Current location - Quotes Website - Signature design - How does ios check whether ipa is re-signed?
How does ios check whether ipa is re-signed?
Method 1: Terminal command: sigh and resign.

1. Know two things: the certificate to be re-signed and the description file.

Development certificate or enterprise certificate, that is, the certificate and terms description file you want to re-sign. I am a personal account. The kind that doesn't pay. (Automatic management in Xcode generates certificates and profiles).

Attention? : Every re-signed version needs to apply for appid again and provide the configuration file, otherwise the version with appid will be overwritten.

Configuration of mac computer development environment

Install homemade software, command:

/usr/bin/ruby-e " $(curl-fsSL/home brew/install/master/install)"

Install ruby, command: brew install ruby update ruby version.

Install the sight, command: sudogem install the sight.

If there is a mistake, change it to a gem to sigh. The installation process is very long. (Before installing sigh, you should check the mirror source of gem, which is usually https://gems.ruby-china.org now).

Prepare the ipa package that needs to be re-signed.

Not to mention your own ipa. Compile under the product file of the project. You can also download the specific tutorial through AISI Assistant: How does Mac download ipa?

Start re-signing

Step one, download and install the ipa package we want to re-sign? Embedded.mobileprovison is placed in the same folder directory and at the same level.

Step 2, change the terminal cd to the folder directory of this ipa, and execute sigh resign or not? The prodigal son sighed and issued a resignation order.

Step 3: At this time, sigh will directly pop up the following instructions for you to enter: sign your identity, that is, the hexadecimal string of your certificate, enter and press enter, and then wait for the moment to witness the miracle.

Please click to enter a picture description.

Step 4: It's time to verify our re-signed ipa package.

Install ipa package before re-signing, and then install ipa package after we re-sign. If there is no overwrite, two identical applications will appear. If they are clicked to open, it means that our signature is successful. 12

Resignation with a sigh explained that re-signing sometimes failed or could not be installed.

If there is a framework or dylib outside the system in ipa, you need to sign it first, otherwise the installation will fail after signing it! As for the script code roughly executed in sigh, it is as follows:

For frames in "$FRAMEWORKS_DIR"/*

do

if [[ "$framework" == *。 framework || "$framework" == *。 dylib ]]

then

Log "Signing' $framework' again"

# cannot qote KEYCHAIN_FLAG, because it needs to be unpacked and passed to codesign with spaces.

#. Shell inspection disabled =SC2086

/usr/bin/codesign $ { VERBOSE } $ { KEYCHAIN _ FLAG }-f-s " $ CERTIFICATE " " $ framework "

Check status

other

Log "Ignore Non-Frame: $framework"

The ship does not bear the loading fee.

done 123456789 10 1 1 12 13

Students who know or are familiar with the script can read the script file directly: Resign. sh

Location:/library/ruby/gems/2.3.0/gems/sight-2.0.1/lib/assets/sign.sh.

The version number is determined according to the version number of your current sigh plug-in.

Execute this script directly to re-sign IPAs for multiple targets:

. /signal . sh your app . IPA " iPhone Distribution:yourcompany ordevelopername "-p " bundel id " = & lt; path _ to _ provisioning _ profile _ for _ app & gt; . mobile provision-p " bundel id " = & lt。 path _ to _ provisioning _ profile _ for _ watchkitextension & gt; . mobile provision-p " bundel id " = & lt。 path _ to _ provisioning _ profile _ for _ watchkitapp & gt; . mobile provision-p " bundel id " = & lt。 path _ to _ provisioning _ profile _ for _ today extension & gt; . Mobileprovision has been re-signed YourApp.ipa) 1

Apple's policy is getting tighter and tighter, and the feasibility cycle of this scheme is uncertain. Because many schemes are not feasible with the update of the version. As you can know from iTunes, ipa is to be managed, and Apple is paying more and more attention to the security of packages. In addition, it is becoming more and more difficult to apply for a corporate account, and there is also this trend. This method failed.

Method two, iResign? Re-signature scheme

Download iResign. After downloading, an executable iResign.app will appear directly, and you can double-click to execute it.

Please click to enter a picture description.

Please click to enter a picture description.

The parameter path is very clear, as shown in the figure. The first item is the path of ipa that you want to re-sign, the second item is the path of our re-signed configuration description file (it doesn't need to be changed to embedded), and the fourth item is to fill in the name of mobileprovison that we use to generate the re-signature. Bind the identifier, check the change ID, and the fifth item is the certificate of mobileprovison that we used to re-sign.

The third item is not required in many tutorials, but it can't be generated automatically if it is not filled in, and it will always be stuck in the permission generation step and can't be generated. So we must create rights. Please tell us ourselves! First, we extract XXXX.ipa to be re-signed to get the payload directory, then download the terminal cd to the payload directory and execute the following command:/usr/liberec/plistbuddy-x-c "print: Entitlements"/dev/stdin.

Knock, knock. If the signature is successful, please refer to the following figure:

Notes on the use of iResign: A third plist file is needed, and the BULLID of the modified ID should correspond to that modified by plist.

Please click to enter a picture description.

Method 3, iOS ipa re-signature tool-? IOS application signer

Download the iOS App Signer source code and run it on May Mac.

Please click to enter a picture description.

Please click to enter a picture description.

The first item is to fill in the ipa path that we need to re-sign, the second item is the certificate that we want to sign, and the third item is to select the provisoning configuration file that we configured (the default item is invalid only for re-signing), and then click the asterisk!

This method will automatically analyze the contents in the provisoning profile description file, so we don't need to fill in the changed bundle id ourselves.

Please click to enter a picture description.

It is verified that using ipa directly in AISI Assistant: My Application-> is just a trailer.

I have tried this method myself, which is relatively simple and convenient.

Conclusion:

But in the end, everything before re-signing can be opened normally, and everything after re-signing is gone. I don't know why yet.

Related articles
  • Can I see the signature of WeChat personality?
  • What is the uniform of Real Madrid? Who has a photo?
  • Give girls 60 short sentences with exquisite temperament.
  • Employee penalty notice template
  • Thoughts after reading "Little Flying Possum Returns Home"
  • What moved you most about the May 4th party of CCTV 1 in 2020?
  • Meng De and biackpink took a group photo, which made netizens cry, but rose was absent. What is the reason for Ross's absence?
  • A speech about where the gap is.
  • Java adds digital signature to Word Java method to add digital signature to Word
  • What good-looking couples' heads are there?

    • copyright 2024 Quotes Website All rights reserved