basdp/ipaResign.sh

## ipaResign.sh
#!/bin/bash

# USAGE: sign.sh INPUT CERTIFICATE_NAME PROVISIONING_PROFILE_FILE OUTPUT [optional: BUNDLE_ID]

SOURCEIPA="$1"
DEVELOPER="$2"
MOBILEPROV="$3"
TARGET="$4"
BUNDLEID="$5"

unzip -qo "$SOURCEIPA" -d extracted

APPLICATION=$(ls extracted/Payload/)

if [ -n "$BUNDLEID" ]; then
    echo "Renaming Bundle ID to $BUNDLEID"
    /usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $BUNDLEID" "extracted/Payload/$APPLICATION/Info.plist"
fi

cp "$MOBILEPROV" "extracted/Payload/$APPLICATION/embedded.mobileprovision"

echo "Resigning with certificate: $DEVELOPER" >&2
find -d extracted  \( -name "*.app" -o -name "*.appex" -o -name "*.framework" -o -name "*.dylib" \) > directories.txt
security cms -D -i "extracted/Payload/$APPLICATION/embedded.mobileprovision" > t_entitlements_full.plist
/usr/libexec/PlistBuddy -x -c 'Print:Entitlements' t_entitlements_full.plist > t_entitlements.plist
#/usr/libexec/PlistBuddy -c 'Print:application-identifier' t_entitlements.plist > t_entitlements_application-identifier   #save developer application-identifier to file
#/usr/libexec/PlistBuddy -c 'Print:com.apple.developer.team-identifier' t_entitlements.plist > t_entitlements_com.apple.developer.team-identifier  #save com.apple.developer.team-identifier application-identifier to file
while IFS='' read -r line || [[ -n "$line" ]]; do
    #/usr/bin/codesign -d --entitlements :-  "$line" > t_entitlements_original.plist    #save original entitlements from the app
    #/usr/libexec/PlistBuddy -x -c 'Import application-identifier t_entitlements_application-identifier' t_entitlements_original.plist #overwrite application-identifier
    #/usr/libexec/PlistBuddy -x -c 'Import com.apple.developer.team-identifier t_entitlements_com.apple.developer.team-identifier' t_entitlements_original.plist #overwrite com.apple.developer.team-identifier
    /usr/bin/codesign --continue -f -s "$DEVELOPER" --entitlements "t_entitlements.plist"  "$line"
done < directories.txt

echo "Creating the Signed IPA"
cd extracted
zip -qry ../extracted.ipa *
cd ..
mv extracted.ipa "$TARGET"

rm -rf "extracted"
rm directories.txt
rm t_entitlements.plist
rm t_entitlements_full.plist
#rm t_entitlements_original.plist
#rm t_entitlements_application-identifier
#rm t_entitlements_com.apple.developer.team-identifier
	#!/bin/bash

	# USAGE: sign.sh INPUT CERTIFICATE_NAME PROVISIONING_PROFILE_FILE OUTPUT [optional: BUNDLE_ID]

	SOURCEIPA="$1"
	DEVELOPER="$2"
	MOBILEPROV="$3"
	TARGET="$4"
	BUNDLEID="$5"

	unzip -qo "$SOURCEIPA" -d extracted

	APPLICATION=$(ls extracted/Payload/)

	if [ -n "$BUNDLEID" ]; then
	echo "Renaming Bundle ID to $BUNDLEID"
	/usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $BUNDLEID" "extracted/Payload/$APPLICATION/Info.plist"
	fi

	cp "$MOBILEPROV" "extracted/Payload/$APPLICATION/embedded.mobileprovision"

	echo "Resigning with certificate: $DEVELOPER" >&2
	find -d extracted \( -name ".app" -o -name ".appex" -o -name ".framework" -o -name ".dylib" \) > directories.txt
	security cms -D -i "extracted/Payload/$APPLICATION/embedded.mobileprovision" > t_entitlements_full.plist
	/usr/libexec/PlistBuddy -x -c 'Print:Entitlements' t_entitlements_full.plist > t_entitlements.plist
	#/usr/libexec/PlistBuddy -c 'Print:application-identifier' t_entitlements.plist > t_entitlements_application-identifier #save developer application-identifier to file
	#/usr/libexec/PlistBuddy -c 'Print:com.apple.developer.team-identifier' t_entitlements.plist > t_entitlements_com.apple.developer.team-identifier #save com.apple.developer.team-identifier application-identifier to file
	while IFS='' read -r line \|\| [[ -n "$line" ]]; do
	#/usr/bin/codesign -d --entitlements :- "$line" > t_entitlements_original.plist #save original entitlements from the app
	#/usr/libexec/PlistBuddy -x -c 'Import application-identifier t_entitlements_application-identifier' t_entitlements_original.plist #overwrite application-identifier
	#/usr/libexec/PlistBuddy -x -c 'Import com.apple.developer.team-identifier t_entitlements_com.apple.developer.team-identifier' t_entitlements_original.plist #overwrite com.apple.developer.team-identifier
	/usr/bin/codesign --continue -f -s "$DEVELOPER" --entitlements "t_entitlements.plist" "$line"
	done < directories.txt

	echo "Creating the Signed IPA"
	cd extracted
	zip -qry ../extracted.ipa *
	cd ..
	mv extracted.ipa "$TARGET"

	rm -rf "extracted"
	rm directories.txt
	rm t_entitlements.plist
	rm t_entitlements_full.plist
	#rm t_entitlements_original.plist
	#rm t_entitlements_application-identifier
	#rm t_entitlements_com.apple.developer.team-identifier