apple_certs_info 0.1.7 → 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.idea/apple_certs_info.iml +6 -6
- data/Gemfile.lock +3 -3
- data/README.md +2 -2
- data/apple_certs_info.gemspec +1 -1
- data/lib/apple_certs_info.rb +114 -62
- data/lib/apple_certs_info/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 74f692fa4bb40d9c467b059a723d622acf96a7beb5c4c75b74c5188821f11dca
|
4
|
+
data.tar.gz: 0a901d56f4645f234dc3dd3bd87dacd1a2d3c58763e909f85759e07f06dd6852
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2c78f4bbbee1026f7f7e0606981721f811156e226c1ef2cb1c0d0a42086fecf80903f4e8f8238cdd307023a8c45dc00e212d7c24607c048d74e88f33d7df197d
|
7
|
+
data.tar.gz: ce66b90a21eac2f27494526d4e913db42429be2c8655dc80ba41d3b3848ef08a381c4fb18e235d95d8df3eec3585852aa85027ca008e62c3a9cfbccbad15501c
|
data/.idea/apple_certs_info.iml
CHANGED
@@ -108,28 +108,28 @@
|
|
108
108
|
</library>
|
109
109
|
</orderEntry>
|
110
110
|
<orderEntry type="module-library">
|
111
|
-
<library name="rspec-mocks (vbundled(3.10.
|
111
|
+
<library name="rspec-mocks (vbundled(3.10.2)) [path][gem]" type="rubylib">
|
112
112
|
<properties>
|
113
113
|
<option name="version" value="4" />
|
114
114
|
</properties>
|
115
115
|
<CLASSES>
|
116
|
-
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-mocks-3.10.
|
116
|
+
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-mocks-3.10.2/lib" />
|
117
117
|
</CLASSES>
|
118
118
|
<SOURCES>
|
119
|
-
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-mocks-3.10.
|
119
|
+
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-mocks-3.10.2/lib" />
|
120
120
|
</SOURCES>
|
121
121
|
</library>
|
122
122
|
</orderEntry>
|
123
123
|
<orderEntry type="module-library">
|
124
|
-
<library name="rspec-support (vbundled(3.10.
|
124
|
+
<library name="rspec-support (vbundled(3.10.2)) [path][gem]" type="rubylib">
|
125
125
|
<properties>
|
126
126
|
<option name="version" value="4" />
|
127
127
|
</properties>
|
128
128
|
<CLASSES>
|
129
|
-
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-support-3.10.
|
129
|
+
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-support-3.10.2/lib" />
|
130
130
|
</CLASSES>
|
131
131
|
<SOURCES>
|
132
|
-
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-support-3.10.
|
132
|
+
<root url="file://$MODULE_DIR$/vendor/bundle/ruby/2.6.0/gems/rspec-support-3.10.2/lib" />
|
133
133
|
</SOURCES>
|
134
134
|
</library>
|
135
135
|
</orderEntry>
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
apple_certs_info (0.1
|
4
|
+
apple_certs_info (0.3.1)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
@@ -17,10 +17,10 @@ GEM
|
|
17
17
|
rspec-expectations (3.10.1)
|
18
18
|
diff-lcs (>= 1.2.0, < 2.0)
|
19
19
|
rspec-support (~> 3.10.0)
|
20
|
-
rspec-mocks (3.10.
|
20
|
+
rspec-mocks (3.10.2)
|
21
21
|
diff-lcs (>= 1.2.0, < 2.0)
|
22
22
|
rspec-support (~> 3.10.0)
|
23
|
-
rspec-support (3.10.
|
23
|
+
rspec-support (3.10.2)
|
24
24
|
|
25
25
|
PLATFORMS
|
26
26
|
ruby
|
data/README.md
CHANGED
@@ -40,7 +40,7 @@ AppleCertsInfo.certificate_distribution_list_limit_days_for(days: 10)
|
|
40
40
|
|
41
41
|
## Contributing
|
42
42
|
|
43
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
43
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/tarappo/apple_certs_info. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/tarappo/apple_certs_info/blob/master/CODE_OF_CONDUCT.md).
