How can I sign a release iphone binary provided by a 3rd party?

I have received an iPhone application developed for the company I work for by an开发者_JAVA百科 outsourcing company. I do not have access to the source, only a compiled binary. I want to be able to sign it using our certificate, provisioning info, etc so I can submit it to the app store. How do I go about doing this? I'm aware of the existence of the codesign but can't really grok how to use it properly for iPhone from the man page.

After you have a distribution certificate created and installed, you can codesign from the Terminal like so:

cd <path to folder containing YourApp.app>

/usr/bin/codesign -f -s "iPhone Distribution: Your Company Name" --resource-rules=<full_path_to>/YourApp.app/ResourceRules.plist <full_path_to>/YourApp.app

This is what Xcode does when it signs an app.

You've paid for an application to be developed, but you didn't get the source code in the deal?

I'd conservatively assume that the application is malware and abandon it. I'd certainly not sign it with my credentials without at least auditing the binary.

How do you expect to handle bug fixes/updates?

Create a distribution certificate from your developer program and install it in your system. Now make an app store provision profile and use that to code sign the project.

You can make the app store binary same as how you make the adhoc binary. You don't need the entitlements.plist though.