Hi,
I am looking for a secure IPC between 2 apps in the same App group. Both the apps will be sandboxed.
I am planning to have one "UI" app and a service App that serves the UI app. I want the communication between the apps to be secure. In this context secure means that even the user/Admin/root of the Mac cannot snoop the actual messages.
I have looked at XPC as an option. But my understanding is that the messages are not encrypted and so the local user can snoop the messages using tools like XPoCe and XPCspy. Please correct me if I am wrong.
http://newosxbook.com/tools/XPoCe2.html
https://github.com/hot3eed/xpcspy
Other option I was thinking was using socket/Rest/grpc using TCP ports and encrypt the messages. Encrypting requires certificates. So can I store private keys in keyChain or App-Group folder? This private cert stored in keychain should not be extractable by the Admin/root of the Mac as well. Please let me know if this is possible.
Thanks a lot for your help.
Post
Replies
Boosts
Views
Activity
Hi,
I am converting a working packet-tunnel Network Extension to distribute using Developer ID (system-extension). And I see that system-extension is getting registered but exiting. Please help. Thanks
NOTE: SIP is disabled
Static Tunnel configuration.
I have gone through lot of similar questions on the forums but not able to figure out what is happening.
Removed NEMachService from the Info.plist since it was forcing me to add "application-group" and this was not part of the provisioning profile.
The following 2 messages in the logs seem suspicious
(NetworkExtension) [com.apple.networkextension:] Signature check failed: code failed to satisfy specified code requirement(s)
***.YYY.network-extension: (NetworkExtension) [com.apple.networkextension:] [Extension ***.YYY]: IPC detached
NE Entitlements:
<dict>
<key>com.apple.application-identifier</key>
<string>TEAM_ID.***.YYY.network-extension</string>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider-systemextension</string>
</array>
<key>com.apple.developer.system-extension.install</key>
<true/>
<key>com.apple.developer.team-identifier</key>
<string>TEAM_ID</string>
<key>keychain-access-groups</key>
<array>
<string>TEAM_ID.*</string>
</array>
</dict>
NE Provision profile:
<key>Entitlements</key>
<dict>
<key>com.apple.developer.system-extension.install</key>
<true/>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider-systemextension</string>
<string>app-proxy-provider-systemextension</string>
<string>content-filter-provider-systemextension</string>
<string>dns-proxy-systemextension</string>
<string>dns-settings</string>
</array>
<key>com.apple.application-identifier</key>
<string>TEAM_ID.***.YYY.network-extension</string>
<key>keychain-access-groups</key>
<array>
<string>TEAM_ID.*</string>
</array>
<key>com.apple.developer.team-identifier</key>
<string>TEAM_ID</string>
</dict>
Logs:
Please see next post. Thanks
I am a newbie to SwiftUI. I have a button with some text. I want to change the text of that button when some external event happens. For example take the string typed in a Text Box and show that as text in the button.
Please share a way to do this. Thanks
Hi,
I am writing a Network Extension (NEPacketTunnelProvider) app for Macos. I am currently using "Mac Developer" Code signing Identity.
When running the app, I am seeing the following error on my mac when the code tries to save (NETunnelProviderManager().saveToPreferences) the packet-tunnel config.
Please help. Thanks
2020-10-22 15:49:08.133266-0700 XXXXXXX[10186:214874] [] Failed to save configuration yyyyyy: Error Domain=NEConfigurationErrorDomain Code=12 "failed to make changes in SCPreferences: (null)" UserInfo={NSLocalizedDescription=failed to make changes in SCPreferences: (null)}
2020-10-22 15:49:08.133441-0700 XXXXXXX[10186:214067] [] Failed to save configuration: Error Domain=NEVPNErrorDomain Code=5 "failed to make changes in SCPreferences: (null)" UserInfo={NSLocalizedDescription=failed to make changes in SCPreferences: (null)}
2020-10-22 15:49:08.133985-0700 XXXXXXX[10186:214067] Add: Saving configuration failed: Error Domain=NEVPNErrorDomain Code=5 "failed to make changes in SCPreferences: (null)" UserInfo={NSLocalizedDescription=failed to make changes in SCPreferences: (null)}
Hi,
I am writing a "Network Extension" (NEPacketTunnelProvider) app for macos. I am using "Developer ID" signing for my Macos app. But it crashes after I start it on my mac. I have already gone through the notarization.
Thanks
Time Awake Since Boot: 13000 seconds
Time Since Wake: 11000 seconds
System Integrity Protection: enabled
Crashed Thread: 0
Exception Type: EXCCRASH (Code Signature Invalid)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXCCORPSENOTIFY
Termination Reason: Namespace CODESIGNING, Code 0x1
kernel messages:
VM Regions Near 0 (cr2):->
TEXT 0000000104aaa000-0000000104b32000 [ 544K] r-x/r-x SM=COW
Thread 0 Crashed:
0 @ Z 0x000000010ddb9000 dyld_start + 0
Thread 0 crashed with X86 Thread State (64-bit):
rax: 0x0000000000000000 rbx: 0x0000000000000000 rcx: 0x0000000000000000 rdx: 0x0000000000000000
rdi: 0x0000000000000000 rsi: 0x0000000000000000 rbp: 0x0000000000000000 rsp: 0x00007ffeeb155b70
r8: 0x0000000000000000 r9: 0x0000000000000000 r10: 0x0000000000000000 r11: 0x0000000000000000
r12: 0x0000000000000000 r13: 0x0000000000000000 r14: 0x0000000000000000 r15: 0x0000000000000000
rip: 0x000000010ddb9000 rfl: 0x0000000000000200 cr2: 0x0000000000000000
Logical CPU: 0
Error Code: 0x00000000
Trap Number: 0