|
44
44
|
|
45
45
|
|
46
46
|
## License
|
@@ -49,4 +49,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
49
49
|
|
50
50
|
## Code of Conduct
|
51
51
|
|
52
|
-
Everyone interacting in the AppleCertsInfo project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/
|
52
|
+
Everyone interacting in the AppleCertsInfo project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/tarappo/apple_certs_info/blob/master/CODE_OF_CONDUCT.md).
|
data/apple_certs_info.gemspec
CHANGED
@@ -3,7 +3,7 @@ require_relative 'lib/apple_certs_info/version'
|
|
3
3
|
Gem::Specification.new do |spec|
|
4
4
|
spec.name = "apple_certs_info"
|
5
5
|
spec.version = AppleCertsInfo::VERSION
|
6
|
-
spec.authors = ["
|
6
|
+
spec.authors = ["tarappo"]
|
7
7
|
spec.email = ["tarappo@gmail.com"]
|
8
8
|
|
9
9
|
spec.summary = %q{Apple Certificate files and Provisioning Profile information.}
|
data/lib/apple_certs_info.rb
CHANGED
@@ -13,78 +13,78 @@ module AppleCertsInfo
|
|
13
13
|
@debug_log
|
14
14
|
end
|
15
15
|
|
16
|
+
# Remove duplicate certificate
|
17
|
+
# remove first data
|
18
|
+
def self.remove_duplicate_certificate
|
19
|
+
list = []
|
20
|
+
dist_list = certificate_distribution_list
|
21
|
+
develop_list = certificate_development_list
|
22
|
+
list.concat(dist_list) unless dist_list.nil?
|
23
|
+
list.concat(develop_list) unless develop_list.nil?
|
24
|
+
|
25
|
+
duplicate_cname = list.group_by{ |e| e[:cname] }.select { |k, v| v.size > 1 }.map(&:first)
|
26
|
+
duplicate_cname.each do |cname|
|
27
|
+
delete_first_match_keychain(name: cname)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
16
31
|
# Check Certificate file for iPhone Developer /Apple Development in the KeyChain
|
17
32
|
# @param days: limit days
|
33
|
+
# @return:
|
34
|
+
# expire_datetime: deadline
|
35
|
+
# limit_days: limit days
|
36
|
+
# cname: CN
|
18
37
|
def self.certificate_development_list_limit_days_for(days:)
|
19
38
|
raise "do not set days param" if days.nil?
|
20
|
-
|
39
|
+
filtering_limit_days_for(list: certificate_development_list.uniq, days: days)
|
21
40
|
end
|
22
41
|
|
23
42
|
# Check Certificate file for iPhone/Apple Distribution in the KeyChain
|
43
|
+
# @param days: limit days
|
44
|
+
# @return:
|
45
|
+
# expire_datetime: deadline
|
46
|
+
# limit_days: limit days
|
47
|
+
# cname: CN
|
24
48
|
def self.certificate_distribution_list_limit_days_for(days:)
|
25
49
|
raise "do not set days param" if days.nil?
|
26
|
-
|
50
|
+
filtering_limit_days_for(list: certificate_distribution_list.uniq, days: days)
|
27
51
|
end
|
28
52
|
|
29
53
|
# Check Provisioning Profiles in the Directory that is ~/Library/MobileDevice/Provisioning Profiles/
|
54
|
+
# @param days: limit days
|
55
|
+
# @return:
|
56
|
+
# expire_datetime: deadline
|
57
|
+
# limit_days: limit days
|
58
|
+
# app_identifier: Bundle Identifier
|
59
|
+
# app_id_name => App ID Name
|
30
60
|
def self.provisioning_profile_list_limit_days_for(days:)
|
31
61
|
raise "do not set days param" if days.nil?
|
32
|
-
|
62
|
+
filtering_limit_days_for(list: provisioning_profile_list.uniq, days: days)
|
33
63
|
end
|
34
64
|
|
65
|
+
# All iPhone Developer and Apple Development List
|
35
66
|
def self.certificate_development_list
|
36
67
|
list = []
|
37
68
|
iphone_list = certificate_list_for(name: "iPhone Developer")
|
38
69
|
apple_list = certificate_list_for(name: "Apple Development")
|
39
|
-
list.concat(iphone_list)
|
40
|
-
list.concat(apple_list)
|
70
|
+
list.concat(iphone_list) unless iphone_list.nil?
