Very very nice project showing how to build project with DriverKit extension. Far better than USBApp!

One quick question, can you confirm that you must have the appropriate entitlements from Apple before you can successfully load the driver extension?

I have built the app, signed with my cert, and get "Invalid code signature or missing entitlements".

I do have the driverkit.transport.usb entitlement, but not the driverkit.family.hid and driverkit.transport.hid entitlements.

Thanks!

It depends SIP status.

You do not need to acquire entitlements from Apple if SIP is disabled in your test environments.

Of course, you need the properly entitlements If you want to test your driver extension in SIP environment.

Another reason, the error will happen if you set invalid keys in entitlements.plist. See DEVELOPMENT.md: https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/blob/master/DEVELOPMENT.md#errors

Thanks for your reply! And again thanks for your project, and for making it buildable from the command line.

I have disabled SIP:

[1:1] % csrutil status System Integrity Protection status: disabled.

And the only change I have made to your project is to use my certificate:

[3:3] % git status On branch master Your branch is up to date with 'origin/master'. Changes not staged for commit: (use "git add ..." to update what will be committed) (use "git restore ..." to discard changes in working directory) modified: src/scripts/codesign.sh no changes added to commit (use "git add" and/or "git commit -a")

I built the project using make (after brew install xcodegen).

The Karabiner app message:

activation of org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard is requested request of org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard is failed with error: invalid code signature or missing entitlements

The log shows:

[51:52] % ./log-follow.sh

log stream --predicate 'sender == "sysextd" or sender CONTAINS "org.com.belcarra" or sender CONTAINS "org.pqrs"' --info --debug Filtering the log data using "sender == "sysextd" OR sender CONTAINS "org.com.belcarra" OR sender CONTAINS "org.pqrs"" Timestamp Thread Type Activity PID TTL 2020-05-20 10:54:26.723613-0700 0x4579b2 Debug 0x275cde 39302 0 sysextd: upgrading connection to nsxpc 2020-05-20 10:54:26.726061-0700 0x457ad4 Debug 0x275cde 39302 0 sysextd: client activation request for org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard 2020-05-20 10:54:26.726102-0700 0x457ad4 Default 0x275cde 39302 0 sysextd: attempting to realize extension with identifier org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard 2020-05-20 10:54:26.729166-0700 0x457ad4 Info 0x0 39302 0 sysextd: client connection (pid 78701) invalidated

codesign appears to think the text is signed correctly:

[5:5] % codesign --verify --verbose org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: valid on disk org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: satisfies its Designated Requirement

My goal is to get your project working, then add a virtual network extension.

Any suggestions would be welcome. Thanks!

On Wed, May 20, 2020 at 5:21 AM Takayama Fumihiko notifications@github.com wrote:

It depends SIP status.

You do not need to acquire entitlements from Apple if SIP is disabled in your test environments.

Of course, you need the properly entitlements If you want to test your driver extension in SIP environment.

Another reason, the error will happen if you set invalid keys in entitlements.plist. See DEVELOPMENT.md:

https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/blob/master/DEVELOPMENT.md#errors

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/issues/1#issuecomment-631439247, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALJH5BHG4NNLMMDGUMJ4N3RSPDNFANCNFSM4NFVIIDA .

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

Hmm, it's strange.

What's the result of the following commands?

systemextensionsctl list

cd Karabiner-DriverKit-VirtualHIDDevice/src
make verify

The systemextensionsctl result should be:

0 extension(s)

or

1 extension(s)
--- com.apple.system_extension.driver_extension
enabled active  teamID  bundleID (version)      name    [state]
*       *       G43BCU2T37      org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard (0.2.13/0.2.13) org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard[activated enabled]

