1Password 6.8.9 crashes on Catalina 10.15.4 with Termination Reason: Namespace CODESIGNING, Code 0x1

On a new install of Cataline 10.15.4, I download and install 1Password 6.8.9. It crashes before when I open it, no user interface appears. When checking the Console I see an error message which states the reason for crashing is "Namespace CODESIGNING, Code 0x1". I do not even get a chance to open a vault.

I have fully reinstalled the operating system and downloaded 1Password again; the error persists.

1password 6.8.9 runs successfully on my other Catalina system without issue; the only difference that system is an upgrade over several releases of MacOS.


1Password Version: 6.8.9
Extension Version: Not Provided
OS Version: MacOS 10.15.4
Sync Type: dropbox

Comments

  • brass_
    brass_
    Community Member

    Edit... I meant to say it crashes when I open it

  • Hi @brass_

    I'm sorry to hear about the trouble. Code signing errors are usually a result of the application having been modified. Do you have anything installed on this system that might be modifying installed apps? Or antivirus? In particular, do you have a software package called Sentinel One installed?

    Ben

  • brass_
    brass_
    Community Member

    Hi Ben

    Not to my knowledge, it's a clean install. All I have installed is Libre Office, visual studio code, VLC, brew, python3, chrome and Firefox.

  • @brass_

    I just spoke with one of our developers about this case and he suggested booting the Mac in Safe Mode (hold shift while booting) and try launching 1Password there. Then reboot again in normal mode and try launching. Apparently we've seen some cases where some underlying magic in the OS resolves this issue when doing this.

    Please let me know if that helps. If the result is the same after booting back into normal mode please post the output of this command:
    codesign -d -vvv /Applications/1Password*.app

    Thanks.

    Ben

  • brass_
    brass_
    Community Member

    Hi @Ben

    Switching to safe mode did the trick! 1password 6 is now running in regular mode on Catalina perfectly. Thank you!

    Could you ask the developer to explain why that worked?

  • The answer was literally "some magic in the OS" — honestly we're as stumped about it as you. But I'm glad to hear that worked. :)

    Ben

  • adrianraper
    adrianraper
    Community Member

    I've just had the same code-signing thing, but with 1Password 7.5. I tried rebooting in safe mode, but no magic. So I downloaded the app again and installed and that did work. The font running in the app is not as clear as it should be, and the icon in the dock is a generic one, but perhaps these will clear on the next reboot.

  • adrianraper
    adrianraper
    Community Member

    I meant to add this to the post...

    ➜ ~ codesign -d -vvv /Applications/1Password*.app
    Executable=/Applications/1Password 7.app/Contents/MacOS/1Password 7
    Identifier=com.agilebits.onepassword7
    Format=bundle with Mach-O thin (x86_64)
    CodeDirectory v=20500 size=43910 flags=0x10000(runtime) hashes=1363+5 location=embedded
    Hash type=sha256 size=32
    CandidateCDHash sha256=c01b95b3f3138c2f868bfe9b6772463fb4c4d989
    CandidateCDHashFull sha256=c01b95b3f3138c2f868bfe9b6772463fb4c4d98939ea9de67480622558dbff92
    Hash choices=sha256
    CMSDigest=c01b95b3f3138c2f868bfe9b6772463fb4c4d98939ea9de67480622558dbff92
    CMSDigestType=2
    CDHash=c01b95b3f3138c2f868bfe9b6772463fb4c4d989
    Signature size=8928
    Authority=Developer ID Application: AgileBits Inc. (2BUA8C4S2C)
    Authority=Developer ID Certification Authority
    Authority=Apple Root CA
    Timestamp=6 May 2020 at 00:21:50
    Info.plist=not bound
    TeamIdentifier=2BUA8C4S2C
    Runtime Version=10.15.0
    Sealed Resources=none
    Internal requirements count=1 size=220

    ➜ ~ open -a 1Password\ 7
    LSOpenURLsWithRole() failed for the application /Applications/1Password 7.app with error -10810.

  • ag_ana
    ag_ana
    1Password Alumni

    @adrianraper:

    The font running in the app is not as clear as it should be, and the icon in the dock is a generic one, but perhaps these will clear on the next reboot.

