如何从代码访问iOS Developer Certificate [英] How to get access to iOS Developer Certificate from code
问题描述
有没有办法知道哪个证书应用程序已签名?
Is there a way to know with which certificate app was signed?
我想保护应用程序免于使用其他开发人员证书辞职。
I want to protect app from resigning with another developer certificate.
假设我们有客户端 - 服务器应用程序。服务器保留与开发者证书相关联的唯一密钥。
Let's say we have client-server application. And server keeps that unique key, associated with Developer Certificate.
因此,对于服务器的每个请求,我们都会传递此密钥,如果应用将用另一个开发人员的证书重新组装,然后服务器就会知道这个。
So with every request to server we will pass this key, and if app will be reassembled with another developer's certificate, then server will know this.
这可能吗?或者可能有其他方法来防止辞职?
This is possible? Or may be there another way to protect from resigning?
推荐答案
您可以通过以下方式了解用于签署应用程序的证书和配置文件手动解析应用程序包中包含的 embedded.mobileprovision 文件中的数据。如果查看该文件,您将看到有关证书和配置文件的信息。
You can know the certificate and provisioning profile used to sign the app by manually parsing out data in the embedded.mobileprovision file that is included in the app bundle. If you look through the file you'll see information about the certificate and provisioning profile.
以下是如何以编程方式从您的应用程序中获取嵌入的个人资料数据的示例:
Here's an example of how to get embedded profile data from within your app programmatically:
NSString* bundleDirectory = [[NSBundle mainBundle] bundlePath];
NSString* db = [NSString stringWithFormat:@"%@/embedded.mobileprovision", bundleDirectory];
NSData* data = [NSData dataWithContentsOfFile:db];
// parse through the data to get your provisioning profile info. I'd recommend opening up the profile that is inside your .app to see how it is structured.
HOWEVER:
我不是确定为什么你需要这样做,因为没有人可以重新签署您的应用程序,除非他们拥有正确的证书来匹配为您的应用程序的捆绑ID制作的配置文件。
I'm not sure why you'd need to do this since no one can re-sign your app unless they have the right certificate to match the provisioning profile made for your app's bundle ID.
获得此功能的唯一方法是拥有拥有捆绑ID的Apple开发者帐户的凭据,或者是否有人访问您的证书和配置文件。
The only way to get that is to have credentials to the apple developer account that owns the bundle ID OR if someone 'got access' to your certificate and provisioning profile.
如果发生后者,我相信你应该从苹果开发者账户中撤销该配置文件,并创建一个新的配置文件来解决安全漏洞。这样,只要您有权访问开发人员帐户,就可以一直踩到这种安全漏洞,而不是在客户端和服务器之间编写代码来检查它。
If the latter occurred I believe you should revoke that provisioning profile from within the apple developer account and create a new one to work around the security breach. This way as long as you have access to the developer account you can always stomp on such a security breach that way, instead of writing code between client and server to check for it.
这篇关于如何从代码访问iOS Developer Certificate的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