The make verify result should be:

codesign -vvv -display build/Release/KarabinerDriverKitVirtualHIDDevice.app
Executable=/Volumes/repo/tekezo/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/sr
c/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice
Identifier=org.pqrs.KarabinerDriverKitVirtualHIDDevice
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20500 size=1687 flags=0x10000(runtime) hashes=43+5 location=embe
dded
Hash type=sha256 size=32
CandidateCDHash sha256=e3c98e1faa694dd9340fbfe6d0285e095e72167a
CandidateCDHashFull sha256=e3c98e1faa694dd9340fbfe6d0285e095e72167a69f01dbd8f024
1e19d7cff59
Hash choices=sha256
CMSDigest=e3c98e1faa694dd9340fbfe6d0285e095e72167a69f01dbd8f0241e19d7cff59
CMSDigestType=2
CDHash=e3c98e1faa694dd9340fbfe6d0285e095e72167a
Signature size=4746
Authority=Apple Development: Fumihiko Takayama (YVB3SM6ECS)
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=May 21, 2020 12:46:24                                               Info.plist entries=23                                                           TeamIdentifier=G43BCU2T37
Runtime Version=10.15.4                                                         Sealed Resources version=2 rules=13 files=8                                     Internal requirements count=1 size=212

codesign --display --entitlements :- build/Release/KarabinerDriverKitVirtualHIDDevice.app
Executable=/Volumes/repo/tekezo/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/sr
c/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerD
riverKitVirtualHIDDevice
<?xml version="1.0" encoding="UTF-8"?>                                          <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/
PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>com.apple.application-identifier</key>
    <string>G43BCU2T37.org.pqrs.KarabinerDriverKitVirtualHIDDevice</string>
    <key>com.apple.developer.system-extension.install</key>
    <true/>
  </dict>
</plist>

...

On Wed, May 20, 2020 at 8:47 PM Takayama Fumihiko notifications@github.com wrote:

Hmm, it's strange.

What's the result of the following commands?

systemextensionsctl list

0 extensions.

cd Karabiner-DriverKit-VirtualHIDDevice/src make verify

codesign -vvv -display build/Release/KarabinerDriverKitVirtualHIDDevice.app Executable=/Users/sl/Documents/Karabiner-DriverKit-VirtualHIDDevice/src/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice Identifier=org.pqrs.KarabinerDriverKitVirtualHIDDevice Format=app bundle with Mach-O thin (x86_64) CodeDirectory v=20100 size=1628 flags=0x2(adhoc) hashes=43+5 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=c843fe9372b1fa7232a9f71bc5157d52eeb2f4de CandidateCDHashFull sha256=c843fe9372b1fa7232a9f71bc5157d52eeb2f4ded48dbaf697b3e37a387d0e58 Hash choices=sha256 CMSDigest=c843fe9372b1fa7232a9f71bc5157d52eeb2f4ded48dbaf697b3e37a387d0e58 CMSDigestType=2 CDHash=c843fe9372b1fa7232a9f71bc5157d52eeb2f4de Signature=adhoc Info.plist entries=23 TeamIdentifier=not set Sealed Resources=none Internal requirements count=0 size=12

codesign --display --entitlements :- build/Release/KarabinerDriverKitVirtualHIDDevice.app Executable=/Users/sl/Documents/Karabiner-DriverKit-VirtualHIDDevice/src/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" " http://www.apple.com/DTDs/PropertyList-1.0.dtd">

com.apple.security.get-task-allow

codesign -vvv -display build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext Executable=/Users/sl/Documents/Karabiner-DriverKit-VirtualHIDDevice/src/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard Identifier=org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard Format=bundle with Mach-O thin (x86_64) CodeDirectory v=20400 size=528 flags=0x2(adhoc) hashes=7+5 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=ff15d02dd3fc9e8f85088773209f5b2c6259f193 CandidateCDHashFull sha256=ff15d02dd3fc9e8f85088773209f5b2c6259f193a1762ab37493154802214435 Hash choices=sha256 CMSDigest=ff15d02dd3fc9e8f85088773209f5b2c6259f193a1762ab37493154802214435 CMSDigestType=2 CDHash=ff15d02dd3fc9e8f85088773209f5b2c6259f193 Signature=adhoc Info.plist entries=20 TeamIdentifier=not set Sealed Resources version=2 rules=10 files=0 Internal requirements count=0 size=12

