FinderInfo metadata can make builds unsignable

[praeclarum]

It's possible to add BundleResource files to a project that contain metadata (xattrs) that later will cause a build to be unsignable with this error:

Tool /usr/bin/codesign execution started with arguments: -v --force --sign 8300ADA869DB5BDFFBE11F6BE2AD4A6616EDFE8C --entitlements /Users/fak/Dropbox/Projects/Circuit2/Circuit/obj/iPhone/Release/Entitlements.xcent /Users/fak/Dropbox/Projects/Circuit2/Circuit/bin/iPhone/Release/Circuit2.app
    bin/iPhone/Release/Circuit2.app : error : /Users/fak/Dropbox/Projects/Circuit2/Circuit/bin/iPhone/Release/Circuit2.app: resource fork, Finder information, or similar detritus not allowed

The culprit is com.apple.FinderInfo and is clearable using instructions here: https://stackoverflow.com/questions/39652867/code-sign-error-in-macos-high-sierra-xcode-resource-fork-finder-information

Steps to Reproduce

You need a file with com.apple.FinderInfo, here's one silly way to create one:

1. Open a JPEG in Preview.app
2. Duplicate it (Shift-Cmd-S)
3. Resize it (Tools, Adjust Size...)
4. Save it

Expected Behavior

It would be nice if the tooling cleared the metadata for me.

Alternatively, just giving a better error and locating the bad files is OK too.

Actual Behavior

Error

Environment

=== Visual Studio Enterprise 2017 for Mac ===

Version 7.7 (build 1868)
Installation UUID: 4ba352e1-73e8-4dab-a9db-28012ca05af8
    GTK+ 2.24.23 (Raleigh theme)
    Xamarin.Mac 4.4.1.178 (master / eeaeb7e6)

    Package version: 516000221

=== Mono Framework MDK ===

Runtime:
    Mono 5.16.0.221 (2018-06/b63e5378e38) (64-bit)
    Package version: 516000221

=== NuGet ===

Version: 4.7.0.5148

=== .NET Core ===

Runtime: /usr/local/share/dotnet/dotnet
Runtime Versions:
    2.1.2
    2.1.0-preview2-26406-04
    2.0.3
SDK: /usr/local/share/dotnet/sdk/2.1.302/Sdks
SDK Versions:
    2.1.302
    2.1.300-preview2-008530
    2.0.3
MSBuild SDKs: /Library/Frameworks/Mono.framework/Versions/5.16.0/lib/mono/msbuild/15.0/bin/Sdks

=== Xamarin.Profiler ===

Version: 1.6.4
Location: /Applications/Xamarin Profiler.app/Contents/MacOS/Xamarin Profiler

=== Apple Developer Tools ===

Xcode 10.1 (14460.46)
Build 10B61

=== Xamarin.Mac ===

Version: 5.2.1.11 (Visual Studio Enterprise)
Hash: 5ef73d34
Branch: 
Build date: 2018-11-21 00:03:25-0500

=== Xamarin.iOS ===

Version: 12.2.1.11 (Visual Studio Enterprise)
Hash: 5ef73d34
Branch: d15-9
Build date: 2018-11-21 00:03:24-0500

=== Xamarin.Android ===

Version: 9.1.0.38 (Visual Studio Enterprise)
Android SDK: /Users/fak/Library/Developer/Xamarin/android-sdk-macosx
    Supported Android versions:
        7.0 (API level 24)
        7.1 (API level 25)
        8.1 (API level 27)

SDK Tools Version: 26.1.1
SDK Platform Tools Version: 26.0.2
SDK Build Tools Version: 26.0.3

Java SDK: /Users/fak/Library/Developer/Xamarin/jdk/microsoft_dist_openjdk_1.8.0.9
openjdk version "1.8.0-9"
OpenJDK Runtime Environment (build 1.8.0-9-microsoft-b00)
OpenJDK 64-Bit Server VM (build 25.71-b00, mixed mode)

Android Designer EPL code available here:
https://github.com/xamarin/AndroidDesigner.EPL

=== Android Device Manager ===

Version: 7.7.1.0
Hash: 06ceaea1

=== Xamarin Inspector ===

Version: 1.4.3
Hash: db27525
Branch: 1.4-release
Build date: Mon, 09 Jul 2018 21:20:18 GMT
Client compatibility: 1

=== Build Information ===

Release ID: 707001868
Git revision: 8bcdfa96d67c8c88dc45728cc968a2f84b55322f
Build date: 2018-11-22 12:19:29+00
Build branch: release-7.7
Xamarin extensions: d66dbedcda237cd9b546abfecfeecafba6f8e3cb

=== Operating System ===

Mac OS X 10.14.1
Darwin 18.2.0 Darwin Kernel Version 18.2.0
    Fri Oct  5 19:41:49 PDT 2018
    root:xnu-4903.221.2~2/RELEASE_X86_64 x86_64

=== Enabled user installed extensions ===

MSBuild Editor 2.1.0

[VincentDondain]

Hi @praeclarum,

I tried to add some random JPG/JPEG from Google as a bundle resource in a new Xamarin.iOS project, then open with preview, duplicate, resize and save but I don't think I was able to generate com.apple.FinderInfo (not quite sure where that file would live) but in any case I couldn't reproduce the signing issue.

Could you please attach a simple test project that shows the issue?

Thanks

[praeclarum]

Hi @VincentDondain, make sure you have the culprit metadata - this bug won't repro without it.

com.apple.FinderInfo is not a file - it's metadata stored in the file system. You can verify you have it by using xattr.

You can add it to any file using xattr (please read the attached SO post).

[spouliot]

The preview instruction did not work but creating the same is easy.

xattr -wx com.apple.FinderInfo "00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" ~/Projects/bugs/gh5202/Resources/IMG_6676.JPG 

Considering some metadata is fine (while others are not) it might be better to document the issue and making sure the error message links to that documentation.

The alternative would require scanning many files before signing, which is time consuming (affecting build times) for a very low probability of having to clean the metadata (and that's assuming the allowed/disallowed metadata does not change over time).

[praeclarum]

Ran into this again and had to lookup this bug to remember how to work around it. It would be nice if the error identified the file or linked to documentation.

[rachelkang]

I am also seeing this issue.

Repro:

https://github.com/CommunityToolkit/Maui.NativeLibraryInterop/tree/main/template

When I run the sample in the template folder linked above, it deploys successfully to iOS (net8.0-ios, iPhone 15 Pro Max 17.4). However, when I copy the template folder into a cloud storage location, it fails to build and shows the codesign errors. xattr -cr did not help in my case.