激活无代码DEXT后，获取OSSystemExtensionErrorCodeSignatureInvalid [英] Getting OSSystemExtensionErrorCodeSignatureInvalid After Codeless DEXT is Activated

查看：64 发布时间：2021/5/31 19:21:33 objective-c macos kernel-extension code-signing-entitlements driverkit

本文介绍了激活无代码DEXT后，获取OSSystemExtensionErrorCodeSignatureInvalid的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我构建了一个无代码的DEXT来代替一个有效的无代码的KEXT-将无代码的KEXT迁移到无代码的DEXT .我引用了一些站点和GitHub存储库将它们放在一起，并得到了其他SO用户的帮助.

I built a codeless DEXT to replace a working codeless KEXT - Migrating a codeless KEXT to a codeless DEXT. I referenced a few sites and GitHub repositories to put it together and had help from other SO users.

我正在关闭SIP的情况下运行，开发人员模式已打开(systemextensionsctl开发人员已打开).我正在遵循此处概述的建议 https://github.com/knightsc/USBApp/issues/1 用于签署应用程序和 dex.

I am running with SIP turned off, developer mode is on (systemextensionsctl developer on). I am following the advice outlined here https://github.com/knightsc/USBApp/issues/1 for signing the app and dext.

当我运行该应用程序时，该应用程序已嵌入并要求扩展激活，该功能似乎成功.但是，我接到一个电话-

When I run the app it is embedded in and request activation for the extension, that function seems to succeed. However, I then get a call to -

request:didFailWithError:

当工作队列线程启动时，在我的OSSystemExtensionRequestDelegate派生的请求对象上

.错误是OSSystemExtensionErrorCodeSignatureInvalid.我认为线程与我用来构造OSSystemExtensionRequest的dispatch_queue_t有关.

on my OSSystemExtensionRequestDelegate-derived request object when a work-queue thread starts up. The error is OSSystemExtensionErrorCodeSignatureInvalid. I assume that thread is related to the dispatch_queue_t I used to construct the OSSystemExtensionRequest.

从周围搜索和Apple资料中，我了解OSSystemExtensionErrorCodeSignatureInvalid与权利和签名有关.当我运行systemextensionsctl list时，我得到-

From searching around and Apple source, I understand OSSystemExtensionErrorCodeSignatureInvalid is related to entitlements and signing. When I run systemextensionsctl list I get -

1 extension(s)
--- com.apple.system_extension.driver_extension
enabled active  teamID  bundleID (version)  name    [state]
*   *   <REDACTED>  Home.MyUsbDrver (1.0/1) Home.MyUsbDrver [activated enabled]

当我运行codesign -d -vvv --entitlements:-时，我得到-

When I run codesign -d -vvv --entitlements :- , I get -

Executable=/Users/.../TestDequeueApp.app/Contents/MacOS/TestDequeueApp
Identifier=Home.TestDequeueApp
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20500 size=1055 flags=0x10000(runtime) hashes=24+5 location=embedded
Hash type=sha256 size=32
CandidateCDHash sha256=HASH
CandidateCDHashFull sha256=LONG HASH
Hash choices=sha256
CMSDigest=DIGEST
CMSDigestType=2
CDHash=HASH
Signature size=4745
Authority=Apple Development: MY Apple ID STUFF
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=Aug 6, 2020 at 10:51:41 AM
Info.plist entries=23
TeamIdentifier=TEAM ID
Runtime Version=10.15.6
Sealed Resources version=2 rules=13 files=7
Internal requirements count=1 size=188
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.files.user-selected.read-only</key>
    <true/>
    <key>com.apple.developer.system-extension.install</key>
    <true/>
    <key>com.apple.developer.system-extension.uninstall</key>
    <true/>
</dict>
</plist>

不确定在此是否看到任何错误，并且代码签名脚本似乎正常运行.这是我的DEXT权利文件，其中为旧版设备(我的DEXT info.plist的IOKitPersonalities部分中列出的同一设备)设置了com.apple.developer.driverkit.transport.usb-

Not sure I see anything wrong there and the code signing script seems to run correctly. Here is my DEXT entitlement file with com.apple.developer.driverkit.transport.usb set for a legacy device (the same device listed in IOKitPersonalities section of my DEXT info.plist) -

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.developer.driverkit</key>
    <true/>
    <key>com.apple.developer.driverkit.transport.usb</key>
    <array>
        <dict>
            <key>idVendor</key>
            <integer>5843</integer>
            <key>idProduct</key>
            <integer>33</integer>
        </dict>
    </array>
    <key>com.apple.security.app-sandbox</key>
    <true/>
</dict>
</plist>

因此，该扩展程序似乎处于活动状态且已启用，但是在验证过程中出现了某些故障.

