Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignore expired identities for Darwin codesigning. #19330

Merged
merged 1 commit into from
Jun 8, 2022
Merged

Ignore expired identities for Darwin codesigning. #19330

merged 1 commit into from
Jun 8, 2022

Conversation

bzbarsky-apple
Copy link
Contributor

Fixes #19327

Problem

We try to use expired identities, then codesigning fails

Change overview

Skip over expired identities.

Testing

Checked that if I use other strings that appear in my identities instead of CSSMERR_TP_CERT_EXPIRED the right things are skipped.

@github-actions
Copy link

github-actions bot commented Jun 8, 2022
edited
Loading

PR #19330: Size comparison from 3a5d086 to ca46aa7

Increases (1 build for esp32)
platform target config section 3a5d086 ca46aa7 change % change
esp32 all-clusters-app c3devkit (read only) 1007694 1007698 4 0.0
.flash.text 1007694 1007698 4 0.0
Decreases (2 builds for nrfconnect, telink)
platform target config section 3a5d086 ca46aa7 change % change
nrfconnect all-clusters-app nrf52840dk_nrf52840 text 817088 817084 -4 -0.0
telink light-switch-app tlsr9518adk80d text 552542 552540 -2 -0.0
Full report (41 builds for cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, p6, telink)
platform target config section 3a5d086 ca46aa7 change % change
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read only) 689919 689919 0 0.0
(read/write) 161848 161848 0 0.0
.bss 74660 74660 0 0.0
.data 3392 3392 0 0.0
.rodata 112319 112319 0 0.0
.text 577288 577288 0 0.0
all-clusters-minimal-app LP_CC2652R7 (read only) 640535 640535 0 0.0
(read/write) 158132 158132 0 0.0
.bss 73884 73884 0 0.0
.data 3332 3332 0 0.0
.rodata 89359 89359 0 0.0
.text 550856 550856 0 0.0
lock-ftd LP_CC2652R7 (read only) 683423 683423 0 0.0
(read/write) 159408 159408 0 0.0
.bss 72612 72612 0 0.0
.data 3256 3256 0 0.0
.rodata 98175 98175 0 0.0
.text 584764 584764 0 0.0
lock-mtd LP_CC2652R7 (read only) 632839 632839 0 0.0
(read/write) 145720 145720 0 0.0
.bss 68348 68348 0 0.0
.data 3256 3256 0 0.0
.rodata 98063 98063 0 0.0
.text 534284 534284 0 0.0
pump-app LP_CC2652R7 (read only) 664867 664867 0 0.0
(read/write) 178876 178876 0 0.0
.bss 72756 72756 0 0.0
.data 3292 3292 0 0.0
.rodata 86355 86355 0 0.0
.text 578028 578028 0 0.0
pump-controller-app LP_CC2652R7 (read only) 655451 655451 0 0.0
(read/write) 188396 188396 0 0.0
.bss 72860 72860 0 0.0
.data 3252 3252 0 0.0
.rodata 84243 84243 0 0.0
.text 570724 570724 0 0.0
shell LP_CC2652R7 (read only) 682198 682198 0 0.0
(read/write) 165064 165064 0 0.0
.bss 76956 76956 0 0.0
.data 3396 3396 0 0.0
.rodata 108918 108918 0 0.0
.text 572968 572968 0 0.0
cyw30739 light cyw930739m2evb_01 (read/write) 602538 602538 0 0.0
.app_xip_area 461484 461484 0 0.0
.bss 84008 84008 0 0.0
.data 732 732 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
lock cyw930739m2evb_01 (read/write) 599622 599622 0 0.0
.app_xip_area 458432 458432 0 0.0
.bss 84176 84176 0 0.0
.data 700 700 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 599422 599422 0 0.0
.app_xip_area 459348 459348 0 0.0
.bss 83140 83140 0 0.0
.data 616 616 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A (read only) 915000 915000 0 0.0
(read/write) 133176 133176 0 0.0
.bss 131088 131088 0 0.0
.data 2088 2088 0 0.0
.text 914992 914992 0 0.0
BRD4161A+rpc (read only) 949220 949220 0 0.0
(read/write) 149868 149868 0 0.0
.bss 147576 147576 0 0.0
.data 2292 2292 0 0.0
.text 949212 949212 0 0.0
BRD4161A+rs911x (read only) 790188 790188 0 0.0
(read/write) 129460 129460 0 0.0
.bss 127364 127364 0 0.0
.data 2096 2096 0 0.0
.text 790180 790180 0 0.0
lock-app BRD4161A+wf200 (read only) 958444 958444 0 0.0
(read/write) 128252 128252 0 0.0
.bss 126188 126188 0 0.0
.data 2064 2064 0 0.0
.text 958436 958436 0 0.0
window-app BRD4161A (read only) 900072 900072 0 0.0
(read/write) 133264 133264 0 0.0
.bss 131176 131176 0 0.0
.data 2084 2084 0 0.0
.text 900064 900064 0 0.0
esp32 all-clusters-app c3devkit (read only) 1007694 1007698 4 0.0
(read/write) 1481826 1481826 0 0.0
.dram0.bss 69168 69168 0 0.0
.dram0.data 14656 14656 0 0.0
.flash.rodata 212576 212576 0 0.0
.flash.text 1007694 1007698 4 0.0
.iram0.text 62902 62902 0 0.0
m5stack (read only) 1062483 1062483 0 0.0
(read/write) 483960 483960 0 0.0
.dram0.bss 74688 74688 0 0.0
.dram0.data 34200 34200 0 0.0
.flash.rodata 243076 243076 0 0.0
.flash.text 1057099 1057099 0 0.0
.iram0.text 123267 123267 0 0.0
k32w light k32w061+release (read/write) 653760 653760 0 0.0
.bss 70044 70044 0 0.0
.data 2004 2004 0 0.0
.text 575912 575912 0 0.0
lock k32w061+release (read/write) 714836 714836 0 0.0
.bss 70484 70484 0 0.0
.data 1976 1976 0 0.0
.text 636576 636576 0 0.0
linux all-clusters-app debug (read only) 2892217 2892217 0 0.0
(read/write) 180024 180024 0 0.0
.bss 87840 87840 0 0.0
.data 2016 2016 0 0.0
.data.rel.ro 83960 83960 0 0.0
.dynamic 608 608 0 0.0
.got 4544 4544 0 0.0
.init 27 27 0 0.0
.init_array 1040 1040 0 0.0
.rodata 255485 255485 0 0.0
.text 2462210 2462210 0 0.0
all-clusters-minimal-app debug (read only) 2753681 2753681 0 0.0
(read/write) 171640 171640 0 0.0
.bss 87008 87008 0 0.0
.data 1888 1888 0 0.0
.data.rel.ro 76584 76584 0 0.0
.dynamic 608 608 0 0.0
.got 4496 4496 0 0.0
.init 27 27 0 0.0
.init_array 1040 1040 0 0.0
.rodata 256765 256765 0 0.0
.text 2324402 2324402 0 0.0
bridge-app debug+rpc (read only) 2197745 2197745 0 0.0
(read/write) 149528 149528 0 0.0
.bss 74496 74496 0 0.0
.data 3888 3888 0 0.0
.data.rel.ro 65400 65400 0 0.0
.dynamic 608 608 0 0.0
.got 4392 4392 0 0.0
.init 27 27 0 0.0
.init_array 720 720 0 0.0
.rodata 187840 187840 0 0.0
.text 1850994 1850994 0 0.0
chip-tool debug (read only) 9736789 9736789 0 0.0
(read/write) 608032 608032 0 0.0
.bss 25408 25408 0 0.0
.data 1088 1088 0 0.0
.data.rel.ro 575240 575240 0 0.0
.dynamic 624 624 0 0.0
.got 5000 5000 0 0.0
.init 27 27 0 0.0
.init_array 664 664 0 0.0
.rodata 505437 505437 0 0.0
.text 7829349 7829349 0 0.0
chip-tool-no-interactive-ipv6only arm64 (read only) 9474460 9474460 0 0.0
(read/write) 674257 674257 0 0.0
.bss 43681 43681 0 0.0
.data 1152 1152 0 0.0
.data.rel.ro 610696 610696 0 0.0
.dynamic 528 528 0 0.0
.got 14928 14928 0 0.0
.init 24 24 0 0.0
.init_array 192 192 0 0.0
.rodata 467596 467596 0 0.0
.text 7469860 7469860 0 0.0
lighting-app debug+rpc (read only) 2482129 2482129 0 0.0
(read/write) 155136 155136 0 0.0
.bss 76320 76320 0 0.0
.data 2032 2032 0 0.0
.data.rel.ro 70888 70888 0 0.0
.dynamic 608 608 0 0.0
.got 4432 4432 0 0.0
.init 27 27 0 0.0
.init_array 824 824 0 0.0
.rodata 205384 205384 0 0.0
.text 2109154 2109154 0 0.0
lock-app debug (read only) 2428081 2428081 0 0.0
(read/write) 150272 150272 0 0.0
