Protect iOS Project
Overview
Virbox Protector supports to protect/encrypt the iOS project with GUI tool and CLI tool both.
Here we use the project "CoupletLabel" as a example to introduce how to use Virbox Protector to protect and distribute the project to Apple store.
Tips
it is suggested to protect iOS projects in Mac machines.
Disable the "bitcode" option when you compile/build the IPA main program.
Virbox protector doesn't support to protect the IPA package directly. you can unzip the IPA file and protect/shielding the .app file, click to select the :"Sign" and then to generate a new the IPA package.
Protection Process: by Virbox Protector GUI tool
Compile and build xcarchive file in xcode
Compile and build xcarchive file which contained the dSYM file
From:
to select to enable Option:
DWARF with dYSM option
Tips:
The purpose to select and enable this option is to make the xcarchive file being build contained the dSYM file, which to show the function's names when Virbox Protector parse the iOS project. otherwise the functions will only show the relevant address respectively.
Diable the Bitcode option
Currently, Virbox Protector doesn't support the bitcode, so it is necessary to disable the option of "bitcode"
Xcode->TARGETS->Build Setting->Build Options->Enable Bitcode->no;
Build and archive the project
Build/Archive the project: Xcode->Product->Archive
Next, Go to the Archive page
Select the project archived and right click in "Finder" to open the project
Find the the xcarchive being built, and right click Show Package Content
Go to the archive, find the un-protected application located at:
Products\Applications
Use Virbox Protector to Protect iOS Project
Open Virbox Protector GUI tools and Sign-in with your account
Find the sub directory which "application" located, Drag the "applications" into the Virbox Protector GUI tools
Protect the critical functions (in Function option tab)
Go to:
Function Option tab and click "Add Functions" button in upper right corner of the page
Click the "Add Function" button in Upper right corner to select the functions which need to be protected, and right click to select the "Protection mode" to each functions: Virtualization, Obfuscation, or No protect
Tips
The Functions selection and protection process to iOS project is similar process to Android and native application process. more information you may refer Android protection process or Native project protection process.
Tips
Please save the dYSM file into the same directory of app files located. then Virbox Protector may parse and shown the function's name. Otherwise, the functions parsed will be shown the address only;
For xcarchive package, it is no need to save the dYSM file into the same directory. Virbox Protector will reading relevant information automatically.
The dYSM file location: as shown in below:
General Protection Setting (Setting in Protection Option tab)
Go to "Protection Option" tab
Set the Output path and output file name, click box in right to change output path and output name;
Set the protection option to iOS apps in General to prevent debugging and decompiling
Memory Check: To prevent apps being tampered.
Objective-C, Name Obfuscation: To prevent the Objective-C class dumping, to get the name of method.
Debugger Detection: to detect the debugger, to prevent dynamic analysis and debug apps
Strip Debugging Info: To remove the debugging information
Sign Setting
Click to enable the Signature option, then please keep the signature certificate in consistent with the certificate signed when Xcode compile and build the xcarchive, and then the protected apps has been signed on default.
If you doesn't click to enable the signature, then the protected apps will be Not signed on default. so, it is necessary for developer to sign the protected applications manually (for example, use the "codesign " command line to sign, or use the iOS App Signer tool to sign the apps), and keep the certificated signed consistent with the certificate signed when use Xcode to built project.
Tips
If the protected apps will be installed in the mobile which non jailbreak. make sure the account specified in Xcode compiling: signing>Team, is consistent with the account used to sign in Virbox Protector.
Click "Protect Selected Project" to start protection
When protection completed, following "file" will be generated:
***.app.ssp: this is the configuration file which saved the setting of Function Option and Protection Option Tabs. this configuration file location is same as the original file. so it is no need to re set the configuration when you use the Virbox Protector to re protect the file. use the previous configuration file will be fine.
/protected/***.ipa: the new IPA package which protected and new generated;
/protected/***.app: the new application after protection/shielding.
Distribute the Protected Application to App store
Before distribute the application to App store, it is necessary to back up and move the original applications to another folder. and:
Move the protected application to the folder which the original application located. please don't save it in the xcarchive package.
after above update completed, back to Archived page and click "Distribute App" to launch applications
Protection Process: By Virbox Protector CLI tool
Generate the configuration file
In this step, Use Virbox Protector GUI to set the protection option in "Function Option" and "Protection Option" Tabs to generate .SSP file.
The setting process is similar with the process by use of Virbox Protector GUI tool to protect the apps. only difference is in last step, after you complete the all setting options, click the button:
Save all Configuration
as shown in below snapshot.
This configuration file generated will be used by CLI tool in second steps.
Use Virbox Protector CLI to protect iOS apps
Go to the sub directory which Virbox Protector CLI tool located and find the CLI tools
find the Virbox Protector app, open the app folder, you can find the
under the /contents/MacOS/bin directory
View "Help" information:
Open the terminal windows, go to the folder: "virboxprotector_con", input:
virboxprotector_con
to view the help information
Execute the protection command
Appendix
How to find the Virbox log file if the protected application crashed
The issue: if the protected iOS application crashed when running in the mobile terminal, it is necessary to submit the log file (which contained the collapse information) to Virbox support teams, so developer need to find the log file and submit to Virbox team.
Step1, Please connect the mobile with the mac machine, and make sure the IP address of mobile keep the same IP network segment with the mac Machine's.
Step2,
Open the Xcode, select the Windows>Devices and Simulator Option
Click View Device Logs Option
If the IP address of mobile is in the same network segment with mac machine, if the application running in the mobile terminal crashed, then the log file will be automatically synchronized to following page:
Click the Type to be the "Crash", right click "Export Log" and save the log to local machine.
How to use the Command line for code signing
1 Use the command to query the digital certificate in the machine
2 Use the command codesign the application
3. How to pack the application into IPA pacakge
Create a folder, folder name is payload
save the protected application into the folder created in above steps
Compress the payload folder (on default compress in zip file)
rename the suffix from .zip to .ipa
Last updated
