Hi,how can I check if a code signature contains a signed timestamp?$ codesign -s "Developer ID..." --options runtime -f --timestamp MyApp.app
MyApp.app: replacing existing signature
$ codesign --display -v MyApp.app 2>&1 | grep 2020
Timestamp=30. Apr 2020 at 14:25:45Is this a secure timestamp? Or just a timestamp without signature?In my understanding --timestamp=none should disable secure timestamping:$ codesign -s "Developer ID..." --options runtime -f --timestamp=none MyApp.app
MyApp.app: replacing existing signature
$ codesign --display -v MyApp.app 2>&1 | grep 2020
Signed Time=30. Apr 2020 at 14:24:24Why do I get a a "Signed Time" here??
Post
Replies
Boosts
Views
Activity
Hi,something went wrong with the code signing of my app, but I have not idea how to analyze this problem. I get the following error when launching my app:dyld: Library not loaded: @rpath/QtSvg.framework/Versions/5/QtSvg
Referenced from: /Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/MyApp
Reason: no suitable image found. Did find:
/Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/../Frameworks/QtSvg.framework/Versions/5/QtSvg: code signing blocked mmap() of '/Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/../Frameworks/QtSvg.framework/Versions/5/QtSvg'
/Users/joachim/Programming/myapp-build-release/install/MyApp.app/Contents/MacOS/../Frameworks/QtSvg.framework/Versions/5/QtSvg: stat() failed with errno=1All Frameworks and dylibs have been signed withcodesign --verbose --sign "$DEVID" -i $ID --timestamp $FRAMEWORK/Versions/Current/The app bundle has been signed withcodesign --verbose --sign "$DEVID" --timestamp --options "runtime" --entitlements Entitlements.plist MyApp.appwith entitlement com.apple.security.cs.allow-jit enabled."codesign --verify" reports "valid on disk" and "satisfies its Designated Requirement" for all libs and the executable and bundle. All libs have unique identifiers (-i), got a secure timestamp, and I'm not using "--deep" signing. Referencing the lib with "@executable_path/../Frameworks" instead of "@rpath" doesn't make any difference.The error disappears if I add the com.apple.security.cs.disable-library-validation entitlement or omit the hardened "runtime" option.How can I check what exactly is blocking the library? Has "disable-library-validation" any drawbacks? Will I still be able to notarize the app?