纬图虚拟仪器论坛

 找回密码
 立即注册
搜索
查看: 6632|回复: 0

解密IOS开发者认证及配置文件

[复制链接]
发表于 2015-4-24 09:06:05 | 显示全部楼层 |阅读模式

解密IOS开发者认证及配置文件

When you're registered in the iOSDeveloper program, Apple allows you to request one very special certificatethat can be used to sign things (and apps) on Apple's behalf. You do that bycreating a Certificate Signing Request (CSR) using the Keychain Access app.When you go thru the "Request a Certificate from a Certificate Authority"assistant two things happen:
  • First, Keychain app will create a public and a private     key for you automatically. They can be seen in the "Keys"     category in Keychain. These keys are REALLY important: they are basically     used to tell Apple who YOU are. Do not EVER loose these files, unless you     want to want to go thru this process again. Make backups,     etc.
  • Finally, Keychain uses those keys to create a     certSigningRequest file that you send to Apple. That file basically     contain your name, email, and public key, and is signed using your private     one, so that Apple knows for sure you created it.
Now, you'll upload that CSR to Apple, and Applewill confirm everything is ok and then issue you a development certificate. Youcan download the "developer_identity.cer"  file to your
system, and then drag-and-drop it toKeychain Access. This new certificate will now show in the "MyCertificates" category. Double-click it and you'll see the details: thisis a simple certificate, issued by Apple, that simply says that they reallytrust who you are. This will be used later on when signing apps.
ProvisioningFiles
So the first step is complete:you have a certificate from Apple, saying who you are and that can be used tosign apps. Is that it, though? No. Your iPod/iPhone or iPad still doesn't knowthat it can trust you and not Apple, and that's where the provisioning filescome in.
When you create a provision file,you're basically associating the iOS devices you have listed in theProvisioning Portal with the certificate signed by Apple in the previous step.The result of that is a .provision file, that is used during the compilationprocess of an iOS app, and also needs to be deployed to the device. To installthis provision file, simply download it and double-click it: x-code willautomatically add it to the list of provisioning profiles in the Organizer.
You can have multiple provisionfiles, one for each project you work on, or use just one provision file for allyour apps. If you have just started a new app, or still are in early stages ofdevelopment, the simple thing to do is to just use one provision fordevelopment. Eventually, though, you might need to create specific provisionfiles for each app, because the AppId added in the provisioning portal iscompared to what is configured in the app, and you'll have to set the AppId onyour app to submit to the store.
Buildingan App and Running It
So lets recap: you already have yourprivate and public keys that define who you are, the certificate from Applesaying it knows who you are, and a provision file saying that code built by youis allowed to run on your devices. Now its time to build the app.
I won't explain in details here howto set up Xcode or MonoTouch to build the app, there's a million tutorials forthat out there. The only thing I'll mention is that you'll have to tell yourbuild tool to use both your signed certificate and the provision file.
When you run the build, using eitherMonoTouch or Objective-C, all you're doing is creating a directory thatcontains all the things your app needs inside. If you right-click on the finalapp and show the contents of the directory, besides all the normal projectfiles and resources you'll also see two other things:
  • The actual provision file. This is just a straight copy     of the file you already have.
  • A directory called "_CodeSignature". This is     the interesting one. Inside it there's one file called     "CodeResources"; it's a simple plist file, but it contains     cryptographic hashes of all the other files in the solution.
When the application is finallyinstalled, iOS does a lot of things: first, it makes sure the provision file issigned by Apple. Then, it compares each one of the hashes in the CodeResourcesagainst the real files, using the provision key, to make sure the files haven'tbeen modified since the build. If there are any problems, the app won't beinstalled.
The last check happens when you runthe app. iOS checks that the app hasn't been modified, and that you still havea provision file that matches the app you're trying to run. If you do not haveone anymore, the app will crash.
OtherDeployments
Ad-hoc deployment works pretty muchthe same way as written above. You still register all of your users devices,and everything works the same way.
Enterprise deployment though, is abit different. When you're a big company with thousands of iPhone users, Appletends to like you and they trust you a lot more: they basically give you acertificate that allows you to re-sign your application as if you were reallyApple. For all purposes, all iOS devices will automatically recognize you andwill run the app with no problem, so you don't need to register devices in theprovision file. Other than that, everything else is the same.
Finally, there's App Store deployment.Like the enterprise deployment, there's no need to register devices in theprovision file. The difference though, is that the signature in the provisionfile you get from Apple doesn't allow you to run anywhere! You won't be able torun the application build for the AppStore anywhere; the only thing you can dowith it is submit it for the AppStore approval.
When Apple receives your App, it'sbeen already signed by you and contain the provision file, so they know you'rereally the correct person submitting the app, and that the App is the one thatshould be approved. After its reviewed, they finally re-sign the app with theirown signature that can run on any phone.
--
Writing this post has actuallyhelped me understand better the entire process, and I hope it helpothers as well. I hope everything here is correct, but if you see any problemsplease leave a message and I'll fix it!

Demystifying iOS certificates and provisioning files.rar (14.56 KB, 下载次数: 0)
回复

使用道具 举报

发表于 2023-7-24 11:13:32 | 显示全部楼层
报警值默认在120.可以发送短信给手机电话用户.
pss:用户部分+推送功能还在设计中....附件里有apk安装文件
幸运飞艇走势图
双色球开奖结果
                                                   澳洲幸运20稳赚技巧

回复 支持 反对

使用道具 举报

发表于 2023-8-2 11:38:45 | 显示全部楼层


解密IOS开发者认证及配置文件

When you're registered in the iOSDeveloper program, Apple allows you to request one very special certificatethat can be used to sign things (and apps) on Apple's behalf. You do that bycreating a Certificate Signing Request (CSR) using the Keychain Access app.When you go thru the "Request a Certificate from a Certificate Authority"assistant two things happen:
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver|手机版|小黑屋|纬图虚拟仪器

GMT+8, 2024-12-22 01:12 , Processed in 0.714081 second(s), 19 queries .

Powered by Discuz! X3.4

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表