How to codesign automatically generated iOS apps? - iphone

Greetings,
I'm in the progress of writing a web server script that lets you create custom iOS apps (basically exchanging logos and a few other things). The web server customizes a previously uploaded "shell" .ipa and re-zips the whole container to send it to the user's browser. That is: we customize a previously uploaded .ipa on the web server and let the user download it for submission to the App Store.
The next step would be to re-codesign the whole .ipa - because we changed the .IPA contents and the user must use his own signing identity - so that he can actually upload it to the App Store.
From what I understand, there is a "CodeResources" file which contains some kind of hash for each resource file in the bundle, and the executable contains some kind of embedded signature as well. To generate these, you'd have to use the "codesign" utility on the user's computer, then use Application Loader to submit it to the App Store. Correct so far?
What I'm trying to find out is:
Is there a way to codesign the .ipa on the server (with having the user upload his certificate beforehand), so that he does not have any extra work to do?
If 1) is not possible, is there some kind of tool that allows to re-codesign the .ipa without much hassle? Xcode seems to require some project setup work to do just a bit of code signing - if possible at all.
Are there any alternative ways to codesign the .ipa files for the user - possibly without having to manually do it by hand?
Thanks in advance!

Xcode uses the codesign command line utility to create the CodeResources folder and the digital signature, you can invoke it yourself to sign an app bundle outside of Xcode. You could probably automate this on a server if the server was running Mac OS X; if you're really clever you might be able to figure out how to create the signature yourself using openssl (the signing certificates, etc. are all standard stuff). Or, if you can count on the user having the dev tools installed, provide them with an app that automates the signing for them.
Here's a blog entry describing some of the process (though the use case is a little different).

I don't like to answer my own question, but I want to close this after so long.
We ended up using Xcode's targets and schemes to ease up the generation of many different apps. Since we have a reasonable number of app variants, this seems to be OK for now.
Code signing is a mess and Apple constantly changes the technical process behind it - so it's a moving target and requires a lot of hacking and trial-and-error work.

Related

how to make IPJSUA become a .IPA file?

I just compile the IPJSUA and build using xCode 4.3.2, and also run on simulator. But still can't call/send IM.
I'm thinking about limitation for simulator, now I want to deploy into .IPA file and test it using my phone. But I got an error.
If I'm using iPhone Developer Certificate, I got a lot of error like this pic.
If I'm using iPhone Distribution Certificates, I got a error message like this.
No unexpired provisioning profiles found that contain any of the keychain's signing certificates
Anybody ever try how to make IPJSUA into .IPA files?
What different between iPhone Developer Certificate and iPhone Distribution Certificate?
Here is the picture, I already linked the library, the architectures, and the search path.
I already can make the .IPA file, but still can't make a call or send IM. can you make a call with IPJSUA using your devices/simulator?
thanks.
UPDATE: Already can call/send IM/add buddy. I will Refer to the new question that I will answer by myself. The step by step of using PJSIP on xCode. Thanks.
If you're just testing it on your own phone, and your phone is registered in the developer portal then there is no need to generate a .IPA file. You can just plug your device into the computer and build it directly onto the device. If however you want to distribute to multiple devices that aren't registered yet(such as friend's devices), i would suggest looking into testflight which simplifies this process, and gives a step by step instruction here on how to create and upload your IPA.
It took me days to get ipjsua running on devices. A couple things I ran into:
Are you linking to all the proper binaries? There's about 20 or so you need to link to, you can check their ipjsua sample app for reference.
Did you add the armv7 and armv6 architectures in your build settings? We had to add both (this was probably back in September of last year when we were building it, for reference)
Are your Library Search Paths and Header Search Paths in build settings correct? For headers we have pjsip/include, pjlib/include, pjlib-util/include, pjnath/include, and pjmedia/include. For Library paths we have all the same (with /lib instead of /include of course)

Legality of transferring IPA files between people

We are currently developing an app for a client in the US, we are based in the UK. We need to "proof" the app as we make changes with our client i.e. get them to check the updates before we go any further.
The issue we're having is that transferring an IPA file to our client has been advised by their legal team as illegal. Is there any other way (simply) to allow our client to view this app regularly as we update it?
Cheers
IANAL, however, their legal team is wrong. When I click Build and Archive, and then Share by Email, the generated email file contains an ipa. This is an Apple-sanctioned method of doing ad-hoc sharing of iPhone apps.
What is probably confusing them is that if you're pirating apps, you use ipa files as well. However, saying that sharing ipa files is illegal is like saying sharing .exe files is illegal. Sometimes, yes. In this case: no, so long as the devices that are running it have been properly provisioned.

iPhone Provisioning: What's it all about?

