img

天道酬勤

iOS / Ruby /Shell

LiJingBiao

个人网站

欢迎来到我的个人博客~

iOS重签名脚本

| 阅读:

目录

#!/bin/sh
#说明:需要修改的参数
# 1. APP_NAME,如:APP_NAME=MiHome.app
# 2. KEYCHAIN_ID,即证书对应的SHA256, 如 KEYCHAIN_ID="B69D7658D231BD17F335B67E07BA333685C1F290"
# 3. BUNDLE_IDENTIFIER,授权文件对应的BundleID,如BUNDLE_IDENTIFIER="com.dahuatech.lecheng"
# 4. 授权文件,修改为embeded.mobileprovision后放入目录中,如PROVISION_IOS="${TEMP}/embeded.mobileprovision"


############################################################
#通用函数定义

#打印命令
function echoCommand()
{
    echo "$1"
    $1
}

#打印xcode、编译环境信息
function printXcodeInfo()
{
    xcode-select --version
    xcode-select --print-path
    security find-identity -v -p codesigning
}

# 打印电脑中安装的授权文件
function printProvisionFiles()
{
    ls -l ~/Library/MobileDevice/Provisioning\ Profiles/
}

# Generate entitlements
# 通过Profile文件生成签名用的entitlements.plist文件
#参数1:Profile文件,保存至ENTITLEMENTS_PLIST中
#返回值:plist文件路径
function generateEntitlementPlistFile()
{
    if [[ -z $1 ]]; then
        echo "Error: No profiles input..."
    fi

    provisionvalue=`cat "${1}"`
    parseEntitlement=${provisionvalue#*<key>Entitlements</key>}
    entitlementFromMPP=${parseEntitlement%%</dict>*}
    entitlementFromMPP="${entitlementFromMPP/<string>\*<\/string>/<array><string>applinks:funcshop.imoulife.com</string><string>applinks:dvl.lechange.cn</string><string>applinks:dx.lechange.cn</string><string>applinks:func.lechange.cn</string><string>applinks:u5c.cn</string></array>}"
    entitlementHeader1='<?xml version="1.0" encoding="UTF-8"?>'
    entitlementHeader2='<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">'
    entitlementHeader3='<plist version="1.0">'
    fullEntitlement=$entitlementHeader1$entitlementHeader2$entitlementHeader3"${entitlementFromMPP}</dict></plist>"
    echo "${fullEntitlement}" > "$(pwd)/entitlements.plist"

    #echo "------------ Entitlements file used --------------"
    #echo "${fullEntitlement}"
    #echo "--------------------------------------------------"

    echo "$(pwd)/entitlements.plist"
}

#对可执行文件进行签名
#参数1:授权文件路径
#参数2:证书KeychainId
#参数3:可执行文件路径
function resignFile()
{
    echo "Resign File: $1, $2, $3"
    entitlementsPlist=`generateEntitlementPlistFile $1`

    #去除旧的签名
    echo "Remove _CodeSignature..."
    rm -rf "$3/_CodeSignature"

    #拷贝描述文件
    echo "Copy provisioning file to ... $3/embedded.mobileprovision"
    cp -rf "$1" "$3/embedded.mobileprovision"

    #目录下有Frameworks文件夹,则需要对所有动态库进行重签名
    if [ -d "$3/Frameworks" ];then
        `codesign -v -f -s $2 $3/Frameworks/*`
    fi

    #对可执行文件进行签名
    `codesign -v -f -s $2 --entitlements ${entitlementsPlist} $3`
}

############################################################
# main loop
echo "[******************** *. List Xcode & codesign info... ********************]"
printXcodeInfo

#echo "[******************** *. List Provisionfiles ... ********************]"
#printProvisionFiles

echo "[******************** 0. Check build path ... ********************]"
#文件夹路径
TEMP=`pwd`
cd "$TEMP"

#将xx.app拷贝到Payload目录下,自动读取App名称
#APP_NAME=$(ls "$TEMP/Payload")

#将xxx.app拷贝到Resign目录下
APP_NAME=MiHome.app
APP_BINARY_NAME=${APP_NAME%.*}
echo "Check Path TEMP:${TEMP}"
echo "AppName: $APP_NAME"

