pkgutil erroneously reports "signed by untrusted certificate"
Originator: | 0xmachos | ||
Number: | rdar://47072099 | Date Originated: | 06/01/2019 |
Status: | Open | Resolved: | |
Product: | macOS | Product Version: | 10.14.2 |
Classification: | Security | Reproducible: | Always |
Summary: The application bundle "/Library/Image Capture/Devices/EPSON Scanner.app" is shipped with macOS. pkgutil reports that it is "signed by untrusted certificate" however codesign reports that the signature is valid. The third party tools "What's my Sign" [1] and "Signet" [2] both report that the signature is valid. 1. https://objective-see.com/products/whatsyoursign.html 2. https://eclecticlight.co/2018/12/20/mojave-happily-runs-apps-with-revoked-signatures-and-more/ Steps to Reproduce: codesign --verify --verbose --deep "/Library/Image Capture/Devices/EPSON Scanner.app" /Library/Image Capture/Devices/EPSON Scanner.app: valid on disk /Library/Image Capture/Devices/EPSON Scanner.app: satisfies its Designated Requirement pkgutil --check-signature "/Library/Image Capture/Devices/EPSON Scanner.app" Package "EPSON Scanner": Status: signed by untrusted certificate Certificate Chain: 1. Developer ID Application: EPSON (TXAEAV5RN4) SHA1 fingerprint: 07 08 DA 9F 2A 02 43 09 E5 83 28 0A 66 6E 3A 2F E9 77 4F 7D ----------------------------------------------------------------------------- 2. Developer ID Certification Authority SHA1 fingerprint: 3B 16 6C 3B 7D C4 B7 51 C9 FE 2A FA B9 13 56 41 E3 88 E1 86 ----------------------------------------------------------------------------- 3. Apple Root CA SHA1 fingerprint: 61 1E 5B 66 2C 59 3A 08 FF 58 D1 4A E2 24 52 D1 98 DF 6C 60 Expected Results: Both utilities report the same signature status. Actual Results: pkgutil reports "signed by untrusted certificate" while codesign, Signet and What's Your Sign report that the signature is valid. Version/Build: System Version: macOS 10.14.2 (18C54) Kernel Version: Darwin 18.2.0 Boot Volume: *** Boot Mode: Normal Computer Name: *** User Name: *** Secure Virtual Memory: Enabled System Integrity Protection: Enabled Time since boot: 23:55 Configuration: Model Name: MacBook Pro Model Identifier: MacBookPro15,2 Processor Name: Intel Core i7 Processor Speed: 2.7 GHz Number of Processors: 1 Total Number of Cores: 4 L2 Cache (per Core): 256 KB L3 Cache: 8 MB Memory: 16 GB Boot ROM Version: 220.230.16.0.0 (iBridge: 16.16.2542.0.0,0) Serial Number (system): *** Hardware UUID: ***
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!