0

I hash my iOS executable at launch to verify its integrity, and have had no problems doing so until TestFlight -- which appears to modify the executable as well as install it in some funky (undocumented?) way.

Even more concerning is I get multiple hash values, which appear to vary by device or iOS version or carrier or something. I don't own enough devices to be certain. But none of the hashes match the one I compute prior to uploading to TestFlight.

So I have two questions: (1) What is TestFlight doing to my executable, and is the process documented somewhere? And (2) Does the final app store release pull the same shennanigan, or something similar, or does it leave my executable unmodified from when I uploaded it?

Bungles
  • 1,969
  • 2
  • 25
  • 54
  • If you're a paid developer member, you get a free tech support question. You could ask Apple directly. They're probably the only ones who would know for sure. – leanne Mar 30 '17 at 22:00

2 Answers2

0

That's what code signing is for.

Code signing your app assures users that it is from a known source and the app hasn’t been modified since it was last signed.

Source: https://developer.apple.com/support/code-signing/

It seems like Apple encrypts your app. While this post is about App Store submission, could be the same for Test Flight (not sure about this).

See: https://stackoverflow.com/a/5784332/2019384

Also it's not recommended to verify your apps integrity by yourself, as you'll run in such issues. Besides iOS already does this for you:

Apple does not provide any supported way for you to check your app’s integrity. iOS already does that by default.

Source: https://forums.developer.apple.com/thread/52801

Community
  • 1
  • 1
d4Rk
  • 6,622
  • 5
  • 46
  • 60
  • Thanks for the info & links! I was aware of the code-signing changes, but for Enterprise Release and App Store builds there is only one signature. Every download of the .ipa contains the exact same executable binary. TestFlight is different -- it's doing something more and that something varies by device type or something. At the moment, I'm just trying to understand these differences. – Bungles Mar 30 '17 at 20:30
  • Ok, but why is this so important to you? Apple is known to not have the most transparent processes ;-) I don't say, it's impossible to find out what they're doing, but I just don't get it, why you want to put so much effort into it. – d4Rk Mar 31 '17 at 09:14
  • Because it's a business requirement. – Bungles Mar 31 '17 at 16:07
0

In addition to d4rk's answer, if you're using Swift, Apple compiles in appropriate bits to optimize your app for each device.

leanne
  • 7,940
  • 48
  • 77
  • Indeed. I'll be dealing with bitcode variability as well in our next version. But for now we have bitcode turned off. – Bungles Mar 30 '17 at 20:33