DEVHIDE
Login Or Sign up

notarization rejects my app with: The signature of the binary is invalid

928 Views Asked by At

I'm trying to codesign/notarize an existing app on macOS 10.15 / XCode 12.4.

This is my workflow:

  • as my app is Qt-based, I'm using this Recipe OSX Code-Signing Qt to fix the app-bundle;
  • sign with codesign -vvv --force --options runtime --deep --sign "Developer ID Application: ..." --entitlements myApp.entitlements myApp.app
  • package the .app with zip -rqy
  • upload it to notarization with xcrun altool --notarize-app ...

This is the notarization log:

{
  "logFormatVersion": 1,
  "jobId": "b864c16d-d8dc-464e-aa4f-c2eea5ff6ac4",
  "status": "Invalid",
  "statusSummary": "Archive contains critical validation errors",
  "statusCode": 4000,
  "archiveFilename": "myApp-signed.zip",
  "uploadDate": "2022-07-18T12:25:04Z",
  "sha256": "c324a9ba88dbbaf0e5c325b48c2c22744886d68d450835b0724c7c70258784c2",
  "ticketContents": null,
  "issues": [
    {
      "severity": "error",
      "code": null,
      "path": "myApp-signed.zip/myApp.app/Contents/MacOS/myApp",
      "message": "The signature of the binary is invalid.",
      "docUrl": null,
      "architecture": "x86_64"
    }
  ]
}

but if I look at the signature of that file which is still in the status as when it was uploaded to notarization:

$ codesign -dvv myApp.app/Contents/MacOS/myApp
Executable=/path/to/myApp.app/Contents/MacOS/myApp
Identifier=com.myapp
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20500 size=1580 flags=0x10000(runtime) hashes=40+5 location=embedded
Signature size=8977
Authority=Developer ID Application: My Name (ID)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=18 Jul 2022 at 15:09:09
Info.plist entries=10
TeamIdentifier=6RVQYWZ74B
Runtime Version=11.1.0
Sealed Resources version=2 rules=13 files=4529
Internal requirements count=1 size=192

(additionally, after codesign/altool the app won't start anymore, but this is a different issue)

What is the problem with the main executable of my app?

macos qt codesign notarize
Original Q&A
3

There are 3 best solutions below

0
Nils Hendriksen On

Another thing that might cause "The signature of the binary is invalid": I had an Info.plist file that had Windows line endings. When I changed to unix line endings, the notarization succeeded. Took me a while to figure out what was wrong...

0
tonisives On

My problem was that I signed .app with Installer signature. I needed to use App signature

0
glennr On

Also had this issue. In my case it was caused by using the zip utility (/usr/bin/zip) to create the zip archive (who'd have thought?!).

zip -r "$ZIP_PATH" "$APP_PATH"

was replaced by

/usr/bin/ditto -c -k –sequesterRsrc --keepParent "$APP_PATH" "$ZIP_PATH"

Apparently this is because standard zip somehow breaks the UTF8 encoding.

ref: https://developer.apple.com/forums/thread/116831

Related Questions in MACOS

Related Questions in QT

Related Questions in CODESIGN

Related Questions in NOTARIZE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.