|
71
|
+
list.concat(apple_list) unless apple_list.nil?
|
41
72
|
return list
|
42
73
|
end
|
43
74
|
|
75
|
+
# All iPhone Distribution and Apple Distribution List
|
44
76
|
def self.certificate_distribution_list
|
45
77
|
list = []
|
46
78
|
iphone_list = certificate_list_for(name: "iPhone Distribution")
|
47
79
|
apple_list = certificate_list_for(name: "Apple Distribution")
|
48
|
-
list.concat(iphone_list)
|
49
|
-
list.concat(apple_list)
|
80
|
+
list.concat(iphone_list) unless iphone_list.nil?
|
81
|
+
list.concat(apple_list) unless apple_list.nil?
|
50
82
|
return list
|
51
83
|
end
|
52
84
|
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
temp_pem_file = Tempfile.new(::File.basename("temp_pem"))
|
57
|
-
|
58
|
-
begin
|
59
|
-
`security find-certificate -a -c "#{name}" -p > #{temp_pem_file.path}`
|
60
|
-
result = `openssl x509 -text -fingerprint -noout -in #{temp_pem_file.path}`
|
61
|
-
|
62
|
-
expire_datetime_match = result.match(/.*Not After :(.*)/)
|
63
|
-
raise "not exits expire date" if expire_datetime_match.nil?
|
64
|
-
|
65
|
-
expire_datetime = Time.parse(expire_datetime_match[1])
|
66
|
-
|
67
|
-
cname_match = result.match(/Subject: .* CN=(.*), OU=.*/)
|
68
|
-
raise "not exists cname:#{result}" if cname_match.nil?
|
69
|
-
cname = cname_match[1]
|
70
|
-
|
71
|
-
limit_days = calc_limit_days(datetime: expire_datetime)
|
72
|
-
|
73
|
-
rescue StandardError => e
|
74
|
-
raise(e.message)
|
75
|
-
ensure
|
76
|
-
temp_pem_file.close && temp_pem_file.unlink
|
77
|
-
end
|
78
|
-
|
79
|
-
return {
|
80
|
-
:expire_datetime => expire_datetime,
|
81
|
-
:limit_days => limit_days,
|
82
|
-
:cname => cname
|
83
|
-
}
|
84
|
-
end
|
85
|
-
|
86
|
-
def self.provisioning_profile_list_info(dir: "~/Library/MobileDevice/Provisioning\\ Profiles/*.mobileprovision")
|
87
|
-
info = []
|
85
|
+
# Provisioning Profile List
|
86
|
+
def self.provisioning_profile_list(dir: "~/Library/MobileDevice/Provisioning\\ Profiles/*.mobileprovision")
|
87
|
+
list = []
|
88
88
|
Dir.glob("#{File.expand_path(dir)}") do |file|
|
89
89
|
file_name_match = file.match(/.*\/(.*)\.mobileprovision/)
|
90
90
|
raise "not exists Provisioning Profile" if file_name_match.nil?
|
@@ -110,47 +110,99 @@ module AppleCertsInfo
|
|
110
110
|
temp_plist_file.close && temp_plist_file.unlink
|
111
111
|
end
|
112
112
|
|
113
|
-
|
113
|
+
list << {
|
114
114
|
:expire_datetime => expire_datetime,
|
115
115
|
:limit_days => limit_days,
|
116
116
|
:app_identifier => app_identifier,
|
117
117
|
:app_id_name => app_id_name
|
118
118
|
}
|
119
119
|
end
|
120
|
-
return
|
120
|
+
return list
|
121
121
|
end
|
122
122
|
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
when "provisioning_profile" then
|
131
|
-
list = provisioning_profile_list_info
|
132
|
-
end
|
133
|
-
puts(list) if @debug_log == true
|
123
|
+
# Certificate Information for target name
|
124
|
+
# @return
|
125
|
+
# expire_datetime: deadline
|
126
|
+
# limit_days: limit days
|
127
|
+
# cname: CN
|
128
|
+
def self.certificate_info_for(name:)
|
129
|
+
raise "do not set name param" if name.nil?