    Can you please post a couple of screenshots of these things, so we can make sure what you are seeing?

  • adrianraper
    adrianraper
    Community Member

    The dock icon has resolved itself. This is a screen shot of the 1password app with 1password website in the background for comparison
    It is a retina display. This is not a big problem of course, I can still use the program.

  • ag_ana
    ag_ana
    1Password Alumni

    @adrianraper:

    Thank you for the screenshot! Can you please try quitting 1Password completely (right-click on 1Password mini in the menu bar at the top right of your screen > Quit 1Password Completely), and then relaunch 1Password? Did things improve?

  • adrianraper
    adrianraper
    Community Member

    Oh - perfect! Thank you.

  • ag_ana
    ag_ana
    1Password Alumni

    You are welcome @adrianraper! If you have any other questions, please feel free to reach out anytime.

    Have a wonderful day :)

  • IamSigmund
    IamSigmund
    Community Member

    FYI, like adrianraper, the rebooting-in-safe-mode method didn't work for me either. I'm on Catalina 15.6 with 1Password 6.8.9. But also like adrianraper, just downloading the 6.8.9 installer and re-running it fixed the problem.

  • Thanks for the data point, @IamSigmund. I'm glad to hear reinstalling resolved the issue for you.

    Ben

  • IamSigmund
    IamSigmund
    Community Member

    👍

  • :+1: :)

    Ben

  • nme
    nme
    Community Member

    tl;dr: If you run "What's Your Sign?" it appears to fix the problem, albeit by chance.

    I just ran into this issue after upgrading an older machine to High Sierra. In my case, it affected all apps downloaded from the Mac App Store. I just happen to launch 1Password first :chuffed:

    Jumping into Safe Mode and poking at spctl and codesign tools from the terminal did pretty much nothing. From memory, I recall seeing error status CSSMERR_TP_CERT_REVOKED and later got the following output:

    $ spctl --assess --verbose=4 /Applications/1Password.app/
    /Applications/1Password.app/: accepted
    source=Mac App Store
    
    $ codesign --display --verbose=4 /Applications/1Password.app/
    ...
    Authority=(unavailable)
    Info.plist=not bound
    ...
    

    The answer was literally "some magic in the OS" — honestly we're as stumped about it as you.

    Seems true to me! Likely something deeply technical inside the gatekeeper or code signing verification process.

    In my case, I stumbled upon a solution that appears to have fixed my problem immediately. Download and install "What's Your Sign?" by Objective-See, right click on any app from the Mac App Store (doesn't have to be 1Password), and click "Signing Info".

    The first time you try this, it will complain that the app is revoked and won't have much info filled in. If you try this a second time, it will show you the signing authorities filled in. That's it! You can uninstall the app afterward. This app seems to poke Apple's security APIs in just the right way to make it start working again--something I could not do on my own from the terminal even after reading a bunch of documentation. Hooray! I had to repeat this process for each of my user accounts.

    After having a quick look at the source for both What's Your Sign? and codesign, I realized:
    1) There's a bunch of direct Security API stuff you can do that might not be apparent from the terminal, and
    2) It's a second job to try and debug all this stuff! Better leave it to the pros.

    In the end, I'm just glad it works. :smile:

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you for all the information and for testing this @nme! And thank you also for sharing what worked for you with the community :)

    And I agree, in the end I am also glad it works :)

  • psantora
    psantora
    Community Member
    edited November 2020

    I'm also having this problem. I'm running the latest OS possible for my hardware - macOS High Sierra 10.13.6 (17G14042) and trying to launch 1Password 6.8.9 from the Mac App Store after a clean install of the OS.

    I tried running "What's Your Sign?" as explained in the above post but that didn't help. The first time I checked there was no signing information (as expected from the above post) and the second time the signing information was populated (also as expected from the above post), but the app still wouldn't launch.

    I then tried booting into safe mode and the app still won't launch (either in safe mode or after rebooting back into a normal login).

