Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the binary data around the plist in a provisioning profile file?

Tags:

The structure of a .mobileprovision file looks something like this:

<!-- small binary data -->

<?xml version="1.0" encoding="UTF-8"?>
<!-- plist data -->
</plist>

<!-- large binary data -->

I have a few questions around this:

  1. What is this binary data?
  2. Is it useful?
  3. How can I extract the plist from a .mobileprovision file without searching for XML boundaries?

Specifically, I will consider this question as answered (and award the +100 bounty alongwith it) when both Q1 and Q3 above are answered.

like image 828
Chaitanya Gupta Avatar asked Mar 15 '12 09:03

Chaitanya Gupta


People also ask

What is provisioning profile Mac?

The profiles resource represents the provisioning profiles that allow you to install apps on your iOS devices or Mac. You can create and delete provisioning profiles, and download them to sign your code. Provisioning profiles include signing certificates, device identifiers, and a bundle ID.

What is the purpose of a provisioning profile?

A provisioning profile links your signing certificate and App ID so that you can sign apps to install and launch on iOS devices. You must have a development provisioning profile to sign apps for use with iOS Gateway version 3.4 and later.

What is embedded provision profile?

A provisioning profile is downloaded from your developer account and embedded in the app bundle, and the entire bundle is code-signed. A Development Provisioning Profile must be installed on each device on which you wish to run your application code.

What is a Mobileprovision?

File used by Apple Xcode, a software development IDE often used for creating iPhone apps; contains a provisioning profile, which allows an app to be uploaded to a limited number of iPhones or iPads while it is still in development.


2 Answers

I finally got the answer from an answer to another question on SO.

Basically the .mobileprovision file is a CMS encrypted XML file. It can be decoded using security on OS X:

security cms -D -i /path/to/profile.mobileprovision
like image 72
Chaitanya Gupta Avatar answered Oct 22 '22 05:10

Chaitanya Gupta


I don't have an answer to your initial question, but I can explain how to extract the signing certificate from the .mobileprovision file:

  1. The plist part of the .mobileprovision has a key 'DeveloperCertificates', whose value is an array of NSData.
  2. Each NSData is a .cer file - the signing certificate you are looking for.

I have a short shell script for extracting the subject of the signing certificate directly from the .mobileprovision file here: https://gist.github.com/2147247 - the script works with only one certificate in the array mentioned earlier, which should be the common case.

As you can see in the script, I have no answer to your third question, I am just cutting away the first line and everything after the closing tag.

like image 30
NeoNacho Avatar answered Oct 22 '22 05:10

NeoNacho