howsigned 0.0.5 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/howsigned +2 -1
- data/lib/compare.rb +49 -0
- data/lib/entitlements.rb +21 -14
- data/lib/profiles.rb +17 -7
- data/lib/validate_ipa.rb +3 -8
- data/lib/verify.rb +2 -3
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 17c40520b69c7b9f1fb516b1a66accb3697cc921
|
4
|
+
data.tar.gz: e781a50820c86c58b5abadbf4ad9d5c6dade1881
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 295222840b8ecfb190216b2c04fe1767771649078c1ddd4329efe8381327322c295e7e2a47dfed7ff767b150933f40937ec2b938d82900567563adce32bc8d1e
|
7
|
+
data.tar.gz: b205ccc89dee8ea4ef5dbfee027a85a3b20bc888c97d36fedc7f63b289945e7fb771cb83f6070f7b2bae2856a125c948e4b5b467e0a5b9c8f888a8a93a2e083c
|
data/bin/howsigned
CHANGED
@@ -6,7 +6,8 @@ require 'commander/import'
|
|
6
6
|
require 'entitlements'
|
7
7
|
require 'profiles'
|
8
8
|
require 'verify'
|
9
|
+
require 'compare'
|
9
10
|
|
10
|
-
program :version, '0.0.
|
11
|
+
program :version, '0.0.6'
|
11
12
|
program :description, 'Utility to determine codesigning on contained binaries in an .ipa'
|
12
13
|
|
data/lib/compare.rb
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
require 'plist'
|
2
|
+
require 'zip'
|
3
|
+
require 'zip/filesystem'
|
4
|
+
require 'validate_ipa'
|
5
|
+
require 'extract_zip'
|
6
|
+
require 'entitlements'
|
7
|
+
require 'profiles'
|
8
|
+
|
9
|
+
def write_plist_to_path(plist, path)
|
10
|
+
File.write(path, plist)
|
11
|
+
end
|
12
|
+
|
13
|
+
command :compare do |c|
|
14
|
+
c.syntax = 'howsigned entitlements [.ipa file]'
|
15
|
+
c.description = 'Prints entitlements of specified .ipa in plist format'
|
16
|
+
c.action do |args, options|
|
17
|
+
first_file = validate_ipa(args.pop)
|
18
|
+
second_file = validate_ipa(args.pop)
|
19
|
+
|
20
|
+
first_tempdir = ::File.new(Dir.mktmpdir)
|
21
|
+
extract_zip(first_file, first_tempdir)
|
22
|
+
|
23
|
+
second_tempdir = ::File.new(Dir.mktmpdir)
|
24
|
+
extract_zip(second_file, second_tempdir)
|
25
|
+
|
26
|
+
first_entitlements = get_entitlements(first_tempdir.path)
|
27
|
+
second_entitlements = get_entitlements(second_tempdir.path)
|
28
|
+
|
29
|
+
first_profiles = get_profiles(first_tempdir.path)
|
30
|
+
second_profiles = get_profiles(second_tempdir.path)
|
31
|
+
|
32
|
+
temp_plist_dir = ::File.new(Dir.mktmpdir).path
|
33
|
+
write_plist_to_path(first_entitlements, "#{temp_plist_dir}/entitlements1.plist")
|
34
|
+
write_plist_to_path(second_entitlements, "#{temp_plist_dir}/entitlements2.plist")
|
35
|
+
write_plist_to_path(first_profiles, "#{temp_plist_dir}/profiles1.plist")
|
36
|
+
write_plist_to_path(second_profiles, "#{temp_plist_dir}/profiles2.plist")
|
37
|
+
|
38
|
+
entitlements_diff = `diff "#{temp_plist_dir}/entitlements1.plist" "#{temp_plist_dir}/entitlements2.plist"`
|
39
|
+
profiles_diff = `diff "#{temp_plist_dir}/profiles1.plist" "#{temp_plist_dir}/profiles2.plist"`
|
40
|
+
|
41
|
+
if (entitlements_diff.length > 0)
|
42
|
+
puts entitlements_diff
|
43
|
+
end
|
44
|
+
|
45
|
+
if (profiles_diff.length > 0)
|
46
|
+
puts profiles_diff
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
data/lib/entitlements.rb
CHANGED
@@ -9,35 +9,42 @@ require 'extract_zip'
|
|
9
9
|
require 'contained_binaries_definition'
|
10
10
|
|
11
11
|
def append_entitlements(path, entitlements_hash)
|
12
|
+
index = 0
|
12
13
|
Dir.glob(path) do |file|
|
13
14
|
entitlements = `codesign -d --entitlements :- "#{file}" 2>&1`
|
14
15
|
plist_entitlements = Plist::parse_xml(entitlements)
|
15
|
-
|
16
|
-
|
16
|
+
if (plist_entitlements)
|
17
|
+
application_identifier = plist_entitlements["application-identifier"] ? plist_entitlements["application-identifier"] : index.to_s
|
18
|
+
entitlements_hash[application_identifier] = plist_entitlements
|
19
|
+
index = index + 1
|
20
|
+
end
|
17
21
|
end
|
18
22
|
end
|
19
23
|
|
20
|
-
|
21
|
-
c.syntax = 'howsigned entitlements [.ipa file]'
|
22
|
-
c.description = 'Prints entitlements of specified .ipa in plist format'
|
23
|
-
c.action do |args, options|
|
24
|
-
validate_ipa! unless @file = args.pop