    In terminal I get the following:
    codesign -d -vvv /Applications/1Password*.app Executable=/Applications/1Password.app/Contents/MacOS/1Password Identifier=com.agilebits.onepassword-osx Format=app bundle with Mach-O thin (x86_64) CodeDirectory v=20200 size=29053 flags=0x200(kill) hashes=900+5 location=embedded Hash type=sha256 size=32 CandidateCDHash sha1=7c2e36f3e49714d88bb088648646d3af72126953 CandidateCDHash sha256=56fc1cea49b7926111e25a2b579db6b6ab5bd9f8 Hash choices=sha1,sha256 CDHash=56fc1cea49b7926111e25a2b579db6b6ab5bd9f8 Signature size=4605 Authority=Apple Mac OS Application Signing Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA Info.plist entries=32 TeamIdentifier=2BUA8C4S2C Sealed Resources version=2 rules=13 files=2487 Internal requirements count=1 size=232

    Deleting the app and reinstalling from the Mac App Store gives the same result to the codesign -d -vvv /Applications/1Password*.app command in Terminal.

    Any idea on what I might be missing?

    Thanks so much for the help!

  • psantora
    psantora
    Community Member

    The comment I typed out about 30 min ago somehow disappeared, but hopefully it is just being reviewed. This is the crash report that gets generated after trying to launch the app:

    Process:               1Password [810]
    Path:                  /Applications/1Password.app/Contents/MacOS/1Password
    Identifier:            com.agilebits.onepassword-osx
    Version:               ???
    Code Type:             X86-64 (Native)
    Parent Process:        ??? [1]
    Responsible:           1Password [810]
    User ID:               502
    
    Date/Time:             2020-11-16 11:52:20.036 -0500
    OS Version:            Mac OS X 10.13.6 (17G14042)
    Report Version:        12
    Anonymous UUID:        68887768-6520-CBEA-0E6D-7E36A12BA1BF
    
    Sleep/Wake UUID:       938C26ED-CA7E-4F87-84FC-F8A7732C3B31
    
    Time Awake Since Boot: 2700 seconds
    Time Since Wake:       1600 seconds
    
    System Integrity Protection: enabled
    
    Crashed Thread:        0
    
    Exception Type:        EXC_CRASH (Code Signature Invalid)
    Exception Codes:       0x0000000000000000, 0x0000000000000000
    Exception Note:        EXC_CORPSE_NOTIFY
    
    Termination Reason:    Namespace CODESIGNING, Code 0x1
    
    kernel messages:
    
    VM Regions Near 0 (cr2):
    --> 
        __TEXT                 0000000107f16000-00000001081b4000 [ 2680K] r-x/rwx SM=COW  
    
    Thread 0 Crashed:
    0   ???                             0x000000010ba7619c _dyld_start + 0
    
    Thread 0 crashed with X86 Thread State (64-bit):
      rax: 0x0000000000000000  rbx: 0x0000000000000000  rcx: 0x0000000000000000  rdx: 0x0000000000000000
      rdi: 0x0000000000000000  rsi: 0x0000000000000000  rbp: 0x0000000000000000  rsp: 0x00007ffee7ce9c18
       r8: 0x0000000000000000   r9: 0x0000000000000000  r10: 0x0000000000000000  r11: 0x0000000000000000
      r12: 0x0000000000000000  r13: 0x0000000000000000  r14: 0x0000000000000000  r15: 0x0000000000000000
      rip: 0x000000010ba7619c  rfl: 0x0000000000000200  cr2: 0x0000000000000000
    
    Logical CPU:     0
    Error Code:      0x00000000
    Trap Number:     0
    
    
    Binary Images:
           0x107f16000 -        0x1081b3fff +??? (0) <E40F2A4C-C1C3-3541-B521-75B07B751920> (null)
           0x10ba75000 -        0x10babfadf +??? (551.5) <CB9BFB56-4511-36F1-A546-891FF770C01C> (null)
    
    External Modification Summary:
      Calls made by other processes targeting this process:
        task_for_pid: 0
        thread_create: 0
        thread_set_state: 0
      Calls made by this process:
        task_for_pid: 0
        thread_create: 0
        thread_set_state: 0
      Calls made by all processes on this machine:
        task_for_pid: 1766
        thread_create: 0
        thread_set_state: 0
    
