How to verify iOS app integrity?
If I write an app for iOS and it's accepted by the AppStore, how do I know if the app is actually the app I compiled and has not being substituted/altered by, say, a "Man in the middle" style interception/attack? Is there a way to do a checksum either after the fact or from inside the app itself?
Solution 1:
Actually, it turns out, when backing up to iTunes, the *.ipa file is copied from the iOS device. This file is simply a *.zip with a different extension. Using a tool like 7-zip allows One to examine the contents after the back up to iTunes. A checksum can be run on the individual components in this archive, verifying a lack of tampering.