I need to be able to view and edit a .sis file. Can anyone suggest the right way to do this please?
Basically, you could indeed extract stuff, modify them and re-pack them. there are tools that can help on this, for example SisContent claims to be able to do so, thus you could use this app at least for viewving the SIS.
Anyhow, the problem there is then the signing. If the app requires capabilities that are ok with Self-signing (and is not having any auto start feature etc.) then you could make own Self-signing certificate, either with the makekeys included in the SDK, or using OpenSSL. With SisContent, there also appears to be Self signing certificate included in it.
Anyhow note that following capabilities: ReadDeviceData, WriteDeviceData, PowerMgmt, ProtServ, SwEvent, SurroundingsDD, Trusted UI, CommDD, DiskAdmin, MultimediaDD, NetworkControl, CommDD, DiskAdmin, MultimediaDD and NetworkControl. Can not be used with self-signing, and as there is no ways on signing apps (and there were never a way on signing others apps) with real Symbian certificate having publicer ID. and thus these apps can not really be installed after they are modified.
Then again, if you are targeting for pre-3rd edition devices, then they are not requiring any signing, thus you could extract the files, modify them, and simply repack with makesis.
There is a software called unmakeSis.
Related
I just noticed that the zlib_support in cocos2d-x is missing crypt.c
I was able to update the code and add crypt.h from
http://programming-practice.googlecode.com/svn/trunk/LevelUp/cocos2d-x/cocos2d-1.0.1-x-0.11.0/cocos2dx/platform/third_party/marmalade/zlib/contrib/minizip/crypt.h
to the project to get it working but I would like to know why this functionality is removed from the framework in the first place? Is there an alternative to the crypt.h I have used?
I finally found out the reason.
When you go on to publish your app, you are required to disclose if you are using encryption or not. And if your answer is yes, then there are separate and significantly longer process of approval. Adding encryption into cocos2d-x would therefore result in long approval times for a large number of apps. Hence it's not included.
http://cheminf20.org/2011/08/29/releasing-an-ios-app-using-encryption-first-time/
I'm working on a little SDK which has a configFile.plist file to store things like secret key.
Developer who implement this SDK in his app, and other users will download the app, they will be able to go into the app binary and change anything in the .plist file.
Is there any way to store this info without letting users modifing the parameters easily? I don't want users to have the ability to change the parametes in the .plist file.
Thanks in advance for any help!
When it comes to plist storage, it's easily accessible either way. Your best option is to provide a class file for configuration, and not a plist. Example below..
//Config.h
#define SHARED_SECRET #"2390849028349829384"
#define SOME_OTHER_VALUE 1
..and so on, this way, the class file is compiled with the App, and not visible to the user but accessible by the developer. Once you #import "Config.h", you can use SHARED_SECRET and SOME_OTHER_VALUE in place of the value itself within the code. If this suffices as a solution to your question, mark it as the answer. Hope it helps..
Keeping in mind that people are going to be able to see/change almost anything with the right tools, you can't prevent people from hacking this.
If the key is going to be different for each user of the SDK, then you might want to make it the Developer's responsibility and have them provide the private key to you using a delegate method. That will make it their problem, and it will make it easier for them to compile the key directly into code, which is going to be less obvious for the end-user to access.
I'm writing a unit test with GHUnit. I would like to check if a file is being generated in the Caches directory within the Library directory of another app. Is this feasible, or are apps prevented from accessing each others' Library directories? And if so, are there any possible workarounds for creating a unit test for this? Could I possibly store the generated file in a different directory, such as Documents, or would that not help?
On device it is not possible at all. In simulator you can theoretically do it if you know the random UUID that names the directory that the application is installed in.
But I would highly discourage you from even trying. Instead make the code you intend to test stand enough of it's own to be testable. A unit test that verifies if another application behaves is on it's own almost as useless as a unit test that verifies that you call an API with the correct arguments.
I don't understand the context that you're attempting to unit test, so maybe my answer is wrong, but what I get is that you want to access your other app because GHUnit builds as a separate app.
There should be no reason to do this - instead of beating the sandbox problem, let's go around the whole issue.
Why not run whatever cache-creating code you are trying to test in the first place from the test target app, and then check the Libary/Cache directory of your bundle?
That's all there should be to it.
Apps can only access their own folders within their sandbox. Is your unit testing app separate from your app that you want to verify the cache contents of?
No, what you would need to do is use url prefixes and have the methods to do whatever you need done registered by that application on install.
I am describing a problem for which it took me quite some time to learn the answer.
The "GenericKeychain" example is a good start at providing a wrapper for sharing keychain data between applications when using the accessGroup in the init.
However, implementing this in my app yielded an obscure error code (which took forever to locate) -25243, which means: No access control.
I ran Apple's example app (GenericKeychain) on my iPad only to get the same error. Huh?
Does Apple's documentation fail to deliver on what is necessary to accomplish this?
After some (a lot of) digging throughout the web, I found the answer. The access Group that you use when constructing your KeychainItemWrapper class must ALSO be specified in each of your application's Entitlements.plist file in the "keychain-access-groups" section.
It seems almost obvious now that I see "keychain-access-groups". However, I had no idea to even look there. Hope this helps others.
Actually it's not hard to do. Please follow the steps.
App1:
Open your App's target Capabilities and enable KeyChain Sharing.
Add a identifier. (eg : com.example.sharedaccess)
Add "UICKeyChainStore" to your project.
Be sure you have a team id added to your App1 project.
Add Security.framework to your App1 project.
And add these codes to somewhere you need.
[UICKeyChainStore setString:#"someValue" forKey:#"someKey" service:#"someService"];
App2:
Open your App's target Capabilities and enable KeyChain Sharing.
Add a identifier. (eg : com.example.sharedaccess)
Add "UICKeyChainStore" to your project.
Be sure you have a team id added to your App2 project.
Add Security.framework to your App2 project.
And add these codes to somewhere you need.
NSString *string = [UICKeyChainStore stringForKey:#"someKey" service:#"someService"];
Your TeamIDs should be same for both projects.
I tried these steps on a real iPhone device.
I also tried these steps with Automatic and iOs Development provisioning profile.
My apps' bundle identifiers were like that : com.example.app1, com.example.app2.
I am quite new all this iPhone stuff. I have no such clear IDea yet about provisioning profile etc.
I will be using my mac machine for two different developer IDs,one for my own and other for the startup where I am working in. Now,how can I use xCode to submit my apps in two different IDs?
thanks
You can explicitly specify a signing identity (as long as they have different names) and a provisioning profile GUID.
EDIT: CODE_SIGN_IDENTITY[sdk=iphoneos*] = iPhone Developer: John Doe (ABCDEF) and PROVISIONING_PROFILE[sdk=iphoneos*] = provisioning-profile-guid in the config (or on the command line). Or in the project settings, search for "sign" and use the nice GUI menu.
Alternatively, use a different user account for your work builds.
EDIT: System Preferences → Accounts and add a new user. It also helps if you enable fast user-switching under "Login Options".