Tuesday, October 29, 2013

Compare files with xcode utility on mac

Xcode includes an utility called fileMerge.app to compare files on mac.
To use the utility, open Finder and then open the content of XCode.app package, goto /Applications/Xcode.app/Contents/Applications folder, you should see the fileMerge.app.

Since it is not convenient to always do so to use this utility, you can add a shortcut to this app in your application folder. To do so, right click FileMerge.app and select "Make Alias" menu item, it will create an alias item for the app, then copy the alias item to your application folder, and rename it to FileMerge.app for future use.

The utility can also be opened from xcode by following steps

Start xcode, click menu open developer tool, and select the following menu items:
1. start xcode
2. select menu item from "xcode->Open developer tools->File Merge"



Sunday, October 27, 2013

Choose networking API for ios application implementation

There are three networking API types available to implement the network communication function for ios apps.

Foundation API: This is the objective C API, it provides a set of high level NS classes to handle the network connection. This should be your first choice as it is the easiest way to send and receive the data between server and request.  The related document is "URL Loading System Programming Guide"

Core Foundation API: This is a set a C APIs from core foundation framework. These APIs include similar functions as Foundation classes, but provide more control over the network behavior, such as overriding the proxy settings. It should be used if the application cannot use objective C, or the application needs to override the proxy settings on device. The related document is "CFNetwork Programming Guide"

Socket API: This is lower level network C APIs, it should only be used if the application implements its own network protocol other than Http(s) or Ftp. It is discouraged to be used in ios app because it does not activate the cellular radio. The related document is "Networking Programming Topics"

Note for network security testing, the behavior is different when testing on ios simulator or real device. If a certificate is installed on ios 7 simuator system by drag and drop a cert on simulator, the cert is available when querying the application keychain. However, on real device, the certificate installed by configuration profile is not visible when application querying its keychain certificate.

Thursday, October 17, 2013

Understanding Apple developer portal: AppID, certificate, devices and provision profile

Certificate - to identify who creates the app:
When you build the ios app, you need to sign it with your private key, similar as signing https data. To generate a certificate, you will need first create a certificate request, and submit it to Apple portal. Apply will sign the public key with Apple certificate, so the public key becomes a certificate. What shows on the certificate tab on apple portal web site is the certificate signed by apple developer root certificate. The private key should always kept on your mac book.
In a word, the certificate originated from your developer mac book and it is the public key signed by Apple.

What the certificate tab in apple account shows is the certificate (public key part) of your certificate. If you open the keychain utility in your mac, you should see the certificate with the private key for the signing certificate. Xcode will use the private key to sign the application. And the devices that contains the certificate (public key) can verify the integrity of the application
  
In addition to developoer signing certificate, there is another push certificate for sending push notificate from your local server to apple APNS service. This push certificate is used to identify your server to connect to apple site. Similar to signing certificate, you create a Certificate Signing Request from your local server and upload it to Apple Development portal, after Apple sign it, you can download it and use it to initialize the APNS connection from your server application to apple APNS service. Note push certificate is associated with appid, so on apple developer portal site, you need first select an App ID to enable and create the push certificate. You can create two push certificate for each appid, development and distribution push certificates, if you app is signed with developer signing certificate, then using development push certificate If you app is signed with distribution signing certificate, then using distribution push certificate. Note after the push certificate is generated, it can be used on any box, (not just the box generated the signing request), as it only needs to identify which apple dev account generates it, instead of which server sends the request.

Device - to indicate who can run the app
You can collect the device ids from xcode's organizer, and then add it into the device tab in apple portal site. All devices added will have the permission to run the application created by you.

AppID - to identity an application in app store
AppID contains two parts: seeding id and bundle id
Seeding id is used to share keychain information between multiple apps created by you
Bundle id is unique for each of your app, it is also used by app push service and iCloud storage. Wildcard * can be used in the bundle it to match multiple apps. Although wildcard cannot be used for push service.
These information is used by Apple to identity your application and assign the service to it. 

Provision Profile
Profile is the piece that joins certificate, appid, devices (for developer profile) settings, you need those settings to create a profile. 

There are two kinds of profiles:
Development profiles: These are tied to specific devices, so the app can only run on those devices.
Distribution profiles: These are used to sign your app before you submit it to Apple for approval. They contain no device-specific information, but you can’t use them to install apps on any device yourself, because Apple still has to sign the app after the approval process. 
There is a special distribution profile called ad hoc provision profile, it can be created similar as apple store distribution profile, but used for internal tester. To run the ad hoc build on a test device, the application must be built with ad hoc provision file, and the device is included in ad hoc device list. The device also needs to have the ad hoc provision file installed in order to run the application with ad hoc build. 

After downloading the profile from apple developer portal to your mac book, double click it and you should see it installed on your xcode's organizer/Library section.
Note you also need to install the provision file on the device in order to run the app on device. If you deploy the app from Xcode to device, it will automatically deploy provision file also. Otherwise, just drag and drop the provision file from xcode organizer\Library\Provisioning profile to connected device's Provision Profiles section.