|
134
130
|
|
135
|
-
|
136
|
-
|
137
|
-
|
131
|
+
info = []
|
132
|
+
begin
|
133
|
+
temp_pem_file = certificate_exchange_pem_file_for(name: name)
|
134
|
+
result = `openssl crl2pkcs7 -nocrl -certfile #{temp_pem_file.path} | openssl pkcs7 -print_certs -text -noout`
|
135
|
+
|
136
|
+
expire_datetime_match = result.scan(/.*Not After :(.*)/)
|
137
|
+
raise "not exits expire date" if expire_datetime_match.nil?
|
138
|
+
|
139
|
+
cname_match = result.match(/Subject: .* CN=(.*), OU=.*/)
|
140
|
+
raise "not exists cname:#{result}" if cname_match.nil?
|
141
|
+
|
142
|
+
expire_datetime_match.each do |original_datetime|
|
143
|
+
expire_datetime = Time.parse(original_datetime.first)
|
144
|
+
limit_days = calc_limit_days(datetime: expire_datetime)
|
145
|
+
cname = cname_match[1] # cname is same
|
146
|
+
|
147
|
+
info << {
|
148
|
+
:expire_datetime => expire_datetime,
|
149
|
+
:limit_days => limit_days,
|
150
|
+
:cname => cname,
|
151
|
+
}
|
152
|
+
end
|
153
|
+
rescue StandardError => e
|
154
|
+
raise(e.message)
|
155
|
+
ensure
|
156
|
+
temp_pem_file.close && temp_pem_file.unlink
|
138
157
|
end
|
139
158
|
|
140
|
-
|
159
|
+
return info
|
160
|
+
end
|
161
|
+
|
162
|
+
|
163
|
+
private
|
164
|
+
def self.delete_first_match_keychain(name:)
|
165
|
+
result = `security find-certificate -a -c "#{name}" -Z`
|
166
|
+
sha_match = result.match(/SHA-1 hash: (.*)/)
|
167
|
+
keychain_path = result.match(/keychain: (.*)/)
|
168
|
+
raise "not exits sha-1" if sha_match.nil?
|
169
|
+
raise "not exits keychain_path" if keychain_path.nil?
|
170
|
+
sha1 = sha_match[1]
|
171
|
+
puts "Delete #{name} / SHA-1: #{sha1}"
|
172
|
+
|
173
|
+
result = `security delete-certificate -Z #{sha1} #{keychain_path[1]}`
|
141
174
|
end
|
142
175
|
|
143
176
|
def self.certificate_list_for(name:)
|
144
|
-
result = `security find-certificate -a -c "#{name}"`
|
177
|
+
result = `security find-certificate -a -c "#{name}" -Z`
|
145
178
|
name_match_list = result.scan(/.*alis".*=\"(.*)\".*/)
|
146
179
|
puts(name_match_list) if @debug_log == true
|
147
180
|
|
148
181
|
info = []
|
149
|
-
name_match_list.each do|name_match|
|
182
|
+
name_match_list.uniq.each do|name_match|
|
150
183
|
info << certificate_info_for(name:name_match[0])
|
151
184
|
end
|
152
185
|
|
153
|
-
info
|
186
|
+
info.flatten!
|
187
|
+
end
|
188
|
+
|
189
|
+
# filtering list
|
190
|
+
def self.filtering_limit_days_for(list:, days:)
|
191
|
+
danger_list = []
|
192
|
+
list.each do |info|
|
193
|
+
danger_list << info if info[:limit_days].to_i <= days.to_i
|
194
|
+
end
|
195
|
+
|
196
|
+
danger_list
|
197
|
+
end
|
198
|
+
|
199
|
+
# exchange pem file
|
200
|
+
# @param name: unique name
|
201
|
+
def self.certificate_exchange_pem_file_for(name:)
|
202
|
+
temp_pem_file = Tempfile.new(::File.basename("temp_pem"))
|
203
|
+
`security find-certificate -a -c "#{name}" -p > #{temp_pem_file.path}`
|
204
|
+
|
205
|
+
temp_pem_file
|
154
206
|
end
|
155
207
|
|
156
208
|
def self.calc_limit_days(datetime:)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: apple_certs_info
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1
|
4
|
+
version: 0.3.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- tarappo
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-02-19 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description:
|
14
14
|
email:
|