Open michaelkirk opened 8 years ago
Ah, it looks like the entitlements are hardcoded: https://github.com/jmoody/briar/blob/develop/bin/briar_resign.rb#L236
Sadly, briar's resigning tools are out of date for apps that have extensions or swift dylibs.
The invalid entitlement in my case was having debugging enabled.
So by removing the debug entitle I could get the app to install and sign, but I actually needed some other entitlements, e.g. push notifications, which were specified in my provisioning profile, but not in my app.
To get the entitlements file I needed I followed this guide to find entitlements from my app and provisioning profile: https://developer.apple.com/library/content/qa/qa1798/_index.html#//apple_ref/doc/uid/DTS40014167-CH1-INSPECT_IPA
I compared the two and saw that production had a reference to apples beta reports services (crash reports?). My adhoc profile did not have this.
So essentially, I took the production entitlements, removed the beta reports services, and was then able to build, sign, install, and run my app.
Phew.
Unfortunately for expediency I just hacked briar to hardcode exactly what I needed. Since entitlement files are so special case, it might be best to just have an optional --entitlements flag that takes a path to an entitlements file.
Keeping the as-is behavior for default might be ok? It depends on how often it's confusing vs how often it's useful. So far I'm 0/1. ;)
Given an xcarchive from a build uploaded to ITC And I've extracted the ipa via:
When I run
bundle exec briar resign MyApp.ipa
Then I get this output:
When I go to XCode's device organizer and add my resigned .ipa to my devices "Installed Apps" Then I see a progress indicator for a few seconds
Then I see:
User error?