# 07.iOS重签名调研

> 要想保留原APP的bundleId不变，则重签名的证书的bundleId规则如下： 原App的bundleId: com.abc.hell 用于重签名的bundleId:com.abc.hell.xyz 保证原APP的bundleId是重签名的bundleId的前缀

## Step 1:  查看App证书情况

执行命令：

```
codesign -d -vv /Users/RyukieW/Inke/技术相关/重签名调研/sui/Payload/Finance.app
```

输出：

```
Executable=/Users/RyukieW/Inke/技术相关/重签名调研/sui/Payload/Finance.app/Finance
Identifier=com.feidee.myfinance
Format=app bundle with Mach-O thin (arm64)
CodeDirectory v=20400 size=67736 flags=0x0(none) hashes=2108+5 location=embedded
Signature size=4820
Authority=iPhone Developer: xiangdong Ren (23Z6TN7Z56)
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=Nov 14, 2018 at 10:58:22 AM
Info.plist entries=37
TeamIdentifier=3Q47P4VEX9
Sealed Resources version=2 rules=10 files=446
Internal requirements count=1 size=180
```

## Step 2: 查看是否被加密（是否破解）

```
gebiwangshushudeMacBook:Finance.app RyukieW$ otool -l Finance | grep cryp
     cryptoff 16384
    cryptsize 6897664
      cryptid 0
```

> 其中cryptid为0代表已经砸壳，即解密，为1或者2表示以第1类或者第2类加密方案加密。

## Step 4： 查看本地证书并记录需要用到的证书

```
security find-identity -v -p codesigning
```

iPhone Developer: kai chen (8SRJU35B8T)

* 找一个开发环境配置文件生成entitlements.plist文件，后面签名要用到：

```
security cms -D -i XX.mobileprovision > profile.plist
/usr/libexec/PlistBuddy -x -c 'Print :Entitlements' profile.plist > entitlements.plist
cat entitlements.plist
```

* 把准备好的开发环境配置文件复制到XX.app文件夹下：

```
cp XX.mobileprovision Payload/XX.app/embedded.mobileprovision
```

* 修改包Info.plist中的Bundle Identifier与配置文件中的Bundle Identifier保持一致：

```
/usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier com.gdinke.meetstar.dev" Info.plist
```

* 移除之前的签名文件夹：

```
rm -rf _CodeSignature
```

## Step 5: 重签名

* 重签名framework

```
codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Alamofire.framework

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" TZImagePickerController.framework

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" CryptoSwift.framework        

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" WCDBSwift.framework

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceAlert.framework    

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" XLActionController.framework


codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceImagePicker.framework    

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftAVFoundation.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceKeyboard.framework        

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftAccelerate.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceKit.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCore.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceLoadingView.framework    

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCoreAudio.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceNotice.framework        

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCoreData.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinancePoper.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCoreFoundation.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceRefresh.framework        

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCoreGraphics.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceRuler.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCoreImage.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" FinanceVendors.framework        

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCoreLocation.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" IQKeyboardManagerSwift.framework

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftCoreMedia.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Iverson.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftDarwin.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Kingfisher.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftDispatch.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Messi.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftFoundation.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Moya.framework                

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftMediaPlayer.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Pageboy.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftMetal.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" PopoverKit.framework        

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftObjectiveC.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Reachability.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftPhotos.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Result.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftQuartzCore.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" SnapKit.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftSwiftOnoneSupport.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" SwiftSVG.framework        

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftUIKit.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" Swifty.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftos.dylib

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" SwiftyJSON.framework            

codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" libswiftsimd.dylib
```

* .app文件重签名

```
codesign -f -s "iPhone Developer: kai chen (8SRJU35B8T)" --no-strict --entitlements=entitlements.plist Finance.app
```

* 查看App签名信息

```
```

## Step 6: 打包

```
zip -ry Finance.ipa Payload

// zip –ry 「输出文件名」 「输入文件名」
```

## 参考

> iOS逆向微信
>
> > <https://cloud.tencent.com/developer/article/1445897> <https://www.jianshu.com/p/31232eef35c5> <https://juejin.im/post/5c7e796351882532cd57adc4#heading-19> iOS应用程序的重签名(打包) <https://blog.csdn.net/skylin19840101/article/details/60583893> iOS逆向必备绝技之ipa重签名 <https://www.yangshebing.com/2018/01/06/iOS%E9%80%86%E5%90%91%E5%BF%85%E5%A4%87%E7%BB%9D%E6%8A%80%E4%B9%8Bipa%E9%87%8D%E7%AD%BE%E5%90%8D/?utm_source=tuicool&utm_medium=referral> 超级签名-原理/机制/技术细节-完全解析 <https://juejin.im/post/5cdeb72151882525cc707729>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ryukiedev.gitbook.io/wiki/ios/za-xiang/ios-zhong-qian-ming-tiao-yan.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.