Apple是否会修改提交到App Store的应用程序上的iOS应用程序可执行文件？ [英] Does Apple modify iOS application executables on apps submitted to the App Store?

问题描述

当应用程序通过App Store购买并安装在用户的iPhone上时，与原始应用程序包中提交给Apple的原始可执行文件相比，应用程序的可执行文件是否逐字节相同？或者它是不同的（例如，使用额外的签名或加密）？

Is an app's executable file byte-for-byte identical when the app is purchased through the App Store and installed on a user's iPhone, compared to the original executable file submitted to Apple in the original app bundle? Or is it different (for example, with additional signatures or encryption)?

我只关心可执行文件，而不是整个应用程序包。

I am concerned only about the executable file, not the entire app bundle.

特别是代码如......

In particular, would code such as ...

int main(int argc, char* argv[]) {
   FILE* file = fopen(argv[0], "rb");
   // Read entire contents of executable file; calculate a hash value
   // ...
   fclose(file);
}

...计算与计算iPhone外部哈希值相同的哈希值原始的，提交的可执行文件？

... calculate the same hash as calculating the hash outside of the iPhone on the original, submitted executable?

例如，如上所述计算SHA256哈希然后在XCode中使用Build and Run在附加的iPhone上运行产生完全相同的结果通过从OS X中的终端运行 openssl sha256 MyAppExecutableFile 来计算SHA256哈希。这意味着通过XCode安装应用程序的行为不会改变可执行文件。

For example, calculating a SHA256 hash as above then using "Build and Run" in XCode to run on an attached iPhone produces exactly the same result as calculating the SHA256 hash by running openssl sha256 MyAppExecutableFile from a terminal in OS X. This means the act of installing the app through XCode does not alter the executable file.

我的问题是，当应用程序提交到App Store，购买并安装时，这是否仍然存在。

My question is whether or not this still holds when an app is submitted to the App Store, purchased, and installed.

推荐答案

应用程序可执行文件在App Store上发布时由Apple加密，因此在您自己的二进制文件上自行运行校验和不是一个好主意 - 您无法知道加密的文件大小提前二进制 - 。

The application executable is encrypted by Apple when released on the App Store, so self-running a checksum on your own binary is not a good idea —you cannot know the file size of the encrypted binary in advance—.

请注意，二进制总是仍然是加密的d在文件系统中，只有iPhone root用户可以解密这些二进制文件。如果您使用iTunes从App Store下载应用程序，则可以在PC或Mac上打开IPA，并通过运行otool看到二进制文件确实已加密：

Mind you, the binary always remains encrypted in the file system, and only the iPhone root user can decrypt these binaries. If you download an app from the App Store with iTunes, you can open the IPA on your PC or Mac and see that the binaries are indeed encrypted by running otool:

otool -l <app binary> | grep cryptid
crypt id 1
(a value of cryptid 1 means the app is encripted)

otool -l <app binary> | grep cryptsize
12345678
(size of the encrypted segment)

这篇关于Apple是否会修改提交到App Store的应用程序上的iOS应用程序可执行文件？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！