Verify identity when a provisioning is specified

[trufae]

If the user uses -m and -i it must verify that both match, otherwise the signing will work but the installation will fail.

[Ruud-cb]

@trufae To me, this is still an issue. I've ran from xcode which just works fine. I see which Development Signing certificate is used. Using security find-identity -p codesigning -v to get the identifier, get the correct provisioning profile from either the already build IPA (embedded.mobileprovisioning) or get it from ~/Library/MobileDevice/Provisioning Profiles. Then I run

1. applesign -i E3990F.... -m embedded.mobileprovision -o patched_codesign.ipa MyApp-Preview.ipa
2. unzip patched_codesign.ipa
3. ios-deploy --bundle Payload/*.app --debug -W

Getting error:

[ 70%] VerifyingApplication
2020-10-26 13:04:55.092 ios-deploy[17660:233562] [ !! ] Error 0xe800003a: The application could not be verified. AMDeviceSecureInstallApplication(0, device, url, options, install_callback, 0)

I've visited all the stackoverflow answers which basically say, delete the app from the device, I did that.

I also tried to use ios-deploy of the original ipa, that works fine.

Any ideas?

[trufae]

Different things:

• -i is derived from -m, so no need to pass -i
• i would add -c to clone the entitlements from the provisioning, which use to be the common issue and maybe it should be by default
• if you dont pass -o a proper name for the resigned ipa is generated
• ios-deploy can install .ipa, no need to unzip first

I added a debugging option in appleisng that generates a json with the old/new signing info for debugging and comparing problems like this. ill reopen the issue