#临时处理,只是保证每次动态注入的二进制是原始的
rm -rf ./Payload/*
cp -rf MiHome.app ./Payload/

#检测二进制文件是否脱壳
echo "[*** Check crypt: otool -l Payload/${APP_NAME}/${APP_BINARY_NAME} | grep crypt... ***] "
APP_CRYPT_INFO=`otool -l Payload/${APP_NAME}/${APP_BINARY_NAME} | grep crypt`
echo $APP_CRYPT_INFO
if [[ $APP_CRYPT_INFO =~ "cryptid 1" ]];then
    echo "[******************** Fatal error, binary is encrypted... ********************]"
    exit
else
    echo "[*** Check crypt succeed... ***] "
fi


echo "[******************** 1. Set resign parameters ... ********************]"

#证书签名变量【p12文件修改后需要更新】
KEYCHAIN_ID="B69D7658D231BD17F335B67E07BA333685C1F290"
BUNDLE_IDENTIFIER="com.dahuatech.lecheng"
PROVISION_IOS="${TEMP}/embeded.mobileprovision"

#libCommonCrack.dylib,注入的动态库,不能加上路径,否则App在启动时执行路径会变成 dylib path @executable_path//Users/
LIB_COMMON_CRACK="libCommonCrack.dylib"
LIB_REVEAL="libReveal.dylib"
#DISPLAY_NAME=""    #eg.xxx

echo "[******************** 2. Resigning for ${APP_NAME} ... ********************]"

#为方便签名,去除watch和插件文件夹
rm -rf $TEMP/Payload/$APP_NAME/Watch
rm -rf $TEMP/Payload/$APP_NAME/PlugIns

#修改BundleID
if [[ $BUNDLE_IDENTIFIER ]]; then
    echo "change bundle ID: ${BUNDLE_IDENTIFIER}"
    `/usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier ${BUNDLE_IDENTIFIER}" "$TEMP/Payload/$APP_NAME/Info.plist"`
fi

#修改App名称
if [[ $DISPLAY_NAME ]]; then
    echo "change display name: ${DISPLAY_NAME}"
    `/usr/libexec/PlistBuddy -c "Set :CFBundleDisplayName ${DISPLAY_NAME}" "$TEMP/Payload/$APP_NAME/Info.plist"`
fi

#删除UISupportedDevices
`/usr/libexec/PlistBuddy -c "Delete :UISupportedDevices" "$TEMP/Payload/$APP_NAME/Info.plist"`

#设置为可以通过iTunes进行共享
`/usr/libexec/PlistBuddy -c "Delete :UIFileSharingEnabled" "$TEMP/Payload/$APP_NAME/Info.plist"`
`/usr/libexec/PlistBuddy -c "Add :UIFileSharingEnabled bool 1" "$TEMP/Payload/$APP_NAME/Info.plist"`

#注入动态库
echo "yololib dynamic framework/lib: $LIB_COMMON_CRACK"
./yololib "$TEMP/Payload/${APP_NAME}/${APP_BINARY_NAME}" $LIB_COMMON_CRACK
./yololib "$TEMP/Payload/${APP_NAME}/${APP_BINARY_NAME}" $LIB_REVEAL

#copy 动态库:将需要加载的动态库,拷贝到App主目录下
echo "copy dynamic framework/lib"
cp -rf ./$LIB_COMMON_CRACK "${TEMP}/Payload/${APP_NAME}"
cp -rf ./$LIB_REVEAL "${TEMP}/Payload/${APP_NAME}"

# Resign file
resignFile "${PROVISION_IOS}" "${KEYCHAIN_ID}" "$TEMP/Payload/${APP_NAME}/$LIB_COMMON_CRACK"
resignFile "${PROVISION_IOS}" "${KEYCHAIN_ID}" "$TEMP/Payload/${APP_NAME}/$LIB_REVEAL"
resignFile "${PROVISION_IOS}" "${KEYCHAIN_ID}" "$TEMP/Payload/${APP_NAME}"

echo "==============================================="
echo "Resign result"
codesign -dvvv $TEMP/Payload/${APP_NAME}

#清理临时文件
rm -rf entitlements.plist

# Zip file generate new ipa file
echo "zip file generate new ipa file"
rm -rf resign.ipa
echoCommand "zip -qr resign.ipa Payload "


echo "[******************** End resigning ... ********************]"

打赏一个呗

取消

感谢您的支持,我会继续努力的!

扫码支持
扫码支持
扫码打赏,你说多少就多少

打开支付宝扫一扫,即可进行扫码打赏哦