Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Debugging 1Password extension problem with browser signature verification
○ → codesign -dvvv /Applications/Google\ Chrome.app
Executable=/Applications/Google Chrome.app/Contents/MacOS/Google Chrome
Identifier=com.google.Chrome
Format=bundle with Mach-O thin (i386)
CodeDirectory v=20100 size=186 flags=0x0(none) hashes=3+3 location=embedded
Hash type=sha1 size=20
CDHash=a8d3a44cc2a7957e8d9cd9c6f6eb9124a7e4a9fd
Signature size=8507
Authority=Developer ID Application: Google Inc.
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Sep 3, 2014, 6:30:20 PM
Info.plist entries=33
TeamIdentifier=not set
Sealed Resources version=1 rules=9 files=221
Internal requirements count=1 size=132
@roustem

This comment has been minimized.

Copy link

commented Sep 16, 2014

The signature looks like great.

I am guessing that something might be preventing 1Password from obtaining the Google Chrome process identifier:

- (void)showFillDisabledAlert {
    log_at;

    NSString *browserName = _extensionProcess.localizedName ? : OPLocalizedString(@"Web Browser", @"Used to create 'Cannot Fill Item in Web Browser' message when browser name cannot be determined");
    NSString *title = [NSString stringWithFormat:OPLocalizedString(@"Cannot Fill Item in %@", @"Message title; %@ represents browser name"), browserName];
    NSString *message = [NSString stringWithFormat:OPLocalizedString(@"%@ is connected but its code signature could not be verified. Filling and other features are disabled until this configuration issue is resolved.", @"Message text; %@ represents browser name"), browserName];

1Password is using lsof to find the process connecting to its port.

Can you see any error messages in the Console?

@roustem

This comment has been minimized.

Copy link

commented Sep 16, 2014

Help > Troubleshooting > Troubleshooting Utility might help.

@ianchesal

This comment has been minimized.

Copy link
Owner Author

commented Sep 16, 2014

Here's what I see in Console when the verification fails:

9/16/14 10:30:09.841 AM 2BUA8C4S2C.com.agilebits.onepassword4-helper[1081]: 441008 [EXT:0x7feaba409340:<OP4ExtensionClient: 0x7feabf1e6950>] M sendFillItem:generatedPassword:openInTabMode: | Extension client 'chrome-extension://phicbbndgmmpogmijjkbmdhpioaieaha' ((null)) is not verified. Will not fill 922E644631D843F9B7F89A75A34B72EF until client is verified.

I'm going to try the Sophos whitelist change...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.