Maybe is the most quickly codesign alternative for iOS12+ in the world, cross-platform ( Linux & macOS ), more features.
If this tool can help you, please don't forget to star me. :)
You must install openssl library at first.
brew install openssl
and then (attention to replace your openssl version)
g++ *.cpp common/*.cpp -lcrypto -I/usr/local/Cellar/openssl/1.0.2s/include -L/usr/local/Cellar/openssl/1.0.2s/lib -O3 -o zsign
Note: These instructions describe how to cross-compile for Windows from Linux. I haven't tested these steps compiling for Windows from Windows, but it should mostly work.
These instructions assume that mman-win32, zsign, and openssl are all sibling directories
- Install MingW
apt-get install mingw-w64
- Build mman-win32
git clone git@github.com:witwall/mman-win32
cd mman-win32
./configure ----cross-prefix=x86_64-w64-mingw32-
make
- Build openssl
git clone github.com:openssl/openssl
cd openssl
git checkout OpenSSL_1_0_2s
./Configure --cross-compile-prefix=x86_64-w64-mingw32 mingw64
make
- Build zsign
x86_64-w64-mingw32-g++ \
*.cpp common/*.cpp -o zsign.exe
-lcrypto -I../mman-win32
-std=c++11 -I../openssl/include/
-DWINDOWS -L../openssl
-L../mman-win32
-lmman -lgdi32
-m64 -static -static-libgcc
another ref for chinese: https://blog.csdn.net/a513436535/article/details/108539238
yum install openssl-devel
and then
g++ *.cpp common/*.cpp -lcrypto -O3 -o zsign
I have already tested on macOS and Linux, but you also need unzip and zip command installed.
Usage: zsign [-options] [-k privkey.pem] [-m dev.prov] [-o output.ipa] file|folder
options:
-k, --pkey Path to private key or p12 file. (PEM or DER format)
-m, --prov Path to mobile provisioning profile.
-c, --cert Path to certificate file. (PEM or DER format)
-d, --debug Generate debug output files. (.zsign_debug folder)
-f, --force Force sign without cache when signing folder.
-o, --output Path to output ipa file.
-p, --password Password for private key or p12 file.
-b, --bundleid New bundle id to change.
-n, --bundlename New bundle name to change.
-e, --entitlements New entitlements to change.
-z, --ziplevel Compressed level when output the ipa file. (0-9)
-l, --dylib Path to inject dylib file.
-w, --weak Inject dylib as LC_LOAD_WEAK_DYLIB.
-i, --install Install ipa file using ideviceinstaller command for test.
-q, --quiet Quiet operation.
-v, --version Show version.
-h, --help Show help.
- Show mach-o and codesignature segment info.
./zsign demo.app/execute
- Sign ipa with private key and mobileprovisioning file.
./zsign -k privkey.pem -m dev.prov -o output.ipa -z 9 demo.ipa
- Sign folder with p12 and mobileprovisioning file (using cache).
./zsign -k dev.p12 -p 123 -m dev.prov -o output.ipa demo.app
- Sign folder with p12 and mobileprovisioning file (without cache).
./zsign -f -k dev.p12 -p 123 -m dev.prov -o output.ipa demo.app
- Inject dylib into ipa and re-sign.
./zsign -k dev.p12 -p 123 -m dev.prov -o output.ipa -l demo.dylib demo.ipa
- Change bundle id and bundle name
./zsign -k dev.p12 -p 123 -m dev.prov -o output.ipa -b 'com.tree.new.bee' -n 'TreeNewBee' demo.ipa
- Inject dylib(LC_LOAD_DYLIB) into mach-o file.
./zsign -l "@executable_path/demo.dylib" demo.app/execute
- Inject dylib(LC_LOAD_WEAK_DYLIB) into mach-o file.
./zsign -w -l "@executable_path/demo.dylib" demo.app/execute
If you have xmake installed, you can use xmake to quickly compile and run it.
xmake
xmake run zsign [-options] [-k privkey.pem] [-m dev.prov] [-o output.ipa] file|folder
xmake install
xmake install -o outputdir
binary: outputdir/bin/zsign
- Build:
docker build -t zsign https://github.com/zhlynn/zsign.git
- Run:
Mount current directory (stored in $PWD) to container and set WORKDIR to it:
docker run -v "$PWD:$PWD" -w "$PWD" zsign -k privkey.pem -m dev.prov -o output.ipa -z 9 demo.ipa
If input files are outside current folder, you will need to mount different folder:
docker run -v "/source/input:/target/input" -w "/target/input" zsign -k privkey.pem -m dev.prov -o output.ipa -z 9 demo.ipa
zsign is completely free. Please mark the source of zsign in your commercial product if possible.
You can unzip the ipa file at first, and then using zsign to sign folder with assets.
At the first time of sign, zsign will perform the complete signing and cache the signed info into .zsign_cache dir at the current path.
When you re-sign the folder with other assets next time, zsign will use the cache to accelerate the operation. Extremely fast! You can have a try!:)