New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
macOS Big Sur: smimesign v0.1.0: Invalid Signatures #74
Comments
|
Had the exact same issue. Everything exactly as described. Thanks so much for the workaround. Worked great for me. Hopefully whatever is broken in the brew package gets fixed soon. |
|
👋 Thanks for the issue. We've taken note of it so that it gets triaged. |
|
I tracked this issue down to github/ietf-cms#25, a bug that emerges when built on 1.15. AFAICT fixing that issue should suffice to fix the issue here as well. |
|
btw this has been an issue since v0.0.13 - has been driving me and my team crazy! So basically depending on what version of Go smimesign was built with, signatures may or may not be valid. We've been going in circles for months trying to figure out why this works for some of us and not others 😅 |
|
I believe that @bluestealth and I have fixed the underlying issue that causes this in github/ietf-cms#29. |
|
Everything worked for me by cloning the source, updating github/ietf-cms dependency to Waiting for official release. |
|
Thanks @AlekSi, that worked for me as well and commits show as verified here on GitHub 🎉 |
|
Same issue applies to the macOS binary available from the releases tab. I didn't even realize all my signed commits were useless up until now... |
|
@andrewpong we'll be releasing a new version of smimesign with updated dependencies in the near future. Stay tuned! |
|
Is there an update on when this fix will be released? |
|
v0.1.1 was released which should address this issue. Please give it a try and let us know how it goes. |
|
I haven't tested this new release of Line 10 in 80395c4
There needs to be a new release of |
|
Indeed, this does not fix the problem described in the title and since bintray has shut down, @christopherincanada solution does not work anymore, do you know if it's still possible to install the old Catalina bottle? |
|
Sorry for the confusion y'all, we'll get a new build with the updated |
|
|
|
Worked for me, thanks! |
|
|
|
Thanks, @patrickbenitez and @adricasti! I'll take that as confirmation that this is resolved. If anyone is running into issues, please comment here and we can reopen! |
smimesign v0.1.0 when installed via Homebrew for macOS Big Sur creates invalid/corrupt signatures. Specifically, this happens when
smimesignis installed as follows on macOS Big Sur:This causes the following bottle to be used:
https://homebrew.bintray.com/bottles/smimesign-0.1.0.big_sur.bottle.tar.gzInterestingly enough, these invalid signatures (signatures created with the smimesign binary for macOS Big Sur) can be verified successfully by the same smimesign binary that created them, but are (correctly) reported as invalid by all other smimesign binaries as well as the GitHub UI/API.
To workaround this issue, when installing smimesign on macOS Big Sur, you can explicitly request a bottle that does
not suffer from this issue. Specifically, the smimesign-0.1.0.catalina.bottle.tar.gz bottle (compiled for macOS
Catalina) does not suffer from the issue and works on macOS BigSur:
If this workaround is not performed, corrupt git commit signatures will be produced. Any attempt to verify these
commits using a version of smimesign that does not suffer from the issue will result in the following failure:
The text was updated successfully, but these errors were encountered: