One Quickie

Seeing the signing jazz inside of an IPA (Provisioning Hell->Hacks)
An IPA is actually a zip file. You can extract the contents by unzipping it:
% unzip Catalog.ipa
Stuff will appear in a directory called "Payload"

Then you can look at signing:

% codesign -dvvv Payload/
Format=bundle with Mach-O thin (armv7)
CodeDirectory v=20100 size=2513 flags=0x0(none) hashes=117+5 location=embedded
Authority=Apple Worldwide Developer Relations Certification Authority
Authority=Apple Root CA
Signed Time=Aug 30, 2012 5:21:26 PM
Info.plist entries=28
Sealed Resources rules=3 files=31
Internal requirements count=1 size=296
as well as entitlements:
% codesign -d --entitlements - ./Payload/
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">

borkware home | products | miniblog | rants | quickies | cocoaheads
Advanced Mac OS X Programming book