    VM Region Summary:
    ReadOnly portion of Libraries: Total=3352K resident=0K(0%) swapped_out_or_unallocated=3352K(100%)
    Writable regions: Total=8408K written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=8408K(100%)
    
                                    VIRTUAL   REGION 
    REGION TYPE                        SIZE    COUNT (non-coalesced) 
    ===========                     =======  ======= 
    STACK GUARD                       56.0M        2 
    Stack                             8192K        2 
    __DATA                             940K        5 
    __LINKEDIT                         372K        3 
    __TEXT                            2980K        3 
    shared memory                        8K        3 
    ===========                     =======  ======= 
    TOTAL                             68.2M       12 
    
    Model: MacBookAir4,1, BootROM 135.0.0.0.0, 2 processors, Intel Core i5, 1.6 GHz, 4 GB, SMC 1.74f4
    Graphics: Intel HD Graphics 3000, Intel HD Graphics 3000, Built-In
    Memory Module: BANK 0/DIMM0, 2 GB, DDR3, 1333 MHz, 0x80CE, 0x4D34373142353737334448302D4348392020
    Memory Module: BANK 1/DIMM0, 2 GB, DDR3, 1333 MHz, 0x80CE, 0x4D34373142353737334448302D4348392020
    AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0xE9), Broadcom BCM43xx 1.0 (5.106.98.102.30)
    Bluetooth: Version 6.0.7f22, 3 services, 27 devices, 1 incoming serial ports
    Network Service: Wi-Fi, AirPort, en0
    Serial ATA Device: APPLE SSD TS128C, 121.33 GB
    USB Device: USB 2.0 Bus
    USB Device: FaceTime Camera (Built-in)
    USB Device: Hub
    USB Device: Apple Internal Keyboard / Trackpad
    USB Device: BRCM20702 Hub
    USB Device: Bluetooth USB Host Controller
    USB Device: USB 2.0 Bus
    USB Device: Hub
    Thunderbolt Bus: MacBook Air, Apple Inc., 8.1
    
  • desalex
    desalex
    Community Member

    There is a quick solution to sign any .app on macOS installing free codesign tool. Open Terminal App and execute the code to start the download and installation process of Xcode and the command line developer tools from the AppStore. Launch Xcode at least once to agree to the license.

    xcode-select --install

    To sign an .app file launch the Terminal and execute codesign with following parameters. You can easily drag and drop the .app from Finder to Terminal allowing you to paste the file located path. After the .app is signed you will have an option to run it as any other regular application.

    codesign --force --deep --sign - /Applications/name.app

    ...Maybe you will need to use 'sudo' before the commands above

    Good luck!!!

  • quickfire
    quickfire
    Community Member

    nme, it looks like I've done the same debugging as you.

    I found another tool too at https://brockerhoff.net/RB/AppCheckerLite/ which for me was the one which made things all work just by checking the signing of an app. "What's my sign" did not appear to make it all work for me but this was the one which did, though the general story is the same.

    For more context, the certificate that is claimed to be revoked is the one with the common name "Apple Mac OS Application Signing" that expires on 7 February 2023 with SHA1 fingerprint: “B93BDAAAF1A8846B34BA32332635CB2B84853DA8".

    I found that out by:
    1) Copying a broken appstore app to another mac
    2) Dragging it onto RB App Checker Lite.
    3) Dragging out the final cert.

    4) I copied the cert back to the original Mac.
    5) I dragged the cert into KeyChain Access -> System -> Certificates.
    6) I saw the cert was revoked.
    7) I marked the cert as trusted.

    8) Rebooted just in case.
    9) Ran the app with no luck.
    10) Dragged the app onto a copy of RB App Checker Lite on the original Mac - saw it looked ok.
    11) Ran it.

    This made all other App Store apps including 1 Password work too, but not forever so I have to repeat step 10 every now and then.

    Note: I think steps 1-4 could have been swapped with these steps all on the original Mac:
    $ xcode-select --install
    $ codesign --display --extract-certificates /Applications/1Password\ 7.app
    $ mv codesigno signing-cert.cer $ open signing-cert.cer
    $ open signing-cert.cer

  • quickfire
    quickfire
    Community Member

    nme, it looks like I've done the same debugging as you.

