之前因?yàn)轫?xiàng)目要做防止二次簽名威蕉,網(wǎng)上找到的方案是通過對(duì)比embedded.mobileprovision中的teamID是否被篡改來實(shí)現(xiàn)防止二次簽名
代碼如下
func checkCodesign(id: String) {
let embeddedPath = Bundle.main.path(forResource: "embedded", ofType: "mobileprovision")!
let embeddedProvisioning = try? String.init(contentsOfFile: embeddedPath, encoding: String.Encoding.ascii)
let embeddedProvisioningLines = embeddedProvisioning?.components(separatedBy: .newlines)
for i in 0 ..< embeddedProvisioningLines!.count {
let emStr = embeddedProvisioningLines![i] as NSString
if emStr.range(of: "application-identifier").location != NSNotFound {
let positionStr = embeddedProvisioningLines![i + 1] as NSString
let fromPosition = positionStr.range(of: "<string>").location + 8
let toPosition = positionStr.range(of: "</string>").location
let range: NSRange = NSRange.init(location: fromPosition, length: toPosition - fromPosition)
let fullIdentifier = positionStr.substring(with: range)
let identifierComponents = fullIdentifier.components(separatedBy: ".") as Array
let appIdentifier = identifierComponents.first
if appIdentifier != id {
exit(0) // (1)
}
}
}
}
但是上傳APPStore卻因?yàn)槌绦蜷W退被拒梗逮。又仔細(xì)查找各種資料才發(fā)現(xiàn),在xcode打包的文件中是有embedded.mobileprovision這個(gè)文件的诬垂,但是當(dāng)上傳到AppStore后劲室,就沒有這個(gè)文件了,因?yàn)檫@個(gè)文件中存放了證書的私鑰公鑰等信息结窘,蘋果會(huì)驗(yàn)證其合法性很洋,如果合法就會(huì)刪除這個(gè)文件,并使用自己的私鑰公鑰重新簽名隧枫,這樣才能保證客戶的證書過期后喉磁,依然能夠保證app能夠在AppStore正常下載使用。
綜上官脓,此方案防止二次簽名只能適配企業(yè)賬號(hào)簽名的ipa包协怒。在此做個(gè)記錄。
相關(guān)鏈接:http://www.reibang.com/p/ccf28e0819fe