.bss 75040 75040 0 0.0
.data 1520 1520 0 0.0
.data.rel.ro 67848 67848 0 0.0
.dynamic 608 608 0 0.0
.got 4432 4432 0 0.0
.init 27 27 0 0.0
.init_array 792 792 0 0.0
.rodata 219400 219400 0 0.0
.text 2046082 2046082 0 0.0
ota-provider-app debug (read only) 2203545 2203545 0 0.0
(read/write) 143264 143264 0 0.0
.bss 74496 74496 0 0.0
.data 1752 1752 0 0.0
.data.rel.ro 61208 61208 0 0.0
.dynamic 608 608 0 0.0
.got 4496 4496 0 0.0
.init 27 27 0 0.0
.init_array 664 664 0 0.0
.rodata 191960 191960 0 0.0
.text 1851906 1851906 0 0.0
ota-requestor-app debug (read only) 2265177 2265177 0 0.0
(read/write) 146312 146312 0 0.0
.bss 75264 75264 0 0.0
.data 1944 1944 0 0.0
.data.rel.ro 63320 63320 0 0.0
.dynamic 608 608 0 0.0
.got 4456 4456 0 0.0
.init 27 27 0 0.0
.init_array 704 704 0 0.0
.rodata 195296 195296 0 0.0
.text 1906146 1906146 0 0.0
shell debug (read only) 2583841 2583841 0 0.0
(read/write) 203200 203200 0 0.0
.bss 118728 118728 0 0.0
.data 1328 1328 0 0.0
.data.rel.ro 77392 77392 0 0.0
.dynamic 608 608 0 0.0
.got 4176 4176 0 0.0
.init 27 27 0 0.0
.init_array 944 944 0 0.0
.rodata 228050 228050 0 0.0
.text 2197170 2197170 0 0.0
thermostat-no-ble arm64 (read only) 2543740 2543740 0 0.0
(read/write) 183073 183073 0 0.0
.bss 91409 91409 0 0.0
.data 1512 1512 0 0.0
.data.rel.ro 82144 82144 0 0.0
.dynamic 528 528 0 0.0
.got 4992 4992 0 0.0
.init 24 24 0 0.0
.init_array 400 400 0 0.0
.rodata 160116 160116 0 0.0
.text 2146688 2146688 0 0.0
tv-app debug (read only) 3030233 3030233 0 0.0
(read/write) 281904 281904 0 0.0
.bss 192616 192616 0 0.0
.data 4656 4656 0 0.0
.data.rel.ro 78184 78184 0 0.0
.dynamic 608 608 0 0.0
.got 4848 4848 0 0.0
.init 27 27 0 0.0
.init_array 960 960 0 0.0
.rodata 240672 240672 0 0.0
.text 2604498 2604498 0 0.0
tv-casting-app debug (read only) 5333825 5333825 0 0.0
(read/write) 223968 223968 0 0.0
.bss 80136 80136 0 0.0
.data 2416 2416 0 0.0
.data.rel.ro 135168 135168 0 0.0
.dynamic 608 608 0 0.0
.got 4712 4712 0 0.0
.init 27 27 0 0.0
.init_array 880 880 0 0.0
.rodata 340512 340512 0 0.0
.text 4642834 4642834 0 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2429648 2429648 0 0.0
.bss 202692 202692 0 0.0
.data 5872 5872 0 0.0
.text 1392292 1392292 0 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1192011 1192011 0 0.0
bss 141362 141362 0 0.0
rodata 154636 154636 0 0.0
text 817088 817084 -4 -0.0
all-clusters-minimal-app nrf52840dk_nrf52840 (read/write) 1139719 1139719 0 0.0
bss 140579 140579 0 0.0
rodata 131128 131128 0 0.0
text 789136 789136 0 0.0
p6 all-clusters-app default (read/write) 2544496 2544496 0 0.0
.bss 137120 137120 0 0.0
.data 2808 2808 0 0.0
.text 1502760 1502760 0 0.0
all-clusters-minimal-app default (read/write) 2489368 2489368 0 0.0
.bss 136328 136328 0 0.0
.data 2752 2752 0 0.0
.text 1447632 1447632 0 0.0
light-app default (read/write) 2421272 2421272 0 0.0
.bss 129432 129432 0 0.0
.data 2600 2600 0 0.0
.text 1379536 1379536 0 0.0
lock-app default (read/write) 2441608 2441608 0 0.0
.bss 129256 129256 0 0.0
.data 2576 2576 0 0.0
.text 1399872 1399872 0 0.0
telink light-switch-app tlsr9518adk80d (read/write) 781656 781656 0 0.0
bss 70636 70636 0 0.0
noinit 40416 40416 0 0.0
text 552542 552540 -2 -0.0
lighting-app tlsr9518adk80d (read/write) 801668 801668 0 0.0
bss 70888 70888 0 0.0
noinit 40416 40416 0 0.0
text 569260 569260 0 0.0