    I found another tool too https://brockerhoff.net/RB/AppCheckerLite/ which for me was the one which made things all work just by checking the signing of an app. "What's my sign" did not appear to make it all work for me but this was the one which did, though the story is the same.

    For more context, the certificate that is claimed to be revoked is the one with the common name "Apple Mac OS Application Signing" that expires on 7 February 2023 with SHA1 fingerprint: “B93BDAAAF1A8846B34BA32332635CB2B84853DA8".

    I found that out by:
    1) Copying a broken appstore app to another mac
    2) Dragging it onto RB App Checker Lite.
    3) Dragging out the final cert.

    4) I copied the cert back to the original Mac.
    5) I dragged the cert into KeyChain Access -> System -> Certificates.
    6) I saw the cert was revoked.
    7) I marked the cert as trusted.

    8) Rebooted just in case.
    9) Ran the app with no luck.
    10) Dragged the app onto a copy of RB App Checker Lite on the original Mac - saw it looked ok.
    11) Ran it.

    This made all other App Store apps work too, but not forever so I have to repeat step 10 every now and then.

    Note: I think steps 1-4 could have been swapped with these steps all on the original Mac:
    $ xcode-select --install
    $ codesign --display --extract-certificates /Applications/1Password\ 7.app
    $ mv codesign0 signing-cert.cer $ open signing-cert.cer
    $ open signing-cert.cer

  • quickfire
    quickfire
    Community Member

    psantora - Try clearing the cache of certificate revocation lists as described here https://support.globalsign.com/ssl/general-ssl/delete-crl-and-ocsp-cache

    The reason the app is showing as unsigned is that this certificate below can somehow get recorded as being revoked on new 10.13.6 installs of which I have one too. The certificate is certainly not revoked as I checked the revocation list and also made an OCSP request to Apple to ask that and it came back fine.

    Certificate “Apple Mac OS Application Signing”: 
        Will expire on 7 Feb 2023.
        SHA1 fingerprint: “B93BDAAAF1A8846B34BA32332635CB2B84853DA8”.
        Serial: 345231221407495159 (04CA81F77D5E33F7)
    

    I'm trying cache clearing myself but do have a workaround if it does not work which is to make copies of the cert in question and install it into Keychain Access as fully trusted then drag an appstore app onto a tool called RB App Checker lite. This works like the way "What's your sign" worked for nme (that didn't work for me). It usually takes a few hows after using the work around for things to fail again so I won't know for sure if I've fixed things permanently or not with clearing the revocation cache.

  • quickfire
    quickfire
    Community Member

    nme, it looks like I've done the same debugging as you.

    I found another tool too https://brockerhoff.net/RB/AppCheckerLite/ which for me was the one which made things all work just by checking the signing of an app. "What's my sign" did not appear to make it all work for me but this was the one which did, though the story is the same.

    For more context, the certificate that is claimed to be revoked is the one with the common name "Apple Mac OS Application Signing" that expires on 7 February 2023 with SHA1 fingerprint: “B93BDAAAF1A8846B34BA32332635CB2B84853DA8".

    I found that out by:
    1) Copying a broken appstore app to another mac
    2) Dragging it onto RB App Checker Lite.
    3) Dragging out the final cert.

    4) I copied the cert back to the original Mac.
    5) I dragged the cert into KeyChain Access -> System -> Certificates.
    6) I saw the cert was revoked.
    7) I marked the cert as trusted.

    8) Rebooted just in case.
    9) Ran the app with no luck.
    10) Dragged the app onto a copy of RB App Checker Lite on the original Mac - saw it looked ok.
    11) Ran it.

    This made all other App Store apps work too, but not forever so I have to repeat step 10 every now and then.

    Note: I think steps 1-4 could have been swapped with these steps all on the original Mac:
    $ xcode-select --install
    $ codesign --display --extract-certificates /Applications/1Password\ 7.app
    $ mv codesign0 signing-cert.cer $ open signing-cert.cer
    $ open signing-cert.cer

  • quickfire
    quickfire
    Community Member
    edited November 2020

    EDIT: Removed duplicate post. Note my posts above are in reverse order from when I wrote them as one got stuck in moderation.

This discussion has been closed.