Structure of an iOS App Binary (.ipa)
Learn the structure of an iOS App Binary (.ipa)
Appdome is a no-code mobile app security platform designed to secure iOS ipa apps. An.ipa file which is an iOS binary is essential for packaging and distributing iOS mobile apps, as it contains all the required components for the app to run successfully.
All Appdome services can instantly be added to any iOS or Android app with no code or coding required.
We hope you find this article helpful and enjoy using Appdome!
About .ipa files
iOS applications are bundled in a single file type called ipa (short for iOS Package App Store).
Despite their ipa suffix, these are just regular ZIP files and can be extracted if you modify the suffix to
Since IPA files all have a well-defined internal structure, what you’ll find inside is a single folder, inside of which will be another folder called
.app. Besides the
Payload folder, you may also find other folders and files, usually for the use of iTunes service.
While on a Macintosh (Mac) computer, the app folder may look like a file. You can open it by right-clicking and selecting the command Show Package Contents.
Inside, you’ll find the following:
This file describes the application to the iOS operating system using a list of properties. In the example shown in the figure below, one can see many properties such as:
- Which files in the .ipa are the icon
- Application display name
- Unique identifier
- Application main executable filename
- The application’s main executable
The main executable contains the code of the application. In essence, this is the application. All the Objective-C and Swift code punched in by your developers is encoded into this file. The executable’s file name is determined by the
The application file contains within it entitlement information, which is Apple’s name for permissions.
- External executable libraries
Other libraries that the main executable uses.
This is a folder that contains frameworks used by the application.
Each framework resides under its own folder called
Frameworks/.frameworkand contains its native code and resources.
In addition, Swift applications have the Swift runtime libraries directly under the
The application executes application extensions.
Documents, images, icons, video and audio files.
If the application is a web app developed with Cordova or React Native for example, the web data will be stored in a folder named
If such an application is fused with TOTALCode obfuscation enabled, these files (which contain the bulk of the application’s intellectual property) would be encrypted.
- Nib or storyboard files
These files describe the application’s UI and how it interacts with its logic.
- Signature information
iOS verifies that all native code elements have not been modified since they were “signed” by the developer/distributor. This includes the executable, frameworks, libraries, PlugIns (app extensions), and WatchKit.
The signing process should follow a certain order: WatchKit, PlugIns, Frameworks (and the appdome Framework), Executable and
- Provisioning information (most commonly
This file determines the deployment permissions of the application. The short explanation is that as a developer, you can only install your application on a limited set of devices (so you won’t distribute an application without Apple’s approval). So, unless you published your application to the App Store (or acquired an enterprise code signature), you need to equip your application with a provisioning profile. The provisioning profile is also a plist file, and should be obtained by the developer from Apple’s developer console.
The provisioning information contains inside it a copy of the application’s entitlements, so as you may understand, you can’t just give an application any permission you want; it must all be “authorized” by Apple.
How Do I Learn More?
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.