codesign --display --entitlements :- build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext Executable=/Users/sl/Documents/Karabiner-DriverKit-VirtualHIDDevice/src/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" " http://www.apple.com/DTDs/PropertyList-1.0.dtd">

com.apple.security.get-task-allow

The complete set of changes

git diff diff --git a/src/DriverKit/entitlements.plist b/src/DriverKit/entitlements.plist index 0b04b36..bf4fe70 100644 --- a/src/DriverKit/entitlements.plist +++ b/src/DriverKit/entitlements.plist @@ -3,7 +3,7 @@

com.apple.application-identifier - G43BCU2T37.org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard + F7XQY5N68B.org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard com.apple.developer.driverkit com.apple.developer.driverkit.family.hid.device diff --git a/src/ExtensionManager/entitlements.plist b/src/ExtensionManager/entitlements.plist index 93dcccb..898e165 100644 --- a/src/ExtensionManager/entitlements.plist +++ b/src/ExtensionManager/entitlements.plist @@ -3,7 +3,7 @@ com.apple.application-identifier - G43BCU2T37.org.pqrs.KarabinerDriverKitVirtualHIDDevice + F7XQY5N68B.org.pqrs.KarabinerDriverKitVirtualHIDDevice com.apple.developer.system-extension.install diff --git a/src/scripts/codesign.sh b/src/scripts/codesign.sh index 4bbb8c9..0d01265 100755 --- a/src/scripts/codesign.sh +++ b/src/scripts/codesign.sh @@ -1,15 +1,20 @@ #!/bin/bash # Replace with your identity -readonly CODE_SIGN_IDENTITY=2772A6CA4AFC07DF97C2BB1BFD92EA182BF4B2B5 +readonly CODE_SIGN_IDENTITY=AF81FE1962517ECAABF73719286C4829C4C06EA5 > ------------------------------ > > The systemextensionsctl result should be: > > 0 extension(s) > > or > > 1 extension(s) > --- com.apple.system_extension.driver_extension > enabled active teamID bundleID (version) name [state] > * * G43BCU2T37 org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard (0.2.13/0.2.13) org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard[activated enabled] > > The make verify result should be: > > codesign -vvv -display build/Release/KarabinerDriverKitVirtualHIDDevice.app > Executable=/Volumes/repo/tekezo/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/sr > c/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice > Identifier=org.pqrs.KarabinerDriverKitVirtualHIDDevice > Format=app bundle with Mach-O thin (x86_64) > CodeDirectory v=20500 size=1687 flags=0x10000(runtime) hashes=43+5 location=embe > dded > Hash type=sha256 size=32 > CandidateCDHash sha256=e3c98e1faa694dd9340fbfe6d0285e095e72167a > CandidateCDHashFull sha256=e3c98e1faa694dd9340fbfe6d0285e095e72167a69f01dbd8f024 > 1e19d7cff59 > Hash choices=sha256 > CMSDigest=e3c98e1faa694dd9340fbfe6d0285e095e72167a69f01dbd8f0241e19d7cff59 > CMSDigestType=2 > CDHash=e3c98e1faa694dd9340fbfe6d0285e095e72167a > Signature size=4746 > Authority=Apple Development: Fumihiko Takayama (YVB3SM6ECS) > Authority=Apple Worldwide Developer Relations Certification Authority > Authority=Apple Root CA > Signed Time=May 21, 2020 12:46:24 Info.plist entries=23 TeamIdentifier=G43BCU2T37 > Runtime Version=10.15.4 Sealed Resources version=2 rules=13 files=8 Internal requirements count=1 size=212 > > codesign --display --entitlements :- build/Release/KarabinerDriverKitVirtualHIDDevice.app > Executable=/Volumes/repo/tekezo/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/sr > c/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerD > riverKitVirtualHIDDevice > PropertyList-1.0.dtd "> > > > com.apple.application-identifier > G43BCU2T37.org.pqrs.KarabinerDriverKitVirtualHIDDevice > com.apple.developer.system-extension.install > > > > > ... > > — > You are receiving this because you authored the thread. > Reply to this email directly, view it on GitHub > , > or unsubscribe > > . > -- Belcarra Embedded USB Software Stuart_Lynne 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

Thank you for information!

