCBwwYIKwYBBQUHAgIwgbYMgbNSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBwcmFjdGljZSBzdGF0ZW1lbnRzLjA2BggrBgEFBQcCARYqaHR0cDovL3d3dy5hcHBsZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBQSsj8IO9I/UtSJbMvBWka5Yp6GyTAOBgNVHQ8BAf8EBAMCB4AwHwYKKoZIhvdjZAYBIQQRDA8yMDE5MDkxNjAwMDAwMFowEwYKKoZIhvdjZAYBDQEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBABL6WyRaT4OIK8kEpcbAiLyy3J2MRuB9sWIyQR0iYoqZyd3D+I+kEhd25UCuMyxUN48nK1juNoKdHqtkEjl6xJqOioNMAGbBga3jHl8LTmOWZ8u5Vg2ODzsI2uX/oTmHelh1g6dAxk6nl2UBhiJdCTpszJXMPvOHUqIpbH8kRHhQUq+OoRXkkB32bJPd/fLyPjxnPz30tN4OFu6ms6rO08e1Z9avhQntwAMPi6OYy3LAED2n7NOSkdtpP8j9rFCz6yrcZyNjG0D045G1bIA8mVzU95j5bc68Bpb4NUKxC9vqkoUbNbM8vkTOVJmceuBqt3i+3bLRnfkeFwKrtDSeP00=/data /array keyEntitlements/key dict keycom.apple.developer.system-extension.install/key true/ keycom.apple.application-identifier/key string....a.b.c.d.e/string keykeychain-access-groups/key array string....*/string /array keycom.apple.developer.team-identifier/key string.../string /dict keyExpirationDate/key date2039-05-16T06:30:38Z/date keyName/key string.../string keyProvisionsAllDevices/key true/ keyTeamIdentifier/key array string.../string /array keyTeamName/key string.../string keyTimeToLive/key integer6570/integer keyUUID/key stringcde3e69d-9c21-4ffc-94b3-4379efae014a/string keyVersion/key integer1/integer /dict /plist
Topic: App & System Services SubTopic: General Tags:
May ’21
Reply to App crashing at startup with "Code Signature Invalid"
After adding manually the profile to the app, the issue persists. So now, the entitlements claimed by the app are: % codesign -d --entitlements :- /Applications/myApp.app Executable=/Applications/myApp.app/Contents/MacOS/myApp ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.developer.system-extension.install/key true/ keycom.apple.security.application-groups/key array string....a.b.c.d/string /array /dict /plist And the capabilities of the app: % security cms -D -i /Applications/myApp.app/Contents/embedded.provisionprofile ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keyAppIDName/key string.../string keyApplicationIdentifierPrefix/key array string.../string /array keyCreationDate/key date2021-05-20T06:30:38Z/date keyPlatform/key array stringOSX/string /array keyIsXcodeManaged/key false/ keyDeveloperCertificates/key array dataMIIFtjCCBJ6gAwIBAgIIDPP2OBmNMQwwDQYJKoZIhvcNAQELBQAweTEtMCsGA1UEAwwkRGV2ZWxvcGVyIElEIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMjAwNjIyMTE1OTI1WhcNMjUwNjIzMTE1OTI1WjCBpTEaMBgGCgmSJomT8ixkAQEMCjg2NFZEQ1MyUVkxRTBDBgNVBAMMPERldmVsb3BlciBJRCBBcHBsaWNhdGlvbjogSW5mb21hbmlhayBOZXR3b3JrIFNBICg4NjRWRENTMlFZKTETMBEGA1UECwwKODY0VkRDUzJRWTEeMBwGA1UECgwVSW5mb21hbmlhayBOZXR3b3JrIFNBMQswCQYDVQQGEwJDSDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPkChyZl1hPMQNeU+YEBi+lDQxQsFFmpjrFPpZNlM3noLKvzP8KI9uBs/TEt0Yx/OpbbuQHT+z0afr/eVepffT/c001dMMy96AwesjT0L3VI5tApzBC8Ds+iAXV0LBSkj41rcnxoRSH7tnOcIQ7pQbe2RJVBsc0R686b3lf8RTDDnKsDbYQ0NjLLRu+gg3XQaaF2YkGwavYlOH4W674UbhauyDp427yL4rHmpWqsWB16iKVLngATvhRsIAoMMDQNiqgpwFQvgM+RE87gWITXtMeiLJsN11ycZgC+NwIVlAgk6niLZkPJyQyRXtC/dMYUGlju0OxQJlR3aZ4FDUhl8UCAwEAAaOCAhMwggIPMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUVxftos/cfJihEOD8voctLPLjF1QwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDAzLWRldmlkMDYwggEdBgNVHSAEggEUMIIBEDCCAQwGCSqGSIb3Y2QFATCB/jCBwwYIKwYBBQUHAgIwgbYMgbNSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBwcmFjdGljZSBzdGF0ZW1lbnRzLjA2BggrBgEFBQcCARYqaHR0cDovL3d3dy5hcHBsZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBQSsj8IO9I/UtSJbMvBWka5Yp6GyTAOBgNVHQ8BAf8EBAMCB4AwHwYKKoZIhvdjZAYBIQQRDA8yMDE5MDkxNjAwMDAwMFowEwYKKoZIhvdjZAYBDQEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBABL6WyRaT4OIK8kEpcbAiLyy3J2MRuB9sWIyQR0iYoqZyd3D+I+kEhd25UCuMyxUN48nK1juNoKdHqtkEjl6xJqOioNMAGbBga3jHl8LTmOWZ8u5Vg2ODzsI2uX/oTmHelh1g6dAxk6nl2UBhiJdCTpszJXMPvOHUqIpbH8kRHhQUq+OoRXkkB32bJPd/fLyPjxnPz30tN4OFu6ms6rO08e1Z9avhQntwAMPi6OYy3LAED2n7NOSkdtpP8j9rFCz6yrcZyNjG0D045G1bIA8mVzU95j5bc68Bpb4NUKxC9vqkoUbNbM8vkTOVJmceuBqt3i+3bLRnfkeFwKrtDSeP00=/data /array keyEntitlements/key dict keycom.apple.developer.system-extension.install/key true/ keycom.apple.application-identifier/key string....a.b.c.d.e/string keykeychain-access-groups/key array string....*/string /array keycom.apple.developer.team-identifier/key string.../string /dict keyExpirationDate/key date2039-05-16T06:30:38Z/date keyName/key string.../string keyProvisionsAllDevices/key true/ keyTeamIdentifier/key array string.../string /array keyTeamName/key string.../string keyTimeToLive/key integer6570/integer keyUUID/key stringcde3e69d-9c21-4ffc-94b3-4379efae014a/string keyVersion/key integer1/integer /dict /plist To sum up, the app has got "com.apple.developer.system-extension.install" and the sysext "com.apple.developer.endpoint-security.client". What is missing?
Topic: App & System Services SubTopic: General Tags:
May ’21
Reply to App crashing at startup with "Code Signature Invalid"
Thank you for your help. So, the entitlements claimed by the sysex are: % codesign -d --entitlements :- /Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.e.Extension.systemextension              Executable=/Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.e.Extension.systemextension/Contents/MacOS/a.b.c.d.e.Extension ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd" plist version="1.0" dict keycom.apple.developer.endpoint-security.client/key true/ keycom.apple.security.application-groups/key array string.../string /array /dict /plist com.apple.developer.endpoint-security.client is in the sysex's profile. com.apple.security.application-groups seems to be missing. I have updated my provisioning profile to add App Groups, but the entitlements returned by the "security cms -D -i ..." command are still the same, and the "Code signature invalid" error persists. keyEntitlements/key dict keycom.apple.developer.endpoint-security.client/key true/ keycom.apple.developer.system-extension.install/key true/ keycom.apple.application-identifier/key string....a.b.c.d.e.Extension/string keykeychain-access-groups/key array string....*/string /array keycom.apple.developer.team-identifier/key string.../string /dict
Topic: App & System Services SubTopic: General Tags:
May ’21