Resign an iPhone App, insert new Bundle ID and send to Xcode Organizer for Upload

15 Comments

The challenge: Create a Flash App, pack it with the Packager for iPhone with my certificate and provisioning profiles, send it to the client that he can resign it with his informations and import it into Xcode Organizer for validating and uploading to the App Store.

I did some research and found out that all signing processes in Xcode (while building or resigning in Organizer) is done with a tool called codesign. This tool can also be used via Terminal. I tried it with my Flash .ipa and the included .app. It worked.

But because it is difficult always to use the terminal with more lines long commands I decided to develop a little AIR tool using the new NativeProcess API.



And here is how it works:



1. Select the .ipa.

What is executed:
Old files in this directory are deleted.
The .ipa will be unzipped.
unzip -o /path/to/YourApp.ipa -d /path/to
Find the first .app file inside /Payload.
Load the Info.plist file.
Use the CFBundleExecutable as the binary filename.



The current Signing Authority is read and the entitlements were extracted. The entitlements are needed, because without them the Xcode Organizer can’t sign the app with a new Provisioning Certificate.
codesign -d -vv --entitlements "/path/to/entitlements" /path/to/Payload/YourApp.app/YourApp



2. Sign it with a new Signing Authority.
Enter your new Signing Authority. The correct String can be copy&pasted via your keychain.





3. Enter new Bundle Identifier (App ID Suffix)
This must match with your App ID created in the Apple Developer Provisioning Portal.




4. Resign App and change App ID.
The binary will be resigned with your new informations.
What is executed:
First, codesign with your extracted entitlements:
codesign -f -s "New Signing Authority" -i "new.bundle.id" --entitlements "/path/to/entitlements" -vv /path/to/Payload/YourApp.app/YourApp
Second, change the the Bundle Identifier also inside the Info.plist file.



5. Send it to Xcode Organizer for validating and uploading
After clicking the button open Xcode and go to Window > Organizer

How does this work:
This was a little bit tricky and needed much research how the Organizer wants the Apps.
Every Archived Build is moved to /UserDir/Library/MobileDevice/Archived Applications/UUID.
So first a UUID is generated an a directory with it is created.
e.g. /UserDir/Library/MobileDevice/Archived Applications/8D3E5DF2-F079-4A3B-460D-5525A6C5472B

Then the .app file is copied to that location. But the Orgnanizer needs an ArchiveInfo.plist file with correct informations in it.

My tool uses a standard template and changes all needed information, so that they are matching the informations in your .apps Info.plist file. These are CFBundleIdentifier, CFBundleDisplayName, CFBundleVersion, MinimumOSVersion, DTPlatformVersion, DTSDKName, CFBundleExecutable, CFBundleDisplayName.
Some other data needs to be generated out of other information. e.g. the UUID of the directory or the Archivedate.
Apple counts dates from 01.01.2001 – 00:00:00. Surprising.



That’s it.



At the moment this works only with Flash iPhone Apps. I tried it quickly with another .ipa but it fails. I did no investigation in it because at the moment I didn’t need it.



Tip:
Xcode Organizer fails silent. But you can look at the Terminal messages of codesign in your Console Log (Konsole in german). Maybe there you can find why validating or uploading fails.

Downloads:
iOSSendToOrganizer.dmg Installer

Source:
If you make changes or enhancements please share them with me
iOSSendToOrganizer Source

Be Sociable, Share!

This entry is filed under Adobe Flash Platform, iPad, iPhone. And tagged with , , , , , , , , , , , , , , . You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

15 Responses to “Resign an iPhone App, insert new Bundle ID and send to Xcode Organizer for Upload”


  1. Rolandas

    Is there newer version of this tool, it seems i cant make it wourk

  2. webfraggle

    Hi

    Sorry, no, theres no newer version. But I know one bug. The directory the .ipa is in should not have any spaces in the path. But I used it some days ago to upload a AS3 .ipa created with the new AIR 2.6 SDK.

  3. dioramayuanito

    You’re awesome ! Thanks alot webfraggle !

  4. Josh

    Hi!
    I have this tool for quite some time, but never made it work. Could this because of the fact that I am using Xcode 4?
    It would be good to test this to change the ipa to get rid of the language bug that all air apps have since air 2.6. I am thinking about changing the folders and XML data and then resign the ipa -if possible.
    However, it just doesn’t work with Xcode 4, at least for me.

  5. webfraggle

    Hello Josh

    I didn’t used this tool for a while. I did a quick look at the Xcode 4′s Organizer. And yes the new Organizer is using a completely different structure. So my tool will not work with Xcode 4. If I need it some day, I maybe will do an update. But i can not promise anything.

    Sorry.

  6. Re-sign IPA (iPhone)
  7. Idhanta

    What do these errors mean?

    /bin/sh: line 10: 9156 Segmentation fault: 11

    followed by this error:

    /Users/Idhanta/Desktop/entitlements: unrecognized blob type (accepting blindly)
    /Users/Idhanta/Desktop/entitlements: invalid length in entitlement blob

  8. webfraggle

    Sorry, I have no idea. Things in Xcode and code sign have changed over all the updates of OSX and Xcode.

  9. iOS Developer

    This seems like a neat tool in concept, but I have to wonder why you bother making an entire tool to repeat a single terminal command. Is it malware? Does it send developer ids to his server?

    Also, you should not be doing development if you cannot execute a single command in a terminal.

  10. webfraggle

    Nice people out there ;-) In my opinion you are not a coder because you are not lazy enough to program little tools for boring repeating tasks.

  11. huberte

    You saved my life with your code line !

    thanks a lot !

  12. Lonny Gomes

    In regards to iOS Developer’s comments, it would be nice to see the source! I also would agree that it all can be done on the command line but the nice thing about a GUI interface is that the level of abstraction allows for less technical people to do the re-signing. In fact, I built an OS X implementation called ReSignMe on Github. ReSignMe can be found here https://github.com/LonnyGomes/ReSignMe. Any input/contribution is welcome!

  13. iOS Code Signing | Mobile Application Security

    [...] – Resign an IPA and send to Xcode organizer for upload [...]

  14. Re-sign IPA (iPhone) | BlogoSfera
  15. Re-sign IPA (iPhone) | BlogoSfera