Signature=adhoc

This issue is cause by signing with adhoc signature.

I added the detailed way to determine your code sign identity. I believe it helps you. https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice#steps

No luck!

I also have four cert's to choose from:

security find-identity -p codesigning -v 1) 2A6EB38FFA79ECEBC6C6AD4E50DFE59276AD862F "Developer ID Application: Belcarra Technologies (2005) Corp. (F7XQY5N68B)" 2) 417A04C3E587F44D066B590A60AAB2A9457BEFED "Developer ID Application: Belcarra Technologies (2005) Corp. (F7XQY5N68B)" 3) D9AC95CF9C19F7060A80ECC5959A2A7A76B04695 "Apple Development: Stuart Lynne (DYS5G64736)" 4) AF81FE1962517ECAABF73719286C4829C4C06EA5 "Developer ID Application: Belcarra Technologies (2005) Corp. (F7XQY5N68B)" 4 valid identities found

4 is a new cert to replace #1 which expires in a few weeks. They have the

KEXT flag and are what I normally would use for signing our KEXT driver.

All produce almost identical results from make verify. And all fail.

In your README you are using the 2nd one. Which says Apple Development. I have one that is Apple Development, no difference.

1) 8D660191481C98F5C56630847A6C39D95C166F22 "Developer ID Application: Fumihiko Takayama (G43BCU2T37)" 2) 6B9AF0D3B3147A69C5E713773ADD9707CB3480D9 "Apple Development: Fumihiko Takayama (YVB3SM6ECS)" 3) 637B86ED1C06AE99854E9F5A5DCE02DA58F2BBF4 "Mac Developer: Fumihiko Takayama (YVB3SM6ECS)" 4) 987BC26C6474DF0C0AF8BEA797354873EC83DC96 "Apple Distribution: Fumihiko Takayama (G43BCU2T37)" 4 valid identities found Choose one of them (e.g., 6B9AF0D3B3147A69C5E713773ADD9707CB3480D9) and replace existing CODE_SIGN_IDENTITY with yours as follows.

Replace with your identity

readonly CODE_SIGN_IDENTITY=6B9AF0D3B3147A69C5E713773ADD9707CB3480D9

I have attached the output from log showing some additional information.

com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc765706cf0 rule ^Contents$ added (weight 0, flags 0x12) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc7654044f0 rule ^(.LSOverride|.DS_Store|Icon com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 4 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:macho] 0x7fc765604180 is a thin file (x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:machorep] 1943 signing bytes in 4 blob(s) from /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice(x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:cfloadfile] failed to fetch /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/_CodeSignature/CodeRequirements-1 error=-10 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/Info.plist,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(4) err: 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -1 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -1 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded InfoDict 0x7fd36d62e750 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -5 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -5 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded Entitlements 0x7fd36f039a90 sysextd: upgrading connection to nsxpc sysextd: client activation request for org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard sysextd: client activation request for org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard sysextd: attempting to realize extension with identifier org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard sysextd: attempting to realize extension with identifier org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc765504bc0 rule ^Contents$ added (weight 0, flags 0x12) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc7655051e0 rule ^(.LSOverride|.DS_Store|Icon com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 4 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:macho] 0x7fc765504a30 is a thin file (x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:machorep] 1943 signing bytes in 4 blob(s) from /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice(x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:cfloadfile] failed to fetch /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/_CodeSignature/CodeRequirements-1 error=-10 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/Info.plist,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -1 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(4) err: 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -1 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded InfoDict 0x7fd36d70c930 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -5 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -5 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded Entitlements 0x7fd36d7079c0 sysextd: client connection (pid 8689) invalidated

On Thu, May 21, 2020 at 12:55 AM Takayama Fumihiko notifications@github.com wrote:

Thank you for information!

Signature=adhoc

This issue is cause by signing by adhoc signature.

I added the detailed way to determine your code sign identity. I believe it helps you. https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice#steps

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/issues/1#issuecomment-631943392, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALJH5EMES47T5LCXDI6TZTRSTNAJANCNFSM4NFVIIDA .

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

log stream --level debug
sed -n -e 1p -e /com.apple.CodeSigningHelper/p -e /org.pqrs/p -e /belcarra/p -e /sysextd/p Timestamp Thread Type Activity PID TTL
2020-05-21 01:18:38.571335-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc765706cf0 rule ^Contents$ added (weight 0, flags 0x12) |.SoftwareDepot.tracking)$ added (weight 0, flags 0x9)x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc7654044f0 rule ^(.LSOverride|.DS_Store|Icon 2020-05-21 01:18:38.571509-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app 2020-05-21 01:18:38.571620-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents 2020-05-21 01:18:38.571663-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents 2020-05-21 01:18:38.571697-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app 2020-05-21 01:18:38.572183-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 3 2020-05-21 01:18:38.572318-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 4 2020-05-21 01:18:38.572434-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:macho] 0x7fc765604180 is a thin file (x86_64) 2020-05-21 01:18:38.572515-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 2020-05-21 01:18:38.572743-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:machorep] 1943 signing bytes in 4 blob(s) from /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice(x86_64) 2020-05-21 01:18:38.572919-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:cfloadfile] failed to fetch /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/_CodeSignature/CodeRequirements-1 error=-10 2020-05-21 01:18:38.573071-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/Info.plist,0x0,0x1b6) = 3 2020-05-21 01:18:38.573178-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 2020-05-21 01:18:38.573263-0700 0x325e0 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(4) err: 0 2020-05-21 01:18:38.573585-0700 0x3238c Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -1 2020-05-21 01:18:38.573673-0700 0x3238c Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -1 2020-05-21 01:18:38.573855-0700 0x3238c Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded InfoDict 0x7fd36d62e750 2020-05-21 01:18:38.573929-0700 0x3238c Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -5 2020-05-21 01:18:38.573979-0700 0x3238c Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -5 2020-05-21 01:18:38.574054-0700 0x3238c Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded Entitlements 0x7fd36f039a90 2020-05-21 01:18:38.574455-0700 0x3238c Debug 0x2b19e 783 0 sysextd: upgrading connection to nsxpc 2020-05-21 01:18:38.578855-0700 0x32568 Debug 0x2b19e 783 0 sysextd: client activation request for org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard 2020-05-21 01:18:38.578855-0700 0x32568 Debug 0x2b19e 783 0 sysextd: client activation request for org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard 2020-05-21 01:18:38.578954-0700 0x32568 Default 0x2b19e 783 0 sysextd: attempting to realize extension with identifier org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard 2020-05-21 01:18:38.578954-0700 0x32568 Default 0x2b19e 783 0 sysextd: attempting to realize extension with identifier org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard 2020-05-21 01:18:38.580046-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc765504bc0 rule ^Contents$ added (weight 0, flags 0x12) |.SoftwareDepot.tracking)$ added (weight 0, flags 0x9)x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc7655051e0 rule ^(.LSOverride|.DS_Store|Icon 2020-05-21 01:18:38.580184-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app 2020-05-21 01:18:38.580270-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents 2020-05-21 01:18:38.580305-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents 2020-05-21 01:18:38.580345-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app 2020-05-21 01:18:38.580721-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 3 2020-05-21 01:18:38.580816-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 4 2020-05-21 01:18:38.580862-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:macho] 0x7fc765504a30 is a thin file (x86_64) 2020-05-21 01:18:38.580917-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 2020-05-21 01:18:38.581077-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:machorep] 1943 signing bytes in 4 blob(s) from /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice(x86_64) 2020-05-21 01:18:38.581170-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:cfloadfile] failed to fetch /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/_CodeSignature/CodeRequirements-1 error=-10 2020-05-21 01:18:38.581323-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/Info.plist,0x0,0x1b6) = 3 2020-05-21 01:18:38.581448-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 2020-05-21 01:18:38.581571-0700 0x32568 Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -1 2020-05-21 01:18:38.581539-0700 0x32401 Debug 0x2b19e 302 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(4) err: 0 2020-05-21 01:18:38.581648-0700 0x32568 Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -1 2020-05-21 01:18:38.581828-0700 0x32568 Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded InfoDict 0x7fd36d70c930 2020-05-21 01:18:38.581889-0700 0x32568 Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -5 2020-05-21 01:18:38.581953-0700 0x32568 Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -5 2020-05-21 01:18:38.582018-0700 0x32568 Debug 0x2b19e 783 0 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded Entitlements 0x7fd36d7079c0 2020-05-21 01:18:38.582576-0700 0x32568 Info 0x0 783 0 sysextd: client connection (pid 8689) invalidated

One other difference between your verify and mine, your app has the system-extension.install key in the entitlements.

codesign --display --entitlements :- build/Release/KarabinerDriverKitVirtualHIDDevice.app Executable=/Volumes/repo/tekezo/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/sr c/build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerD riverKitVirtualHIDDevice <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" " http://www.apple.com/DTDs/ PropertyList-1.0.dtd">

com.apple.application-identifier G43BCU2T37.org.pqrs.KarabinerDriverKitVirtualHIDDevice com.apple.developer.system-extension.install

On Thu, May 21, 2020 at 1:27 AM Stuart Lynne stuart.lynne@belcarra.com wrote:

No luck!

I also have four cert's to choose from:

security find-identity -p codesigning -v 1) 2A6EB38FFA79ECEBC6C6AD4E50DFE59276AD862F "Developer ID Application: Belcarra Technologies (2005) Corp. (F7XQY5N68B)" 2) 417A04C3E587F44D066B590A60AAB2A9457BEFED "Developer ID Application: Belcarra Technologies (2005) Corp. (F7XQY5N68B)" 3) D9AC95CF9C19F7060A80ECC5959A2A7A76B04695 "Apple Development: Stuart Lynne (DYS5G64736)" 4) AF81FE1962517ECAABF73719286C4829C4C06EA5 "Developer ID Application: Belcarra Technologies (2005) Corp. (F7XQY5N68B)" 4 valid identities found

4 is a new cert to replace #1 which expires in a few weeks. They have the

KEXT flag and are what I normally would use for signing our KEXT driver.

All produce almost identical results from make verify. And all fail.

In your README you are using the 2nd one. Which says Apple Development. I have one that is Apple Development, no difference.

1) 8D660191481C98F5C56630847A6C39D95C166F22 "Developer ID Application: Fumihiko Takayama (G43BCU2T37)" 2) 6B9AF0D3B3147A69C5E713773ADD9707CB3480D9 "Apple Development: Fumihiko Takayama (YVB3SM6ECS)" 3) 637B86ED1C06AE99854E9F5A5DCE02DA58F2BBF4 "Mac Developer: Fumihiko Takayama (YVB3SM6ECS)" 4) 987BC26C6474DF0C0AF8BEA797354873EC83DC96 "Apple Distribution: Fumihiko Takayama (G43BCU2T37)" 4 valid identities found Choose one of them (e.g., 6B9AF0D3B3147A69C5E713773ADD9707CB3480D9) and replace existing CODE_SIGN_IDENTITY with yours as follows.

Replace with your identity

readonly CODE_SIGN_IDENTITY=6B9AF0D3B3147A69C5E713773ADD9707CB3480D9

I have attached the output from log showing some additional information.

com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc765706cf0 rule ^Contents$ added (weight 0, flags 0x12) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc7654044f0 rule ^(.LSOverride|.DS_Store|Icon com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 4 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:macho] 0x7fc765604180 is a thin file (x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:machorep] 1943 signing bytes in 4 blob(s) from /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice(x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:cfloadfile] failed to fetch /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/_CodeSignature/CodeRequirements-1 error=-10 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/Info.plist,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(4) err: 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -1 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -1 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded InfoDict 0x7fd36d62e750 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -5 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d80be30 validating slot -5 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded Entitlements 0x7fd36f039a90 sysextd: upgrading connection to nsxpc sysextd: client activation request for org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard sysextd: client activation request for org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard sysextd: attempting to realize extension with identifier org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard sysextd: attempting to realize extension with identifier org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc765504bc0 rule ^Contents$ added (weight 0, flags 0x12) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:csresource] 0x7fc7655051e0 rule ^(.LSOverride|.DS_Store|Icon com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] entering /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents com.apple.CodeSigningHelper: (Security) [com.apple.securityd:dirval] leaving /Applications/KarabinerDriverKitVirtualHIDDevice.app com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice,0x0,0x1b6) = 4 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:macho] 0x7fc765504a30 is a thin file (x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:machorep] 1943 signing bytes in 4 blob(s) from /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/MacOS/KarabinerDriverKitVirtualHIDDevice(x86_64) com.apple.CodeSigningHelper: (Security) [com.apple.securityd:cfloadfile] failed to fetch /Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/_CodeSignature/CodeRequirements-1 error=-10 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] open(/Applications/KarabinerDriverKitVirtualHIDDevice.app/Contents/Info.plist,0x0,0x1b6) = 3 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(3) err: 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -1 com.apple.CodeSigningHelper: (Security) [com.apple.securityd:unixio] close(4) err: 0 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -1 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded InfoDict 0x7fd36d70c930 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -5 sysextd: (Security) [com.apple.securityd:codedir] 0x7fd36d819230 validating slot -5 sysextd: (Security) [com.apple.securityd:staticCode] 0x7fd36d409198 loaded Entitlements 0x7fd36d7079c0 sysextd: client connection (pid 8689) invalidated

On Thu, May 21, 2020 at 12:55 AM Takayama Fumihiko < notifications@github.com> wrote:

Thank you for information!

Signature=adhoc

This issue is cause by signing by adhoc signature.

I added the detailed way to determine your code sign identity. I believe it helps you. https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice#steps

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/issues/1#issuecomment-631943392, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALJH5EMES47T5LCXDI6TZTRSTNAJANCNFSM4NFVIIDA .

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

These entitlements are injected at the codesign stage. I guess there are error messages at your codesigning.

Could you show the result of the following command?

cd Karabiner-DriverKit-VirtualHIDDevice/src
make codesign

My result:

bash scripts/codesign.sh build/Release
build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: replacing existing signature
build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: signed bundle with Mach-O thin (x86_64) [org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard]
build/Release/KarabinerDriverKitVirtualHIDDevice.app: replacing existing signature
build/Release/KarabinerDriverKitVirtualHIDDevice.app: signed app bundle with Mach-O thin (x86_64) [org.pqrs.KarabinerDriverKitVirtualHIDDevice]

Definitely different

./scripts/codesign.sh

codesign --sign D9AC95CF9C19F7060A80ECC5959A2A7A76B04695 --entitlements DriverKit/entitlements.plist --options runtime --verbose --force build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: errSecInternalComponent
codesign --sign D9AC95CF9C19F7060A80ECC5959A2A7A76B04695 --entitlements ExtensionManager/entitlements.plist --options runtime --verbose --force build/Release/KarabinerDriverKitVirtualHIDDevice.app build/Release/KarabinerDriverKitVirtualHIDDevice.app: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app: errSecInternalComponent

On Thu, May 21, 2020 at 1:37 AM Takayama Fumihiko notifications@github.com wrote:

These entitlements are injected at the codesign stage. I guess there are error messages at your codesigning.

Could you show the result of the following command?

cd Karabiner-DriverKit-VirtualHIDDevice/src make codesign

My result:

bash scripts/codesign.sh build/Release build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: signed bundle with Mach-O thin (x86_64) [org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard] build/Release/KarabinerDriverKitVirtualHIDDevice.app: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app: signed app bundle with Mach-O thin (x86_64) [org.pqrs.KarabinerDriverKitVirtualHIDDevice]

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/issues/1#issuecomment-631962179, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALJH5BPMX2XOCQDOCDSUNLRSTR3RANCNFSM4NFVIIDA .

