A small bash script to re-sign iOS applications.

floatsign.sh

# !/bin/bash

# Copyright (c) 2011 Float Mobile Learning
# http://www.floatlearning.com/
#
# Extended by Ronan O Ciosoig January 2012
# 
#
# Permission is hereby granted, free of charge, to any person obtaining 
# a copy of this software and associated documentation files (the "Software"),
# to deal in the Software without restriction, including without limitation 
# the rights to use, copy, modify, merge, publish, distribute, sublicense, 
# and/or sell copies of the Software, and to permit persons to whom the 
# Software is furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included 
# in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 
# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 
# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 
# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 
# SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Please let us know about any improvements you make to this script!
# ./sign source identity -p "path/to/profile" -e "path/to/entitlements" -d "display name" outputIpa
#
# 
# Modifed 26th January 2012
#
# new features: 
# 1. change the app display name 
# 2. change the bundle identifier by reading it from the provisioning profile. This means that
#    any IPA file can be resigned with any provisioning profile. 
#

if [ $# -lt 3 ]; then
	echo "usage: $0 source identity [-p provisioning] [-e entitlements] [-d displayName]  outputIpa" >&2
	exit 1
fi

ORIGINAL_FILE="$1"
CERTIFICATE="$2"
NEW_PROVISION=
ENTITLEMENTS=
BUNDLE_IDENTIFIER=
DISPLAY_NAME=""

# options start index
OPTIND=3
while getopts p:d:e: opt; do
	case $opt in
		p)
			NEW_PROVISION="$OPTARG"
			echo "Specified provisioning profile: $NEW_PROVISION" >&2
			;;
		d)
		    DISPLAY_NAME="$OPTARG"
		    echo "Specified display name: $DISPLAY_NAME" >&2
		    ;;
		e)
			ENTITLEMENTS="$OPTARG"
			echo "Specified signing entitlements: $ENTITLEMENTS" >&2
			;;
		\?)
			echo "Invalid option: -$OPTARG" >&2
			exit 1
			;;
		:)
			echo "Option -$OPTARG requires an argument." >&2
			exit 1
			;;
	esac
done

shift $((OPTIND-1))

NEW_FILE="$1"


# Check if the supplied file is an ipa or an app file
if [ "${ORIGINAL_FILE#*.}" = "ipa" ]
	then
		# Unzip the old ipa quietly
		unzip -q "$ORIGINAL_FILE" -d temp
elif [ "${ORIGINAL_FILE#*.}" = "app" ]
	then
		# Copy the app file into an ipa-like structure
		mkdir -p "temp/Payload"
		cp -Rf "$ORIGINAL_FILE" "temp/Payload/$ORIGINAL_FILE"
else
	echo "Error: Only can resign .app files and .ipa files." >&2
	exit
fi

# Set the app name
# The app name is the only file within the Payload directory
APP_NAME=$(ls temp/Payload/)
echo "APP_NAME=$APP_NAME" >&2

export PATH=$PATH:/usr/libexec

CURRENT_NAME=`PlistBuddy -c "Print :CFBundleDisplayName" "temp/Payload/$APP_NAME/Info.plist"`
CURRENT_BUNDLE_IDENTIFIER=`PlistBuddy -c "Print :CFBundleIdentifier" "temp/Payload/$APP_NAME/Info.plist"`
NEW_BUNDLE_IDENTIFIER=`egrep -a -A 2 application-identifier $NEW_PROVISION | grep string | sed -e 's/<string>//' -e 's/<\/string>//' -e 's/ //' | awk '{split($0,a,"."); i = length(a); for(ix=2; ix <= i;ix++){ s=s a[ix]; if(i!=ix){s=s "."};} print s;}'`

if [ "${DISPLAY_NAME}" != "" ]; 
then
    echo "read Info.plist file" temp/Payload/$ORIGINAL_FILE/Info.plist
#    CURRENT_NAME=/usr/libexec/PlistBuddy -c "Print :CFBundleDisplayName" temp/Payload/$ORIGINAL_FILE/Info.plist 
    echo "Changing display name from $CURRENT_NAME to " $DISPLAY_NAME

`PlistBuddy -c "Set :CFBundleDisplayName $DISPLAY_NAME" "temp/Payload/$APP_NAME/Info.plist"`
#    PlistBuddy -c "Set :CFBundleDisplayName $DISPLAY_NAME" temp/Payload/$ORIGINAL_FILE/Info.plist
fi 


# Replace the embedded mobile provisioning profile
if [ "$NEW_PROVISION" != "" ]; 
then
	echo "Adding the new provision: $NEW_PROVISION"
	cp "$NEW_PROVISION" "temp/Payload/$APP_NAME/embedded.mobileprovision"
fi

#if the current bundle identifier is different from the new one in the provisioning profile, then change it.
if [ "$CURRENT_BUNDLE_IDENTIFIER" != "$NEW_BUNDLE_IDENTIFIER" ]; 
then 
   echo "Update the bundle identifier"
   `PlistBuddy -c "Set :CFBundleIdentifier $NEW_BUNDLE_IDENTIFIER" "temp/Payload/$APP_NAME/Info.plist"`
fi

# Resign the application
echo "Resigning application using certificate: $CERTIFICATE" >&2
if [ "$ENTITLEMENTS" != "" ]; 
then
	echo "Using Entitlements: $ENTITLEMENTS" >&2
	/usr/bin/codesign -f -s "$CERTIFICATE" --entitlements="$ENTITLEMENTS" --resource-rules="temp/Payload/$APP_NAME/ResourceRules.plist" "temp/Payload/$APP_NAME"
else
	/usr/bin/codesign -f -s "$CERTIFICATE" --resource-rules="temp/Payload/$APP_NAME/ResourceRules.plist" "temp/Payload/$APP_NAME"
fi

# Repackage quietly
echo "Repackaging as $NEW_FILE"

# Zip up the contents of the temp folder
# Navigate to the temporary directory (sending the output to null)
# Zip all the contents, saving the zip file in the above directory
# Navigate back to the orignating directory (sending the output to null)
pushd temp > /dev/null
zip -qr ../temp.ipa *
popd > /dev/null

# Move the resulting ipa to the target destination
mv temp.ipa "$NEW_FILE"

# Remove the temp directory
rm -rf "temp"

If i have a keychain group access name in my entitlements plist, this is overriding mine & creating issues while trying to save data into that keychain