Neil
John

IPA File – An In-depth View

Neil John

Aug 29, 2016

6 min read

An IPA file extension is used to represent an archive containing Apple app bundle. The IPA file is a zip archive, so that when the file extension .ipa is changed to .zip, the archive can be opened and files can be extracted. The IPA file contains a ‘Payload’ folder and an iTunesArtwork file. The iTunesArtwork file is used to show the app icon in the App Store and iTunes and contains a 512×512 PNG image. Payload folder contains all data related to the app. An iTunesMetadata.plist can be seen inside the IPA file, which contains details such as Apple ID, artist name, buy-only (can be set true or false), version, price, publisher and all other information regarding the app. A PLIST file is an XML file.

When opening a Payload folder, there is a .app folder which represents the name of the application. In this folder, all data related to the app can be found. There are a lot of .lproj folders which represents languages such as English, Spanish etc. The .lproj are folders holding localizations and each .lproj contains a Localizable.strings file. The Localizable.strings file is also an XML file. An executable file (with no file extension) is present in the .app. Executable files are specified using Info.plist.

Two Localizable.strings file samples (a part of the file) are given below, one located in en.lproj (English) and the other in fr.lproj (French).

<key>AudioErrorDialogTitle</key>
<string>Audio Error</string>
<key>Back</key>
<string>Back</string>
<key>Cancel</key>
<string>Cancel</string>
<key>CannotFindCameraMessage</key>
<string>Camera not found.</string>
<key>AudioErrorDialogTitle</key>
<string>Erreur audio</string>
<key>Back</key>
<string>Retour</string>
<key>Cancel</key>
<string>Annuler</string>
<key>CannotFindCameraMessage</key>
<string>Aucune caméra disponible.</string>

There will be a .bundle folder inside an IPA file, such as Settings.bundle or FBConnect.bundle. Settings.bundle stores setting page files.

Information Property Lists (Info.plist) in an IPA File

Information Property Lists can be seen inside the root folder of an IPA bundle. The contents of a sample Info.plist is given below:

<?xml version=”1.0″ encoding=”UTF-8″?>
<!DOCTYPE plist PUBLIC “-//Apple//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”>
<plist version=”1.0″>
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>en</string>
<key>CFBundleDisplayName</key>
<string>Hexnode</string>
<key>CFBundleExecutable</key>
<string>Hexnode</string>
<key>CFBundleIconFile</key>
<string>Hexnode.png</string>
<key>CFBundleIdentifier</key>
<string>com.mitsogo.hexnode</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>Hexnode</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleResourceSpecification</key>
<string>ResourceRules.plist</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleVersion</key>
<string>0.33</string>
<key>DTPlatformName</key>
<string>iphoneos</string>
<key>DTSDKName</key>
<string>iphoneos2.1</string>
<key>LSRequiresIPhoneOS</key>
<string>YES</string>
<key>MinimumOSVersion</key>
<string>2.1</string>
<key>SignerIdentity</key>
<string>Apple iPhone OS Application Signing</string>
</dict>
</plist>

All keys used in Info.plist file, and its values can be seen at About Info.plist Keys and Values.

Code Signing

Some IPA files uses Code Signing. Code signature is used to determine whether the code is modified by any person other than the one who signed the app. An update can be identified by the system as the same app if the same unique identifier is used to sign the new version. Signed code can be seen in .ipa\Payload\.app\_CodeSignature\CodeResources.

A sample signed code is shown below. The signed code is an XML code.

<key>files</key>
<dict>
<key>Default.png</key>
<data>0EXsPsU2vdCjAbnGkXv75mUjww4=</data>
<key>Dist.plist</key>
<data>s45CsB1sm2EFR9Z1NilFQ5hxXrI=</data>
<key>Entitlements.plist</key>
<data>P9msvFKf4JmXZjt3lnCcp7nqx1A=</data>
<key>Icon.png</key>
<data>NqgkUUSrayNfc4kTtMazDd8c18g=</data>
<key>PkgInfo</key>
<data>n57qDP4tZfLD1rCS43W0B4LQjzE=</data>
</dict>

Code signature consists of:

  • Seal: Seal is a collection of hashes of various parts of the code.
  • Digital signature: A digital signature is used to sign the seal.
  • Unique identifier: A unique identifier is provided in the code signature for identifying the code.

Code signing is used mainly for three purposes, to determine whether:

  1. A piece of code is modified,
  2. The different versions of code come from the same source, and
  3. The app is reliable (for example, whether the app access keychain).

PkgInfo

PkgInfo file is used to alternatively specify the application type (4 bytes) followed by signature (4 bytes). For example, a PkgInfo file contains “APPLtxtt” for TextEdit application. This file is not required, and the information in it can be given inside the information property list within the IPA file.

Neil John

Product Consultant @ Hexnode. Love to talk the talk and walk the walk.

  •  
  •  
  •  
  •  
  •  

Leave a Comment

Your email address will not be published. Required fields are marked *