问题
I want to inject my library into an existing enterprise app (ipa file).
I found mach_inject, but thats only for MacOSX.
Its possible because https://www.mocana.com is doing so.
Please help. Any ideas, suggestion would be really helpful.
回答1:
It is not clear what you want to do but mach_inject is a way for user apps to interface with the MAC OS kernel using the Mach ports it is not relevant at all to IPAs which are essentially an archive - similar to zip or Tar.
I suspect that based on what you are describing that you have a library that you want link edited / included in a user app but you don't want them to see your source code and vice versa. I am not familiar with Mocana but based on what you described it uses an IPA for distribution, that is entirely possible, but so is using a precompiled object module which is what Facebook SDK gets distributed in.
In anycase, prior to distribution whether by enterprise distribution server or the app store, the entire package needs to be signed before the devices can download and run it.
回答2:
Yes, You will be able to inject a library in to an existing ipa and then resign it with your enterprise certificate. Below is the brief of how I do this
View the executable in MachOView and find the address of load commands. Then using the address edit the hex and increase the load command count by 1 (assuming i am injecting one library) also I'll have to increase the command offset.
There are tools available to inject the library into the hex with which you can now inject the library at the new offset that you referenced in the load command.
Also have a look at dyci-main in git which is a dynamic library injection project.
回答3:
There is a way to unpack and resign existing .ipa see answers here How to re-sign the ipa file?
So is possible to change content of .ipa, another part of problem is write some wrapper app that load original application and inject dynamic lib, I sure that is not easy to do, but should be possible at lest.
回答4:
.ipa files and executables are signed, and the signatures have to match. iOS will refuse to run the app if the signatures are mismatched or otherwise invalid. Even if you re-sign the ipa with your credentials, the signature won't match the credentials on the executable. In order for the signatures to match, either you would need to sign the .ipa with their private key, or they would have to sign the executable with your private key. Private keys are not meant to be used this way...
来源:https://stackoverflow.com/questions/21844776/inject-dynamic-library-into-enterprise-app-ipa