So it seems that the extension is active and enabled, but something fails during validation.

在此问题上的任何帮助或投入，将不胜感激.

Any help or input on this problem would be appreciated.

更新:

仅出于笑容，我运行了未安装系统扩展程序的生产应用程序，以查看它是否会导致我的硬件匹配.自从安装了驱动程序，它就安装了.但是，当我尝试访问设备时，我崩溃了.看来还是进步.

Just for grins, I ran my production app that does not install the system extension to see if it would cause my hardware to match. Since the driver was installed, it did. However, when I tried to access the device I got a crash. That still seems like progress.

推荐答案

经过一个星期的假期根本没有考虑工作，我解决了这个问题！我在如何设置`com中重新阅读了信息.apple.developer.driverkit.transport.usb的权利?，并且意识到我的权利文件格式不正确.

After a week of vacation not thinking about work at all, I figured this problem out! I re-read information in How to set `com.apple.developer.driverkit.transport.usb` entitlement? and realized my entitlements file was not correctly formatted.

这是我的旧文件，是在Xcode的编辑器中创建的:

Here is my old file, created in the editor in Xcode:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.developer.driverkit</key>
    <true/>
    <key>com.apple.developer.driverkit.transport.usb</key>
    <array>
        <dict>
            <key>idVendor</key>
            <integer>VID0</integer>
            <key>idProductArray</key>
            <array/>
            <key>item 0</key>
            <integer>PID0</integer>
            <key>item 1</key>
            <integer>PID1</integer>
            <key>item 2</key>
            <integer>PID2</integer>
            <key>item 3</key>
            <integer>PID3</integer>
            <key>item 4</key>
            <integer>PID4</integer>
        </dict>
    </array>
    <key>com.apple.security.app-sandbox</key>
    <true/>
</dict>
</plist>

由于某种原因，数组元素坚持使用键/值格式.查看帖子中的示例以及有关plist文件的其他信息，我对此进行了手工

For some reason, the array element insisted on having a key/value format. Looking at an example from the post as well as other information about plist files, I hand-edited to this:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.developer.driverkit</key>
    <true/>
    <key>com.apple.developer.driverkit.transport.usb</key>
    <array>
        <dict>
            <key>idVendor</key>
            <integer>VID0</integer>
            <key>idProductArray</key>
            <array>
                <integer>PID0</integer>
                <integer>PID1</integer>
                <integer>PID2</integer>
                <integer>PID3</integer>
                <integer>PID4</integer>
            </array>
        </dict>
    </array>
    <key>com.apple.security.app-sandbox</key>
    <true/>
</dict>
</plist>

现在，数组元素看起来正确，并且驱动程序已加载并运行，因此我可以从设备读取数据.

Now the array element looks correct, and the driver loads and functions so that I can read data from my device.

关于如何使Xcode编辑器运行的任何想法，还是只是我没有正确使用它?

Any ideas on how to make the Xcode editor behave, or is it just me not using it correctly?

这篇关于激活无代码DEXT后，获取OSSystemExtensionErrorCodeSignatureInvalid的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

激活无代码DEXT后，获取OSSystemExtensionErrorCodeSignatureInvalid [英] Getting OSSystemExtensionErrorCodeSignatureInvalid After Codeless DEXT is Activated

问题描述

推荐答案

相关文章

移动开发最新文章

热门教程

热门工具

登录关闭

激活无代码DEXT后，获取OSSystemExtensionErrorCodeSignatureInvalid [英] Getting OSSystemExtensionErrorCodeSignatureInvalid After Codeless DEXT is Activated

问题描述

推荐答案

相关文章

移动开发最新文章

热门教程

热门工具

登录 关闭

登录关闭