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

That's great! You're getting an error message.

errSecInternalComponent

Search the Internet by the error messages and fix it. Good luck!

OK, solved, almost.

I had been signing in an ssh session, moving to terminal window in actual display (remote desktop vncviewer) and it works.

That gets me at least as far as having it loading!

A bit more sleuthing into my KEXT build scripts and we find:

security unlock-keychain -p '{}' /Users/${USER}/Library/Keychains/login.keychain || killme "security program could not unlock the keychain for ${USER}"

That appears to allow codesign to be happy ssh context.

On Thu, May 21, 2020 at 1:42 AM Stuart Lynne stuart.lynne@belcarra.com wrote:

Definitely different

./scripts/codesign.sh

codesign --sign D9AC95CF9C19F7060A80ECC5959A2A7A76B04695 --entitlements DriverKit/entitlements.plist --options runtime --verbose --force build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: errSecInternalComponent

codesign --sign D9AC95CF9C19F7060A80ECC5959A2A7A76B04695 --entitlements ExtensionManager/entitlements.plist --options runtime --verbose --force build/Release/KarabinerDriverKitVirtualHIDDevice.app build/Release/KarabinerDriverKitVirtualHIDDevice.app: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app: errSecInternalComponent

On Thu, May 21, 2020 at 1:37 AM Takayama Fumihiko < notifications@github.com> wrote:

These entitlements are injected at the codesign stage. I guess there are error messages at your codesigning.

Could you show the result of the following command?

cd Karabiner-DriverKit-VirtualHIDDevice/src make codesign

My result:

bash scripts/codesign.sh build/Release build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app/Contents/Library/SystemExtensions/org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard.dext: signed bundle with Mach-O thin (x86_64) [org.pqrs.driverkit.KarabinerDriverKitVirtualHIDKeyboard] build/Release/KarabinerDriverKitVirtualHIDDevice.app: replacing existing signature build/Release/KarabinerDriverKitVirtualHIDDevice.app: signed app bundle with Mach-O thin (x86_64) [org.pqrs.KarabinerDriverKitVirtualHIDDevice]

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/issues/1#issuecomment-631962179, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALJH5BPMX2XOCQDOCDSUNLRSTR3RANCNFSM4NFVIIDA .

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

Yes, that is what pointed out the problem.

Thanks again for the help. I have been poking at USBApp for months now while trying to get entitlements from Apple. They finally (after two months) granted me the com.apple.developer.driverkit.transport.usb, but apparently you also need the com.apple.developer.driverkit one as well. And they haven't got back to me yet on that (two weeks).

I far prefer to stay well away from Xcode, your build approach is far cleaner and easier to work with. For our KEXT I have a config script that generates all of the lists and Xcode project files. Looks like xcodegen does that in a cleaner fashion.

Thanks!

On Thu, May 21, 2020 at 1:52 AM Takayama Fumihiko notifications@github.com wrote:

That's great! You're getting an error message.

errSecInternalComponent

Search the error message and fix it. Good luck!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pqrs-org/Karabiner-DriverKit-VirtualHIDDevice/issues/1#issuecomment-631968671, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALJH5DTFP2TYMEACPGEP7TRSTTTNANCNFSM4NFVIIDA .

-- Belcarra Embedded USB Software Stuart_Lynne sl@belcarra.com 604-461-7532 Alternates: 604-283-7475 and 604-518-1749(cell) http://usblan.belcarra.com http://www.belcarra.com

pqrs-org / Karabiner-DriverKit-VirtualHIDDevice

Quick question about entitlements #1

4 is a new cert to replace #1 which expires in a few weeks. They have the

Replace with your identity

4 is a new cert to replace #1 which expires in a few weeks. They have the

Replace with your identity