@bzbarsky-apple bzbarsky-apple merged commit 2593ab9 into project-chip:master Jun 8, 2022
@bzbarsky-apple bzbarsky-apple deleted the codesign-ignore-expired branch June 8, 2022 21:17
mkardous-silabs pushed a commit to mkardous-silabs/connectedhomeip that referenced this pull request Jun 10, 2022
@bzbarsky-apple @mkardous-silabs
Ignore expired identities for Darwin codesigning. (project-chip#19330)
25a0567 
Fixes project-chip#19327
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@krypton36 krypton36 krypton36 left review comments

@jmartinez-silabs jmartinez-silabs jmartinez-silabs approved these changes

@vivien-apple vivien-apple vivien-apple approved these changes

@tcarmelveilleux tcarmelveilleux tcarmelveilleux approved these changes

@anush-apple anush-apple Awaiting requested review from anush-apple

@arkq arkq Awaiting requested review from arkq

@Byungjoo-Lee Byungjoo-Lee Awaiting requested review from Byungjoo-Lee

@carol-apple carol-apple Awaiting requested review from carol-apple

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@chshu chshu Awaiting requested review from chshu

@chulspro chulspro Awaiting requested review from chulspro

@Damian-Nordic Damian-Nordic Awaiting requested review from Damian-Nordic

@dhrishi dhrishi Awaiting requested review from dhrishi

@electrocucaracha electrocucaracha Awaiting requested review from electrocucaracha

@erjiaqing erjiaqing Awaiting requested review from erjiaqing

@franck-apple franck-apple Awaiting requested review from franck-apple

@gjc13 gjc13 Awaiting requested review from gjc13

@hawk248 hawk248 Awaiting requested review from hawk248

@harsha-rajendran harsha-rajendran Awaiting requested review from harsha-rajendran

@isiu-apple isiu-apple Awaiting requested review from isiu-apple

@jelderton jelderton Awaiting requested review from jelderton

@jepenven-silabs jepenven-silabs Awaiting requested review from jepenven-silabs

@jtung-apple jtung-apple Awaiting requested review from jtung-apple

@kghost kghost Awaiting requested review from kghost

@kpschoedel kpschoedel Awaiting requested review from kpschoedel

@lazarkov lazarkov Awaiting requested review from lazarkov

@LuDuda LuDuda Awaiting requested review from LuDuda

@mlepage-google mlepage-google Awaiting requested review from mlepage-google

@mrjerryjohns mrjerryjohns Awaiting requested review from mrjerryjohns

@msandstedt msandstedt Awaiting requested review from msandstedt

@mspang mspang Awaiting requested review from mspang

@rgoliver rgoliver Awaiting requested review from rgoliver

@sagar-apple sagar-apple Awaiting requested review from sagar-apple

@saurabhst saurabhst Awaiting requested review from saurabhst

@selissia selissia Awaiting requested review from selissia

@tecimovic tecimovic Awaiting requested review from tecimovic

@tehampson tehampson Awaiting requested review from tehampson

@turon turon Awaiting requested review from turon

@vijs vijs Awaiting requested review from vijs

@wbschiller wbschiller Awaiting requested review from wbschiller

@woody-apple woody-apple Awaiting requested review from woody-apple

@xylophone21 xylophone21 Awaiting requested review from xylophone21

Assignees
No one assigned
Labels
examples review - approved
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

All-cluster-app build fails on Darwin due to codesign issue
5 participants
@bzbarsky-apple @tcarmelveilleux @krypton36 @vivien-apple @jmartinez-silabs