resign app from appstore and launch it

Questions and Answers about all things *OS (macOS, iOS, tvOS, watchOS)

resign app from appstore and launch it

Postby Wingzero » Thu Nov 30, 2017 4:01 am

Hi there,

Maybe it's a newbie question, but I couldn't find a right answer from google.

There is app like 'app signer' (https://github.com/DanTheMan827/ios-app-signer) which can resign apps.

Now I use my apple account downloaded abc.ipa from other people which is from AppStore. I can use Xcode to install abc.ipa to my iPhone, and launch it, without problem;

Then I use my own develop certs and wildcard provisioning file to sign it, app signer works without any issue and give me a new ipa.

However when using Xcode to install it, after install, every time I click the app button, it will crash then. So, any mistake, or it's impossible to do so?

I tried to use a new bundle id when resigning, but still crashed.
Wingzero
 
Posts: 34
Joined: Thu Jul 27, 2017 2:35 am

Re: resign app from appstore and launch it

Postby angu2111 » Thu Nov 30, 2017 5:40 pm

AppStore app are encrypted by Apple before download, therefore resigning will not work.
You will need an not encrpyted version of the ececutable in order to be able to resign it (for instance https://github.com/KJCracks/Clutch)
angu2111
 
Posts: 1
Joined: Fri Nov 17, 2017 4:12 pm

Re: resign app from appstore and launch it

Postby Wingzero » Fri Dec 01, 2017 2:03 am

angu2111 wrote:AppStore app are encrypted by Apple before download, therefore resigning will not work.
You will need an not encrpyted version of the ececutable in order to be able to resign it (for instance https://github.com/KJCracks/Clutch)


Thanks! I have learned cryptography sometime, so knowing encryption and signing techniques. I wonder what's the order o signing and encrypting? I'm not clear about the details, but I guess resign does not touch encrypted binary, so it should be fine. So if apple encrypt the binary first and sign it, we simply resign the encrypted binary, but this is clearly not the case we are facing. It seems encryption also encrypts signature?

Where can we find more details? Thank in advance.
Wingzero
 
Posts: 34
Joined: Thu Jul 27, 2017 2:35 am

Re: resign app from appstore and launch it

Postby Siguza » Fri Dec 01, 2017 3:07 pm

Encryption encrypts the __TEXT segment. The signature depends on hashes of the code in the text segment. If the text segment is encrypted, a valid signature cannot be calculated.

Signatures themselves are, to my knowledge, not encrypted though, so if there is a signature present already, it should be possible to use the existing hashes to create a new one... J, feature request for jtool? :P
User avatar
Siguza
Unicorn
 
Posts: 159
Joined: Thu Jan 28, 2016 10:38 am


Return to Questions and Answers

Who is online

Users browsing this forum: No registered users and 2 guests