Signing problem after changing a Mach-O image

Questions and Answers about all things *OS (macOS, iOS, tvOS, watchOS)

Signing problem after changing a Mach-O image

Postby pmon » Mon May 25, 2015 7:04 am

I'm doing modifications on a Mach-O executable (which was signed before) and I'm trying to resign it with codesign. As far as changing things in place in the image my mechanisms are working (in other words length of the image is the same after the changes as it was before).

But when I'm trying to append data to it codesign command fails. It seems that even if I'm adding a single byte to the Mach-O image at the end it breaks the ability of singing the image. From IDA and jtool perspective the image seems to be valid, only the signing is failing.

Do you have any clue what the problem can be?
pmon
 
Posts: 1
Joined: Mon May 25, 2015 6:58 am

Re: Signing problem after changing a Mach-O image

Postby morpheus » Wed Jun 10, 2015 11:39 pm

Easiest way out of this:

- Strip the LC_CODE_SIGNATURE (e.g. jtool -r or another Mach-O editor)
- re-sign

codesign isn't known to be the most resilient of programs in terms of its tolerance for errors. If internal offsets are wrong, or if you're trying to sign something that already has a signature, it refuses. Providing signing capabilities to jtool is one thing that's high on the list (but currently unstable so it won't be out for a while)
morpheus
Site Admin
 
Posts: 531
Joined: Thu Apr 11, 2013 6:24 pm


Return to Questions and Answers

Who is online

Users browsing this forum: No registered users and 2 guests