Part 4 Development

ESign Interface Integration & Encryption Adaptation Guide

This document provides developers with instructions on how to invoke ESign via web browsers or third-party apps for automated operations, including the latest software source encryption scheme.

ESign Interface Integration Protocol

This document is intended for developers to invoke ESign through web browsers or third-party applications to perform automated tasks, including the latest encryption adaptation for software sources.

1. Quick Add Software Source

When a user clicks the link, it will redirect directly to ESign and add the specified App software source.

  • Protocol Format: enq-app://source/[Source_URL]
  • Example Code: 
    <a href="enq-app://source/https://ipa.yhios.cn/appstore">One-Click Add Official Source</a>

2. Remote Download & Install (Compatibility Mode)

Invokes enq-app via browser to access a specific URL. If the URL points to an .ipa file, enq-app will automatically trigger the download and import it into the resource library.

  • Protocol Format: enq-app://install/[Resource_URL]
  • Example Code: 
    <a href="enq-app://install/https://example.com/test.ipa">Download and Import via ESign</a>

3. Quick Certificate Import (Under Development)

Supports one-click importing of P12 certificates and matching provision profiles via URL parameters.

  • Protocol Format: enq-app://import-certificate?p12=[Base64]&mobileprovision=[Base64]&password=[Base64]

4. Software Source Encryption Adaptation (Server-side)

To protect software source data from malicious scraping, the server-side must dynamically determine whether to enable encryption based on User-Agent identification and specific parameter validation.

4.1 Modification Location

File Path: /application/index/controller/App.php

4.2 Logic Implementation

Add the following adaptation code after retrieving the basic configuration:

// Locate this line
$opencry = Db::name('config')->where(['name'=>'opencry'])->value('value');

// --- ESign Encryption Adaptation Logic Start ---
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$browser_signatures = [
    'Mozilla', 'Chrome', 'Safari', 'Firefox', 'Edge', 'Opera', 
    'MSIE', 'Trident', 'Gecko', 'WebKit', 'Presto', 'Blink',
    'OPR', 'Maxthon', 'UCBrowser', 'QQBrowser', '360Browser',
    'Brave', 'Vivaldi', 'SeaMonkey', 'Chromium'
];

$is_browser = false;
foreach($browser_signatures as $signature) {
    if(strpos($user_agent, $signature) !== false) {
        $is_browser = true;
        break;
    }
}

if($is_browser) {
    // Scenario: Accessed via standard browser. Force encryption/obfuscation to protect source code.
    $opencry = '1'; 
} elseif(isset($_GET['udid'])) {
    // Scenario: ESign client request (with parameters). Disable encryption to return plain text for App parsing.
    $opencry = '0'; 
}
// --- ESign Encryption Adaptation Logic End ---

5. Development Notes

Environment Requirements: Must be opened via Safari or other browsers on an iOS device with ESign pre-installed.

HTTPS Mandatory: For security reasons, all incoming URL resources and encrypted transmissions must support the HTTPS protocol.

System Support: The protocol is compatible with iOS 16 through iOS 26.x versions.