Grepping around, I see that I'm not AT ALL alone in being... challenged... by the process of setting up an iPhone app, getting it to run, giving it my testers, and so on.
I've gotten it to work. Somehow I emailed a copy or two to testers, and eventually got my li'l app into the store, and that was fine.
But I can't say a really, deeply understand it! (And I don't do iOS dev every day. Even now my recollection of what I did is kind-of hazy.)
I'm moderately capable of understanding things, if presented, well, you know, in a way I can understand.
Can anyone point me to a crystal clear explanation of what provisioning actually is?
I feel that if I understood it, the recipes to do it would be obvious.
Thanks!
Development provisioning profiles sign your application, and allow the phone to know it's OK to run. These days, XCode automatically makes a Development Profile for you (the "Team Profile").
The other kind of profile, when you are talking about other people running you app, is a Distribution Profile. You need a Distribution profile for either giving your app to the store, or for giving to beta-testers.
The profile is what allows other people's phones to know it's OK to run your app, basically it includes a list of device ID's approved to run that application on the phone in question, along with being signed so that the phone knows the whole thing is valid.
If you read advice around the web concerning distribution, it's easy to get confused because things used to be a lot harder. You used to have to send Distribution certificates separately from your app to beta testers. These days the certificates are included in your app bundle so you don't have to worry about that.
Furthermore, sending an AdHoc build can be all kinds of unpleasant - for testers using Windows. These days, the absolute best way to do beta testing is have a link on the web that uses the Enterprise ad-hoc deployment feature, to let a user with iOS4 or higher automatically download and install your application with no iTunes or copying work at all. In fact I would at this point refuse to use beta testers running windows who were not on iOS4 or higher.
The guide link posted should have a section about the enterprise ad-hoc, but basically the way it works is there's a small plist file the phone downloads, that has a link to the IPA file containing your app. You point the phone to a specially formatted link to the plist file and the phone fetches the application directly.
All of this is predicated on using the "Build and Archive" option for building any ad-hoc distribution build. You should do that anyway because it also saves out a symbol file for you to use in debugging crash reports.
EDIT:
Here's a little more detail on enterprise deployment (which works for any registered developer, not just Enterprise registered developers):
http://jeffreysambells.com/posts/2010/06/22/ios-wireless-app-distribution/
The Developer Program User Guide should be helpful.

iPhone: Application submission in AppStore

I want to submit my application in AppStore. After i have gone through the docs there, i see i should go to iTunes Connect and fill the form to submit my application in AppStore. If someone already did it, can you guys please share your suggestion?
I did build 'Distribution' in my Xcode project and compressed my app ready, i want to upload it in AppStore as i have already a developer account.
** I also want to know, should my build be created using 'Distribution' configuration and built with Distribution provisional file? I have three provisional file created such as Main provisioning profile in 'Provisioning->Development' tab in Portal and Ad-hoc, AppStore provisional profiles in 'Distribution' tab in Portal. Which one i should use in Xcode and build my application to upload that in AppStore? Can i use any one of the three?
**Can i go to iTunes Connect and fill the form to upload my app? During filling the form it asks for 'Does your product contain encryption?' Why is that and what does it mean? After further filling up the details, will it ask me to upload my Zipped application(myApp.app file) there? How would be the process further, just give me some brief idea please?
Clave/
I also want to know, should my build
be created using 'Distribution'
configuration and built with
Distribution provisional file?
Yes. Your build must be signed with distribution profile. And do not forget about Entitlements.plist file
Can i go to iTunes Connect and fill the form to upload my app?
Yes :)
After further filling up the details, will it ask me to upload my Zipped application(myApp.app file) there?
Yes, there will be a screen where you should upload your zipped binary (as well as 512x512 Application icon and screenshots)
How would be the process further, just give me some brief idea please?
You'll need to fill some forms - application description, category, pricing, stores where distribute your app, some questions to rate your app (in case it contain "objectionable" contents) etc
Anyway (IMO) everything is user friendly and clear there.
In order to upload your app to the app store you must build with a distribution profile, thats pretty much all you need...If you dont know what using encryption means then odds are you are not using encryption so check no for that...after that its pretty straight forward you fill out the info form and submit it for review. If at any step you do something (such as use a wrong provisioning profile) itunes connect will tell you and wont let you proceed, so if you succesfully finish submitting the app then you are good to go...there is also an itunes connect guide you can use here https://itunesconnect.apple.com/docs/iTunesConnect_DeveloperGuide.pdf
Go here:
http://developer.apple.com/iphone/
On the right of the page, there is a section called "App Store Resource Center", and inside of that there are some great resources like Preparing your App for Submission, etc.
Also, under the Distribution section of the Program Portal, there are some answers to questions like how to build and zip your app for submission, and properly configuring Xcode for the build.
Encryption:
The reason it's asking you for this information is because there are laws around exporting certain types of encryption. You would know if you are using this in your application. If you said yes, there would be some follow up questions and it might lock your application to the US App Store only if your encryption was too high to export. For more information on encryption, your friendly neighborhood search engine can do the rest :)

Updating resource files for iPhone app

I've developed a generic iPhone app, intended for customization via a myapp.cfg file. I've successfully deployed the app to my adhoc testers via iTunes. My question is, how do I update their myapp.cfg file via iTunes. In other words, if they edit the .cfg file on their Windows PC or Macbook, how do they get it into the apps bundle in the iPhone?
You'll need to provide your own mechanism to download the config file into the application's Documents area; as app bundles are effectively sealed by the code signing process there's no way to modify the bundle post facto. As you have no interface to iTunes you need to provide your own mechanism - you might choose to do something like OmniFocus which uses Bonjour to discover the computer from which it retrieves its sync settings.
Looking at it another way; why use a config file at all? Other iPhone applications use a settings bundle and the standard application preferences as recommended by Apple, why do something different? There's always a chance that you'll confuse the user.