Results 1 to 5 of 5

Thread: Code signing issue with mac NDI virtual input?

  1. #1
    Registered User
    Join Date
    May 2020
    Location
    CA
    Posts
    1

    Code signing issue with mac NDI virtual input?

    Starting with NDI Tools 4.5, the macOS version of NDI Tools included a virtual input program. This is supposed to allow NDI video sources to emulate a webcam on macOS so that NDI can be used as an input for Skype/Zoom/Slack video calls. After installing the program, I've been unable to use it for this intended functionality. I can launch the program and select an NDI source from the network, but no program that accepts a webcam input can see the NDI virtual input as a camera option. I looked through the system logs for a message that looked related, and I found these:

    Code:
    default	16:18:36.023089 -0700	Photo Booth	Error loading /Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera:  dlopen(/Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera, 0x0106): code signature in (/Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera) not valid for use in process: mapping process is a platform binary, but mapped file is not
    default	16:18:36.023180 -0700	Photo Booth	Cannot find function pointer cmioNDIPluginMain for factory <CFUUID 0x6000028312e0> BB86C477-373F-49D9-AA4B-CE86A0E883F1 in CFBundle/CFPlugIn 0x7f9c12f10530 </Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin> (bundle, not loaded)
    error	16:18:36.023021 -0700	kernel	Library Validation failed: Rejecting '/Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera' (Team ID: W8U66ET244, platform: no) for process 'Photo Booth(40707)' (Team ID: none, platform: yes), reason: mapping process is a platform binary, but mapped file is not
    error	16:21:33.055572 -0700	kernel	Library Validation failed: Rejecting '/Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera' (Team ID: W8U66ET244, platform: no) for process 'zoom.us(41050)' (Team ID: BJ4HAAB9B3, platform: no), reason: mapping process and mapped file (non-platform) have different Team IDs
    default	16:21:33.055685 -0700	zoom.us	Error loading /Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera:  dlopen(/Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera, 262): no suitable image found.  Did find:
    	/Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera: code signature in (/Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin/Contents/MacOS/NDIVirtualCamera) not valid for use in process using Library Validation: mapping process and mapped file (non-platform) have different Team IDs
    default	16:21:33.055741 -0700	zoom.us	Cannot find function pointer cmioNDIPluginMain for factory <CFUUID 0x6000008cce40> BB86C477-373F-49D9-AA4B-CE86A0E883F1 in CFBundle/CFPlugIn 0x7fa03c842600 </Library/CoreMediaIO/Plug-Ins/DAL/NDIVirtualCamera.plugin> (bundle, not loaded)
    This is from trying to use Photo Booth and Zoom, opening the list of possible sources in each application. I looked up this error online, and it appears to be related to an issue with the certificate used to sign the binary. Is it possible that someone from the NDI team signed the VirtualInput application with a normal app certificate and not one that has permission to run as a camera plugin?

    I'm using macOS 10.14.6, NdiVirtualInput 1.0 from NDI Tools 4.5

    Has anyone else been able to get the NDI Virtual Input application to work correctly on macOS?

  2. #2
    I spoke with the developer of Virutal Input on the Mac. I can't say that I understand how all of the OSX security aspects come into play, but from what I understand if the host application is code signed, the app is considerd 'self contained' and the only code that can interact with it has be signed by Apple or the maker of the application. There isn't anything that can be done on the NDI Virutal Input side to add 'codesigning permission' to work around it, it is how OSX operates.

    If you are looking for other apps to try, Skype, Teams, Blue Jeans, Cisco WebEx, Chrome, Facebook Messenger Room should all work on OSX 10.14 and higher with NDI Virtual Input. Make sure you download this programs directly from their website, not thru the Apple Store.

    Another option is if you are able to run on OSX 10.13, that is before all of the codesigning aspects were enforced at this level. My MacBook Pro is running on that OS version and I can get NDI Virtual Input to work with Facetime.

    There is an ability to remove the codesigning from Zoom. Some people are doing that to get a many different solutions into Zoom including NDI Virtual Input.
    https://www.theandroidsoul.com/how-t...oblem-on-zoom/
    https://www.youtube.com/watch?v=mo66...ature=youtu.be
    Last edited by kanep; 05-20-2020 at 05:43 PM.
    Kane Peterson
    Solutions Architect
    NewTek, Inc.

  3. #3
    Registered User
    Join Date
    Apr 2020
    Location
    San Francisco, CA
    Posts
    1
    Quote Originally Posted by kanep View Post
    I spoke with the developer of Virutal Input on the Mac. I can't say that I understand how all of the OSX security aspects come into play, but from what I understand if the host application is code signed, the app is considerd 'self contained' and the only code that can interact with it has be signed by Apple or the maker of the application. There isn't anything that can be done on the NDI Virutal Input side to add 'codesigning permission' to work around it, it is how OSX operates.

    If you are looking for other apps to try, Skype, Teams, Blue Jeans, Cisco WebEx, Chrome, Facebook Messenger Room should all work on OSX 10.14 and higher with NDI Virtual Input. Make sure you download this programs directly from their website, not thru the Apple Store.

    Another option is if you are able to run on OSX 10.13, that is before all of the codesigning aspects were enforced at this level. My MacBook Pro is running on that OS version and I can get NDI Virtual Input to work with Facetime.

    There is an ability to remove the codesigning from Zoom. Some people are doing that to get a many different solutions into Zoom including NDI Virtual Input.
    https://www.theandroidsoul.com/how-t...oblem-on-zoom/
    https://www.youtube.com/watch?v=mo66...ature=youtu.be
    I've tried with MacOS 10.14+ and seems that Video does not show up as webcam apps, Used WebEx and Zoom, no go. Seems the sweet spot with NDI Virtual Cam is 10.13. Everything works as is.

  4. #4
    Registered User
    Join Date
    May 2020
    Location
    Houston
    Posts
    2
    Wonder how does Blackmagic Design get their ATEM Mini to show up as a webcam without having to disable code signing on Zoom?
    I'm running Zoom 5.0.2, haven't removed code signature and ATEM Mini shows up as a webcam. I guess it's acting as a generic hardware webcam (native Apple driver?)

    Microsoft Teams & Skype seem to be able to access NDI Virtual Input. Both are code signed.

    UPDATE:

    It appears a new Zoom version is on the way that will re-enable virtual cameras without messing with the code signing:
    https://support.zoom.us/hc/en-us/art...ates-for-macOS

    It's slated as 5.0.4 and has a May 24th date, I guess it will drop anytime now.
    Last edited by SalGarza; 05-23-2020 at 06:57 PM.

  5. #5
    Registered User
    Join Date
    Aug 2015
    Location
    london
    Posts
    272
    Quote Originally Posted by SalGarza View Post
    Wonder how does Blackmagic Design get their ATEM Mini to show up as a webcam without having to disable code signing on Zoom?
    I'm running Zoom 5.0.2, haven't removed code signature and ATEM Mini shows up as a webcam. I guess it's acting as a generic hardware webcam (native Apple driver?)
    Microsoft Teams & Skype seem to be able to access NDI Virtual Input. Both are code signed.
    1) Atem Mini emulates a Webcam in the USB domain so that the built in Apple Class Compliant Webcam driver interacts with it. Since this is a core operating system component, its not excluded by the sandboxing rules in the problematic Zoom version, and in FaceTime.

    2) Teams and Skype are sandboxed, but they also have the Sandbox option enabled to tolerate differently signed components (ie not by Apple and not by the app vendor themselves). This is the parameter Zoom changed which broke Virtual Input, and which it sounds like they have now reverted.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •