How to find out whether iOS app was signed with a development or a distribution certificate?

Question

I'd like to know whether an iOS app can find out whether it was signed with a development or a distribution certificate.

I found that an iOS app can fetch some meta-information about itself by accessing the info dictionary of the bundle. For example, the version can be retrieved by reading the CFBundleVersion key from the dictionary. Does there exist something similar for getting signing certificate information?

The reason why I ask, is because of APNS. When my app registers an APNS device token to my cloud server, the cloud server needs to know whether push messages for that token need to be created by calling Apple's production APNS server ("api.push.apple.com") or development APNS server "api.development.push.apple.com".

Answer 1

The information about the APNS server is in the entitlements in the code signing section of your binary. The basic steps are:

1. Get the load address of your binary from dladdr.
2. Loop through all Mach-O load commands for LC_CODE_SIGNATURE
3. Parse the code signature command the same way as the codesign tool. It is open sourced on opensource.apple.com.
4. Parse the entitlements plist-data.
5. Extract the aps-environment value.

This is basically the same as running the command codesign -d --entitlements :- on your binary.