Code Signing

From iPhone Development Wiki
Jump to: navigation, search

The following is based on a document in Cydia written by saurik, and it's another version of his article titled "Bypassing iPhone Code Signatures".

Apple requires that all code on an iOS device is signed. This is mostly to make it impossible for programs running through Apple's App Store to download more software and run it (so no competition for App Store).

In order to get around this (and thereby to install our own code onto the device), jailbreaks patch the signature verification out of the kernel. However, another half of the codesign problem is that the binary contains a number of SHA1 verification hashes that are checked in numerous locations throughout the kernel. Patching this out is A) difficult (especially to track as Apple makes changes) and B) of marginal benefit as adding these hashes is easy. This means you do still have to at least pay lipservice to the code signature process. There are currently three viable options.

Option #1: Self-Signing

This method is the simplest to understand: using Apple's codesign tool to sign the binary. Because the signature verification checks have been hacked out of the kernel, you can use any signature to do this, not just ones that are approved by Apple's developer program. For instructions on how to make a self-signing certificate you can read this article from Apple's website: Obtaining a Signing Identity.

From your desktop Mac:

codesign -fs "Name" Program
scp Program mobile@iphone:

Option #2: Pseudo-Signing

If you do not use a Mac, the previous option just doesn't work. The entire codesign path requires not only a Mac but desktop access because codesign is, at some level, a graphical utility (the way it uses Keychain to get the signatures may prompt, with dialogs, for passwords). To get around this, saurik wrote a tool called ldid that, among other things, can generate the SHA1 hashes that are checked by Apple's iOS kernel. This tool is easily installed on the iPhone using Cydia or APT.

From your iPhone terminal:

apt-get install ldid
scp user@desktop:Program .
ldid -S Program

Option #3: Disable Checks

Finally, an option that is convenient for development purposes is just to disable the check. Now, technically, this disables a lot more than just the codesign check, and its also more disabling the penalty than the check itself. I (saurik) have run my phone for a while in this state, but I have heard that in some (many?) configurations it causes problems: being unable to connect to insecure WiFi networks being the largest. This is done by using sysctl to deactivate the enforcement and can be undone either by resetting the variables back on or by rebooting the phone.

From your iPhone terminal:

sysctl -w security.mac.proc_enforce=0 security.mac.vnode_enforce=0

(to undo, either use =1's or reboot)