一.重簽名是啥
- 越獄手機(jī)已經(jīng)破解了系統(tǒng)權(quán)限,不需要驗(yàn)證簽名,所以可以安裝任何macho文件(任何應(yīng)用)
- 想要把一個(gè)ipa文件裝到iOS手機(jī)上運(yùn)行,必須經(jīng)過iOS手機(jī)對ipa中mach-o文件的簽名驗(yàn)證.
- 如果我們修改了ipa中mach-o的內(nèi)容,那么便過不了iOS手機(jī)原有的簽名驗(yàn)證.
- 所以我們需要重簽名,將ipa中mach-o文件的簽名和iOS手機(jī)的簽名保持一致性.
- 重簽名的應(yīng)用可以將ipa安裝到非越獄機(jī)上.
二. 準(zhǔn)備工作
- 使用
codesign -vv -d WeChat.app查看WeChat的簽名信息
Executable=/Users/LYK/Desktop/My_iOS/tweak_WeChat/Payload/WeChat.app/WeChat
Identifier=com.tencent.xin
Format=app bundle with Mach-O thin (arm64)
CodeDirectory v=20500 size=1573403 flags=0x0(none) hashes=24579+7 location=embedded
Signature size=4390
Authority=Apple iPhone OS Application Signing
Authority=Apple iPhone Certification Authority
Authority=Apple Root CA
Info.plist entries=66
TeamIdentifier=88L2Q4487U
Sealed Resources version=2 rules=22 files=1388
Internal requirements count=1 size=96
- 使用
security find-identity -v -p codesigning查看我們的證書
1) 2FD3F12C1331F6DA6D95AD91318C251021B78C6C "iPhone Developer: jing liu (98KRJBJXD8)"
三.使用
1.刪除掉ipa中的PlugIns文件夾
2.刪除掉ipa中的Watch文件夾
- 將
Frameworks文件下的framework 一一簽名
codesign -fs "iPhone Developer: jing liu (98KRJBJXD8)" mars.framework
codesign -fs "iPhone Developer: jing liu (98KRJBJXD8)" marsbridgenetwork.framework
codesign -fs "iPhone Developer: jing liu (98KRJBJXD8)" matrixreport.framework
codesign -fs "iPhone Developer: jing liu (98KRJBJXD8)" MultiMedia.framework
codesign -fs "iPhone Developer: jing liu (98KRJBJXD8)" QMapKit.framework
codesign -fs "iPhone Developer: jing liu (98KRJBJXD8)" TXLiteAVSDK_Smart_No_VOD.framework
codesign -fs "iPhone Developer: jing liu (98KRJBJXD8)" WCDB.framework
-
chmod +x WeChat給與其執(zhí)行權(quán)限 - 修改
info.plist文件的bundleID,防止和手機(jī)上已有的bundleID重復(fù)(重復(fù)了就安裝不上). - 從development_pp.mobileprovision文件里抽取entitlements文件
①:security cms -D -i embedded.mobileprovision > temp.plist
②/usr/libexec/PlistBuddy -x -c 'Print :Entitlements' temp.plist > entitlements.plist
③刪除 temp.plist - 將
entitlements.plist復(fù)制到WeChat.app同級路徑,對整個(gè)包簽名
codeSign -fs "iPhone Developer: jing liu (98KRJBJXD8)" --no-strict --entitlements entitlements.plist WeChat.app - 使用
codesign -vv -d WeChat.app查看重簽過的WeChat
Executable=/Users/LYK/Desktop/My_iOS/tweak_WeChat/Payload/WeChat.app/WeChat
Identifier=com.tencent.yk
Format=app bundle with Mach-O thin (arm64)
CodeDirectory v=20400 size=786802 flags=0x0(none) hashes=24579+5 location=embedded
Signature size=4823
Authority=iPhone Developer: jing liu (98KRJBJXD8)
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=Aug 8, 2019 at 19:18:20
Info.plist entries=66
TeamIdentifier=MQW9JGK5AS
Sealed Resources version=2 rules=10 files=1201
Internal requirements count=1 size=172
- 將簽名好的app放到Payload文件夾中,
zip -ry WeChat.ipa Payload,得到WeChat.ipa - 打開xcode -> window -> Devices and Simulators -> +號 安裝ipa.(前提是此iphone在pp文件的設(shè)備列表里面)
四.腳本簽名
下面附腳本簽名,需要修改少量的東西,例如開發(fā)者賬號.
#! /bin/bash
#
#將mobileprovision和ipa放到同一目錄下,給應(yīng)用重簽名
#
developerName="iPhone Developer: jing liu (98KRJBJXD8)"
read -p "請輸入文件夾的路徑:" path
tempPath="$path/temp"
rm -rf $tempPath
mkdir $tempPath
unzip -oqq "$path/*.ipa" -d $tempPath
appPath=$(set -- "$tempPath/Payload/"*.app; echo "$1")
cd ${appPath}
#1.刪除掉ipa中的PlugIns文件夾
rm -rf ${appPath}"/PlugIns"
#2.刪除掉ipa中的Watch文件夾
rm -rf ${appPath}"/Watch"
#3.將Frameworks文件下的framework 一一簽名
cd ${appPath}"/Frameworks"
for frameworkName in `ls`
do
codesign -fs "$developerName" $frameworkName
done
cd ..
#4.給 WeChat 執(zhí)行權(quán)限 (/Users/LYK/Desktop/WeChat.app 截取到WeChat)
rightPath=`echo ${appPath##*/}` #WeChat.app
chmod +x `echo ${rightPath%.*}` #WeChat
#5.修改 info.plist文件的bundleID,防止和手機(jī)上已有的bundleID重復(fù)(重復(fù)了就安裝不上).
read -p "請輸入新的bundleID:" newBI
/usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $newBI" info.plist
#6.從development_pp.mobileprovision文件里抽取entitlements文件
cd $path
security cms -D -i development_pp.mobileprovision > temp.plist
/usr/libexec/PlistBuddy -x -c 'Print :Entitlements' temp.plist > entitlements.plist
#7.對整個(gè)包簽名
codeSign -fs "$developerName" --no-strict --entitlements entitlements.plist $appPath
#8.生成新的ipa包
mkdir Payload
mv $appPath ./Payload
zip -ry new.ipa Payload
if(($?==0))
then
echo "??重簽完成..."
else
echo "壓縮失敗"
fi
rm -rf Payload
rm -rf $tempPath
rm temp.plist
rm entitlements.plist
