App签名原理以及应用的重签名

于 2018-08-23 21:42:19 发布
阅读量3.9k 收藏 1
点赞数
分类专栏: iOS 文章标签: 重签名 证书 iOS重签名 命令行签名 动态库签名
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/wj610671226/article/details/81988629
版权

App签名原理以及应用的重签名

在日常开发中,我们都是利用Xcode来打包签名我们的应用的,在签名过程中需要的是文件主要包括:

1、CertificateSigningRequest.certSigningRequest
2、App ID
3、创建的证书(aps_development.cer)
4、配置文件(demo.mobileprovision)
5、真机的测试还需要注册手机

  • CertificateSigningRequest.certSigningRequest

包括:申请者信息、申请者公钥、摘要算法和公钥加密算法

    0:d=0  hl=4 l= 642 cons: SEQUENCE          
    4:d=1  hl=4 l= 362 cons:  SEQUENCE          
    8:d=2  hl=2 l=   1 prim:   INTEGER           :00
   11:d=2  hl=2 l=  61 cons:   SEQUENCE          
   13:d=3  hl=2 l=  32 cons:    SET               
   15:d=4  hl=2 l=  30 cons:     SEQUENCE          
   17:d=5  hl=2 l=   9 prim:      OBJECT            :emailAddress
   28:d=5  hl=2 l=  17 prim:      IA5STRING         :2186682180@qq.com
   47:d=3  hl=2 l=  12 cons:    SET               
   49:d=4  hl=2 l=  10 cons:     SEQUENCE          
   51:d=5  hl=2 l=   3 prim:      OBJECT            :commonName
   56:d=5  hl=2 l=   3 prim:      UTF8STRING        :mac
   61:d=3  hl=2 l=  11 cons:    SET               
   63:d=4  hl=2 l=   9 cons:     SEQUENCE          
   65:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
   70:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :CN
   74:d=2  hl=4 l= 290 cons:   SEQUENCE          
   78:d=3  hl=2 l=  13 cons:    SEQUENCE          
   80:d=4  hl=2 l=   9 prim:     OBJECT            :rsaEncryption
   91:d=4  hl=2 l=   0 prim:     NULL              
   93:d=3  hl=4 l= 271 prim:    BIT STRING        
  368:d=2  hl=2 l=   0 cons:   cont [ 0 ]        
  370:d=1  hl=2 l=  13 cons:  SEQUENCE          
  372:d=2  hl=2 l=   9 prim:   OBJECT            :sha256WithRSAEncryption
  383:d=2  hl=2 l=   0 prim:   NULL              
  385:d=1  hl=4 l= 257 prim:  BIT STRING
  • aps_development.cer

取出CertificateSigningRequest.certSigningRequest的公钥添加账号信息,再通过哈希算法生成一个信息摘要,使用苹果的CA私钥进行加密.
证书信息包括:申请者信息、申请者公钥、通过苹果私钥加密的数字签名

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3374615860942785221 (0x2ed50b3efce4cac5)
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=Apple Inc., OU=Apple Worldwide Developer Relations, CN=Apple Worldwide Developer Relations Certification Authority
        Validity
            Not Before: Jul 26 03:32:12 2018 GMT
            Not After : Jul 26 03:32:12 2019 GMT
        Subject: UID=com.your.demo, CN=Apple Development IOS Push Services: com.your.demo, OU=C2R4SEKKYS, C=CN
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d1:df:fa:d6:42:09:b7:f6:43:4b:a9:6a:ce:c7:
                    26:ed:b3:11:a5:27:bb:7a:89:1f:dc:27:91:8c:1a:
                    36:85:8a:7d:9a:90:33:77:0f:fc:a8:ad:78:68:35:
                    02:ac:e4:79:95:a6:16:c6:46:6f:79:21:ae:2c:c1:
                    a1:17:bd:53:eb:3d:53:c5:ec:6d:7b:9a:d8:e7:5f:
                    78:ef:e6:bc:f2:57:fa:37:77:19:f5:ff:94:b1:10:
                    7f:62:4a:5d:e6:cd:1c:66:0d:70:4d:af:12:ef:00:
                    f0:36:96:55:40:11:06:fa:24:57:c3:b7:5e:4c:bc:
                    6b:2e:bc:b4:dc:d1:66:d9:32:c6:3b:87:7c:81:0f:
                    94:33:39:4b:17:5f:c1:81:61:04:f2:18:78:ee:d4:
                    f1:a3:d0:1e:61:9c:e1:7d:7b:dd:f3:92:f5:a0:af:
                    72:fc:d2:6b:2c:b3:d8:17:6e:e3:21:f2:25:64:3f:
                    ec:7a:ae:dd:1a:b9:13:60:70:5f:6b:4a:a5:f3:16:
                    21:d3:fb:88:91:d8:ca:70:21:c7:81:a9:80:9e:ce:
                    a9:68:f4:50:4f:f1:f3:0c:fa:c7:e3:c8:6f:3a:aa:
                    98:c3:f4:ce:f9:9f:84:ca:6e:de:c2:cd:94:73:7f:
                    a6:bd:2e:1e:59:ce:f5:4c:ef:c9:b5:ae:c9:f8:ec:
                    c3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Authority Key Identifier: 
                keyid:88:27:17:09:A9:B6:18:60:8B:EC:EB:BA:F6:47:59:C5:52:54:A3:B7

            X509v3 Certificate Policies: 
                Policy: 1.2.840.113635.100.5.1
                  User Notice:
                    Explicit Text: Reliance on this certificate by any party assumes acceptance of the then applicable standard terms and conditions of use, certificate policy and certification practice statements.
                  CPS: http://www.apple.com/appleca/

            X509v3 Extended Key Usage: 
                TLS Web Client Authentication
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://developer.apple.com/certificationauthority/wwdrca.crl

            X509v3 Subject Key Identifier: 
                B7:E9:1B:B6:7D:55:12:FA:A0:BA:DA:32:DF:5B:6F:8A:07:89:D4:70
            X509v3 Key Usage: 
                Digital Signature
            1.2.840.113635.100.6.3.1: 
                ..
    Signature Algorithm: sha1WithRSAEncryption
         35:f4:44:43:f7:3a:fc:78:0d:35:72:34:71:6c:c9:77:c6:a2:
         c4:ac:c5:57:cf:04:50:9d:ba:d1:aa:e9:88:b7:e7:72:b0:35:
         57:7c:67:21:b7:30:7e:49:57:ce:3d:5c:38:5f:6f:18:a9:aa:
         38:c7:a9:36:d3:f0:a7:d8:07:91:39:a9:0d:83:1a:51:c6:39:
         bc:0b:47:78:25:eb:99:ec:1e:a9:0a:51:5e:d1:cb:05:c9:5f:
         da:f8:59:89:c2:ae:b5:5a:67:2c:f0:1c:75:39:90:8c:bf:5f:
         5d:5c:69:8d:06:e5:e4:41:33:5a:61:26:8f:b4:a6:64:47:e7:
         b0:99:8a:69:be:e7:21:17:92:56:9b:ee:44:62:a7:55:c9:93:
         24:14:eb:47:15:0d:0c:9f:77:77:2e:08:bf:94:3e:5f:9c:2c:
         8f:fd:31:21:8b:b5:f2:40:02:6f:be:93:eb:b9:5c:b4:4d:f0:
         07:07:19:3f:0d:f4:0b:a0:83:85:ad:62:71:44:9e:2c:13:66:
         5b:85:80:4f:dc:5d:c3:e3:ba:cc:ab:8b:c0:e4:f1:f6:e9:4c:
         ef:a5:c2:18:0f:d3:6c:72:42:1c:58:3c:5e:3c:08:8a:99:24:
         a0:9f:d6:4a:0f:14:64:57:bf:5e:20:77:b5:fc:35:78:35:fd:
         70:73:fe:2f
  • demo.mobileprovision

公钥包含在证书里面,证书又包含在配置文件里面,配置文件在打包APP时会被复制到.app目录下面
配置文件还包括:
App ID 、授权文件、使用的证书、可安装的设备列表

查看配置文件信息:
security cms -D -i embedded.mobileprovision

那么是如何保证证书是可信的呢?
申请者信息 + 申请者公钥 通过->哈希算法 生成->信息摘要
数字签名 通过->iOS系统公钥解密 生成->信息摘要
然后判断这两个信息摘要是否相等

对应用进行签名时,先使用证书所对应的私钥去对代码和资源等进行签名,在苹果系统检测证书合法后得到对应的公钥,再使用该公钥对应的签名合法性验证

授权文件:简单的说,授权文件(entitlements)是一个沙盒配置列表,其中列出了哪些行为会被允许,那些行为会被拒绝。

命令行对应用重签名

1、获取证书列表

 mac$ security find-identity -p codesigning -v
  1) 4F86649C742DA4AFF213D1282B8CC9615E7E0096 "iPhone Distribution: Sichuan Demo Times Technology Co., Ltd (C2R4SEKKYD)"
  2) 4FC6DA19E0EF58B1AAC1153987A3CD3B3360E35C "iPhone Developer: demo (SM4SR2949D)"
     2 valid identities found

2、生成entitlements.plist

1、新建一个Xcode项目,配置BundleIdentifier,保证和需要重签名应用的一致,编译生成.app文件,然后提取其中的embedded.mobileprovision文件
2、生成profile.plist文件
security cms -D -i embedded.mobileprovision > profile.plist
3、生成entitlements.plist文件
/usr/libexec/PlistBuddy -x -c 'Print :Entitlements' profile.plist > entitlements.plist

3、复制embedded.mobileprovision文件到Demo.app目录下
4、对动态库进行签名

codesign -fs 4FC6DA19E0EF58B1AAC1153987A3CD3B3360E35C 动态库

5、对整个目标APP进行签名

codesign -f -s 4FC6DA19E0EF58B1AAC1153987A3CD3B3360E35C --entitlements entitlements.plist Demo.app

5、生成ipa安装包

新建Payload目录,然后拷贝Demo.app到目录下,然后压缩该目录,然后重命名为demo.ipa即可,最后利用iTools安装到手机。

其他操作
向Mach-O文件中注入其他动态库

动态库注入工具
https://github.com/Tyilo/insert_dylib

1、下载代码编译,获得可执行文件 insert_dylib 拷贝到指定斌bin目录
2、注入动态库
insert_dylib  动态库加载路径   Mach-O文件
insert_dylib @executable_path/test_tweak.dylib AFDemo --all-yes --weak AFDemo
参数选项:
—weak  即使动态库找不到也不会报错
—all-yes  后面所有的选项都为yes
insert_dylib 的本质是往mach-o文件的Load Commands中添加一个LC_LOAD_DYLIB或LC_LOAD_WEAK_DYLIB
修改动态库加载地址
install_name_tool -change /Library/Frameworks/CydiaSubstrate.framework/CydiaSubstrate @loader_path/CydiaSubstrate ./test_tweak.dylib
@executable_path 代表可执行文件所在目录
@loader_path 代表动态库所在的目录
3、查看动态库是否注入成功
otool -L Mach-O文件
开发小猫
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值