Repackage your iOS IPA

I am writing this more to remember how to do this than anything else. The use case for this is you have a ipa file and you need to change the contents but for one reason or another you can’t just recompile. This sounds like a outside case but I find it pops up more often than you’d think.

Note: You need to have Python installed.

Note: anywhere it says myApp it should be the actually name of your app.

1) Change the name of your app from myApp.ipa to myApp.zip
2) Unzip the file.
3) Copy out the Payload file and put in a new directory.
4) Download the file gen_entitlements.py

You will have to create a XML file called myApp.xcent Open a blank document and put in the following code:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>application-identifier</key>
    <string>10_digit_identifier.com.company.appName</string>
    <key>get-task-allow</key>
    <true/>
</dict>
</plist>

Save this out in the same directory asĀ gen_entitlements.py and name it myApp.xcent

On the command line issue the following command:

python gen_entitlements.py 10_digit_identifier.com.company.appName myApp.xcent

This will put a chunk of binary at the top of your file.

Now go into Payload/ right click on myApp.app and select “Show Contents”. Do what you have to do… modify info.plist or replace the mobile provision file.

Next fire off the following command:

/usr/bin/codesign -f -s "iPhone Developer: Dev Name" "--resource-rules=/Path/to/Payload/myApp.app/ResourceRules.plist" --entitlements "/Path/to/myApp.xcent" "/Path/to/Payload/myApp.app"

Note: The name must be exactly as it is on cert keychain. This can be used for both Development and Distribution.

Now zip the Payload folder and change the name to myApp.ipa.

You should now have a working ipa. If it’s not working look at the console in xcade for the device you are attempting to load the ipa on.

Good luck!
One more trick. Did you ever want to know what was inside a .mobileprovision file? Not sure what UDID’s it’s associated with? Try this:

security cms -D -i /path/to/appName.mobileprovision.

Note: if the key get-task-allow is set to false this is a distribution provision.

Leave a comment