|
25
|
-
puts "Missing or unspecified .ipa file" and abort unless @file and ::File.exist?(@file)
|
26
|
-
|
27
|
-
tempdir = ::File.new(Dir.mktmpdir)
|
28
|
-
extract_zip(@file, tempdir)
|
29
|
-
|
24
|
+
def get_entitlements(tempdir_path)
|
30
25
|
entitlements_hash = Hash.new
|
31
26
|
|
32
27
|
contained_binary_extensions().each { |extension|
|
33
|
-
append_entitlements("#{
|
28
|
+
append_entitlements("#{tempdir_path}/**/*.#{extension}", entitlements_hash)
|
34
29
|
}
|
35
30
|
|
36
31
|
if (entitlements_hash.length == 0)
|
37
32
|
abort "No entitlements found on contained binaries"
|
38
33
|
end
|
39
34
|
|
40
|
-
|
35
|
+
return entitlements_hash.to_plist
|
36
|
+
end
|
37
|
+
|
38
|
+
command :entitlements do |c|
|
39
|
+
c.syntax = 'howsigned entitlements [.ipa file]'
|
40
|
+
c.description = 'Prints entitlements of specified .ipa in plist format'
|
41
|
+
c.action do |args, options|
|
42
|
+
file = validate_ipa(args.pop)
|
43
|
+
|
44
|
+
tempdir = ::File.new(Dir.mktmpdir)
|
45
|
+
extract_zip(file, tempdir)
|
46
|
+
|
47
|
+
puts get_entitlements(tempdir.path)
|
41
48
|
end
|
42
49
|
end
|
43
50
|
|
data/lib/profiles.rb
CHANGED
@@ -4,13 +4,22 @@ require 'zip/filesystem'
|
|
4
4
|
require 'validate_ipa'
|
5
5
|
require 'extract_zip'
|
6
6
|
|
7
|
-
def get_profiles(
|
7
|
+
def get_profiles(tempdir_path, only_expiration)
|
8
|
+
path = "#{tempdir_path}/**/*.mobileprovision"
|
8
9
|
profiles = Hash.new
|
10
|
+
index = 0
|
9
11
|
Dir.glob(path) do |file|
|
10
12
|
profile = `security cms -D -i "#{file}" 2>&1`
|
11
13
|
plist_profile = Plist::parse_xml(profile)
|
12
|
-
|
13
|
-
|
14
|
+
if plist_profile
|
15
|
+
app_id = plist_profile["AppIDName"] ? plist_profile["AppIDName"] : index.to_s
|
16
|
+
if only_expiration
|
17
|
+
profiles[app_id] = plist_profile["ExpirationDate"]
|
18
|
+
else
|
19
|
+
profiles[app_id] = plist_profile
|
20
|
+
end
|
21
|
+
index = index + 1
|
22
|
+
end
|
14
23
|
end
|
15
24
|
|
16
25
|
if (profiles.length == 0)
|
@@ -22,14 +31,15 @@ end
|
|
22
31
|
command :profiles do |c|
|
23
32
|
c.syntax = 'howsigned profiles [.ipa file]'
|
24
33
|
c.description = 'Prints embedded profiles of specified .ipa in plist format'
|
34
|
+
c.option '--expiration', "When specified, will print only the expiration dates of embedded profiles"
|
25
35
|
c.action do |args, options|
|
26
|
-
|
27
|
-
|
36
|
+
file = validate_ipa(args.pop)
|
37
|
+
only_expiration = options.expiration || false
|
28
38
|
|
29
39
|
tempdir = ::File.new(Dir.mktmpdir)
|
30
|
-
extract_zip(
|
40
|
+
extract_zip(file, tempdir)
|
31
41
|
|
32
|
-
puts get_profiles(
|
42
|
+
puts get_profiles(tempdir.path, only_expiration)
|
33
43
|
end
|
34
44
|
end
|
35
45
|
|
data/lib/validate_ipa.rb
CHANGED
@@ -1,9 +1,4 @@
|
|
1
|
-
def validate_ipa
|
2
|
-
|
3
|
-
|
4
|
-
when 0 then nil
|
5
|
-
when 1 then files.first
|
6
|
-
else
|
7
|
-
@file = choose "Select an .ipa", *files
|
8
|
-
end
|
1
|
+
def validate_ipa(file)
|
2
|
+
puts "Missing or unspecified .ipa file" and abort unless file and ::File.exist?(file)
|
3
|
+
return file
|
9
4
|
end
|
data/lib/verify.rb
CHANGED
@@ -18,11 +18,10 @@ command :verify do |c|
|
|
18
18
|
c.syntax = 'howsigned verify [.ipa file]'
|
19
19
|
c.description = 'Verifies the code signature of all binaries contained within the .ipa, will return nothing if signed correctly'
|
20
20
|
c.action do |args, options|
|
21
|
-
|
22
|
-
puts "Missing or unspecified .ipa file" and abort unless @file and ::File.exist?(@file)
|
21
|
+
file = validate_ipa(args.pop)
|
23
22
|
|
24
23
|
tempdir = ::File.new(Dir.mktmpdir)
|
25
|
-
extract_zip(
|
24
|
+
extract_zip(file, tempdir)
|
26
25
|
|
27
26
|
entitlements_hash = Hash.new
|
28
27
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: howsigned
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Michael MacDougall
|
@@ -60,6 +60,7 @@ extensions: []
|
|
60
60
|
extra_rdoc_files: []
|
61
61
|
files:
|
62
62
|
- bin/howsigned
|
63
|
+
- lib/compare.rb
|
63
64
|
- lib/contained_binaries_definition.rb
|
64
65
|
- lib/entitlements.rb
|
65
66
|
- lib/extract_zip.rb
|