GoannaGuy
commented
9 years ago So, if the provisioning profile is not supplied as an argument, is the idea that floatSign would resign the application the same profile it's already signed with?
Open malhal opened 9 years ago
GoannaGuy
commented
9 years ago So, if the provisioning profile is not supplied as an argument, is the idea that floatSign would resign the application the same profile it's already signed with?
malhal
commented
9 years ago No that's not what I meant, applications are signed with a certificate not a provision file. Embedding the provision is just convenience so it is packaged along with the app.
This was a while back, but I believe you were additionally using the specified provision file to retrieve the Developer's Application ID Prefix and using it to set the Application ID in the entitlement entries. Since I don't usually embed provision files I was wondering if instead you would let me specify my Prefix at the command line. Or maybe it can be retrieved from the certificate, I'm not sure.
GoannaGuy
commented
9 years ago I hadn't been thinking of it being used that way. Our internal use case is almost exclusively embedded profiles.
I'm fairly confident that the app-id-prefix can not be extracted from the certificate, as it's possible to have more than one app-id-prefix associated with an account. You used to be able to generate new ones explicitly.
The entitlements file is another source that potentially contains the necessary information. In your use case, would you be supplying an entitlements file as a command line argument or is your source already signed? Would it be at all helpful if we attempted to extract/use the team-id/app-id-prefix values from either of those entitlements sources when a provisioning profile is not provided?
malhal
commented
9 years ago The source is already signed. The App ID Prefix is of the developer that sent me their app. So I'd like to use the embedded entitlements but change the necessary fields (application-identifier, keychain-access-groups) to my own App ID Prefix which is what floatsign is doing.
I saw you mentioned Team ID, I just took a look at the source and I see you extract that from the provision as well. So I suppose if you added a param for App ID Prefix you might also need a param for Team ID and it could go on and on. I'm beginning to think just supplying the provision is easier and probably less error prone! However for ease of use maybe there is a way to get the automatic provision file for the certificate so if one isn't specified it can use that, the same way Xcode works.
Would be useful if the embedding of provision files was optional and instead specifying an Application ID prefix to use for the entitlement entries.