Why does my Xamarin.Mac application crash when I enable the Hardened Runtime in order to notarize it?

332 views Asked by At

I am developping an app using .NET Framework 4.5.2 under Visual Studio for Mac.

Apple has added security features to their latest Mac versions, so I'd like to notarize the application so that Gatekeeper can read the generated ticket and other Mac users who download the application don't get a security warning when launching the application.

After Visual Studio builds the application thanks to Xamarin.Mac, I manually run a few commands in order to sign the .app. Then, I create an installer, producing a .dmg file containing the .app file. Then, I send the .dmg file to the notarization service, which produces a report containing the two following lines.

"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",

The commands for signing the .app are the following.

codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/Resources/UpdateApp.app/Contents/MacOS/UpdateApp
codesign -vvv --strict --force --timestamp                      MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/MyFramework
codesign -vvv --strict --force --timestamp                      MyApp.app/Contents/Library/loginItems/LoginApp.app
codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/PlugIns/FinderExt.appex
codesign -vvv --strict --force --timestamp                      MyApp.app

Double-clicking on the .app file launches the application, which is what I want. But the notarization report says

The executable does not have the hardened runtime enabled.

for the two following applications

MyApp.dmg/MyApp.app/Contents/Library/loginItems/LoginApp.app/Contents/MacOS/LoginApp
MyApp.dmg/MyApp.app/Contents/MacOS/MyApp

To try and correct this issue, I have added the --options parameter for the LoginApp.

codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/Resources/UpdateApp.app/Contents/MacOS/UpdateApp
codesign -vvv --strict --force --timestamp                      MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/MyFramework
codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/Library/loginItems/LoginApp.app
codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/PlugIns/FinderExt.appex
codesign -vvv --strict --force --timestamp                      MyApp.app

Double-clicking on the .app file still launches the application, which is what I want. And the notarization report still says

The executable does not have the hardened runtime enabled.

but only for the second application, the one for which the codesign command was not modified.

MyApp.dmg/MyApp.app/Contents/MacOS/MyApp

Therefore, it seemed obvious to me that all I had to do to successfully notarize the application was to modify the second codesign command in the same way.

codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/Resources/UpdateApp.app/Contents/MacOS/UpdateApp
codesign -vvv --strict --force --timestamp                      MyApp.app/Contents/Frameworks/MyFramework.framework/Versions/A/MyFramework
codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/Library/loginItems/LoginApp.app
codesign -vvv --strict --force --timestamp --options runtime    MyApp.app/Contents/PlugIns/FinderExt.appex
codesign -vvv --strict --force --timestamp --options runtime    MyApp.app

And I was right because the notarization report doesn't show errors anymore and a ticket is generated for Gatekeeper. But when I double-click on the .app in order to run the application, this time, it doesn't launch. In Mac's Console app, I can see a crash report is generated with the following lines.

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note:        EXC_CORPSE_NOTIFY

I don't understand how I can get a SIGSEGV crash, since the application is exactly the same and there is only the codesign command which is adapted in order for the application the be notarized.

What I have is that I can either launch the application or have it notarized, and what I want is to have both, a notarized application that can also be launched without crashing, as it does before the codesign commands.

I have read the two following pages of Apple documentation that I could find about that subject, and I think I have followed all the given advice with no luck in resolving my issue.

https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution
https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues

I've been trying to figure out for a while and I tried several combinations of codesign commands and parameters. What am I missing? Thanks in advance for any pointer.

N.B. : all the codesign commands also include a --sign "Developer ID Application: MyCompany ([...])" parameter.

2

There are 2 answers

1
user5732770 On

Open your entitlements.plist file in a text editor and add

<key>com.apple.security.cs.allow-jit</key>
<true/>
0
level120 On

I had the same issue and solved it.

It's that entitlements.plist file add on Mac Signing step.

enter image description here