Apple Code Sign Simplified Diagram
Apple documentation seems not to be good at making developers’ life simple. So, in order to clear my mind about what is code signing, I came up with these.
An iOS application needs to be signed by a certificate from a Apple Developer team profile and run on designated devices. The provisioning profile includes all these information.
Specifically, the app is signed by using a private key during Xcode build process. The provisioning profile includes a public key which is some cryptographic function of the private key. When the app gets installed on a new device, using the public key to decrypt certain message from the app can verify whether the app has been modified or not.
Usually building an iOS app serves one of the two purposes: development or distribution. The corresponding settings, command and required provisioning profile for the two purposes are as follow: