When building on macos, even a blank unity project, the app signature seems to be invalid.
Running codesign --verify --verbose Test.app
on a blank project test app gives the result
Test.app: invalid signature (code or signature have been modified)
Hmm I cannot reproduce this on an empty project. Can you file a bug report with repro steps?
I uploaded the blank project, it came out as Case 1370477
That is wild. I still cannot reproduce it using the project you sent, but I clearly see that the signature is incorrect in the built app that was included in the bug report. Furthermore, I diffed the binaries from the build I made with the binaries you sent. There are exactly 3 differences:
Offset 0x358:
Good: 0x3D
Bad: 0x40
Offset 0x55C:
Good: 0x2D
Bad: 0x30
Good file size: 33597 bytes
Bad file size: 33600 bytes
It seems that the bad file has three additional bytes at the end of the file: they’re all zeroes. The two different bytes at 0x358 and 0x55C are actually different segment and section lengths inside the MachO file:
Good: Segment command (0x0000000000000328 - 0000000000000370) '__LINKEDIT': 0x0000000000008000 - 000000000000833D
Bad: Segment command (0x0000000000000328 - 0000000000000370) '__LINKEDIT': 0x0000000000008000 - 0000000000008340
Good: Code signature command (0x0000000000000550 - 0000000000000560): 0x0000000000008110 - 0x000000000000833D
Bad: Code signature command (0x0000000000000550 - 0000000000000560): 0x0000000000008110 - 0x0000000000008340
The interesting bit is that the hash in the code signature section of the bad file (that Unity wrote out) matches the hash from the good file. Which suggests to me that something is modifying the executable after Unity signs it. I’ve verified our codesigning code and there’s just no way we append those zeroes there.
So the question to you: do you just create a new project, build it and immediately run “codesign --verify --verbose” on it? Do you do anything else to it prior to checking the signature?
Did you install Unity from the hub? Can you try installing Unity 2021.1.23f1 from the hub cleanly and seeing if the issue reproduces there?
I tried doing some more builds, and I can no longer even reproduce my own issues - a freak accident maybe?
Now that the blank project seems right, do you know why an app wouldn’t be signed after running
UnityEditor.OSXStandalone.MacOSCodeSigning.CodeSignAppBundle(newPath);
This is definitely the final action that is ran on the build.
I’m working with this plugin
I can see that they have a postprocess step that signs the build. After that finished, I added a further postprocess step that runs
UnityEditor.OSXStandalone.MacOSCodeSigning.CodeSignAppBundle(newPath);
but after running that command, it still isn’t signed. I even copy the entire .app before to be sure it isn’t changed afterwards
I suspect it’s not handling “.framework” signing correctly. We don’t support .framework plugins in Unity as they break as soon as you copy them outside of macOS filesystem (due to hidden attributes and symlinks inside). Since Unity doesn’t recognize them as plugin, the signing code doesn’t either and it likely messes up the signature they added. Does it work if you remove your own sign step?
thanks, this is really useful information. How would you suggest we proceed? Should we essentially set up our own code signing step with codesign after the build completes?
How should we handle .frameworks in general? does zipping break them? how do we ship it?
The framework is injected into the build as a postprocess step, and after that step, the signature is invalid - I believe it’s due to info.plist modifications
I tried doing the unity sign process after the plist was modified but before the framework is injected, but unfortunately it still complains that the signature is invalid, I can’t seem to figure out what is tripping it though
it simply says invalid signature with no context or file to point at
Can you PM the file that has invalid signature after Unity signs it? I wonder if you’re running into the same thing that you ran into with an empty project (which is bizarre to say the least).
Regarding .framework plugins, what I’ve seen people do is they have them as .zip files (zipped on Mac), that way their project doesn’t break when it’s copied to Windows. Then in OnPostProcessBuild, the .zip is extracted, copied into the .app and it is resigned using “codesign -s - -f /path/to/game.app”.
Hi, do you able to fix this issue?
I see similar issue when I run…
-
codesign -f --deep -s "3rd Party Mac Developer Application: " your.app/Contents/Plugins/unitypurchasing.bundle
-
codesign -f --deep -s "3rd Party Mac Developer Application: " your.app
both of these signing modify the .app file and hence Running codesign --verify --verbose your.app
will says that it has invalid signature.
What exactly does “codesign -vvv --deep your.app” say?