pass_signer 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +14 -0
- data/.rspec +3 -0
- data/.rubocop.yml +219 -0
- data/.travis.yml +7 -0
- data/.vscode/launch.json +27 -0
- data/CODE_OF_CONDUCT.md +74 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +80 -0
- data/README.md +39 -0
- data/Rakefile +6 -0
- data/exe/pass_signer +42 -0
- data/lib/pass_signer.rb +158 -0
- data/lib/pass_signer/version.rb +3 -0
- data/pass_signer.gemspec +34 -0
- metadata +159 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 5b14229a36d0e204ce178496ec29f5950d5db842d9bf314ed60632433a5ff3cf
|
4
|
+
data.tar.gz: 29c260062b62ec41a193de65e6cdc35ab98c48231c7ef7412d6d55fb18f3247a
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: ad4ca6c16f83b4e14537a7b46db75d4a092a2bcaa7007db734a67b53a43318a072dd5cbf002f34222365d080b38454234f5e3c2afc2016d619f0a04f25e8f86d
|
7
|
+
data.tar.gz: b2bc10dc77c5dcbed9af0c4fb266982fb97b24a36b7fb9d1ac9f7aff9b0b1b9606430f2144b37b7190055b3f0441f08726da863b4c9bb9d9e79449c0c3dabf35
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/.rubocop.yml
ADDED
@@ -0,0 +1,219 @@
|
|
1
|
+
require: rubocop-performance
|
2
|
+
|
3
|
+
AllCops:
|
4
|
+
TargetRubyVersion: 2.5
|
5
|
+
|
6
|
+
Performance:
|
7
|
+
Exclude:
|
8
|
+
- '**/test/**/*'
|
9
|
+
|
10
|
+
|
11
|
+
# Prefer &&/|| over and/or.
|
12
|
+
Style/AndOr:
|
13
|
+
Enabled: true
|
14
|
+
|
15
|
+
# Do not use braces for hash literals when they are the last argument of a
|
16
|
+
# method call.
|
17
|
+
Style/BracesAroundHashParameters:
|
18
|
+
Enabled: true
|
19
|
+
EnforcedStyle: context_dependent
|
20
|
+
|
21
|
+
# Align `when` with `case`.
|
22
|
+
Layout/CaseIndentation:
|
23
|
+
Enabled: true
|
24
|
+
|
25
|
+
# Align comments with method definitions.
|
26
|
+
Layout/CommentIndentation:
|
27
|
+
Enabled: true
|
28
|
+
|
29
|
+
Layout/ElseAlignment:
|
30
|
+
Enabled: true
|
31
|
+
|
32
|
+
# Align `end` with the matching keyword or starting expression except for
|
33
|
+
# assignments, where it should be aligned with the LHS.
|
34
|
+
Layout/EndAlignment:
|
35
|
+
Enabled: true
|
36
|
+
EnforcedStyleAlignWith: variable
|
37
|
+
AutoCorrect: true
|
38
|
+
|
39
|
+
Layout/EmptyLineAfterMagicComment:
|
40
|
+
Enabled: true
|
41
|
+
|
42
|
+
Layout/EmptyLinesAroundBlockBody:
|
43
|
+
Enabled: true
|
44
|
+
|
45
|
+
# In a regular class definition, no empty lines around the body.
|
46
|
+
Layout/EmptyLinesAroundClassBody:
|
47
|
+
Enabled: true
|
48
|
+
|
49
|
+
# In a regular method definition, no empty lines around the body.
|
50
|
+
Layout/EmptyLinesAroundMethodBody:
|
51
|
+
Enabled: true
|
52
|
+
|
53
|
+
# In a regular module definition, no empty lines around the body.
|
54
|
+
Layout/EmptyLinesAroundModuleBody:
|
55
|
+
Enabled: true
|
56
|
+
|
57
|
+
# Use Ruby >= 1.9 syntax for hashes. Prefer { a: :b } over { :a => :b }.
|
58
|
+
Style/HashSyntax:
|
59
|
+
Enabled: true
|
60
|
+
|
61
|
+
# Method definitions after `private` or `protected` isolated calls need one
|
62
|
+
# extra level of indentation.
|
63
|
+
Layout/IndentationConsistency:
|
64
|
+
Enabled: true
|
65
|
+
EnforcedStyle: rails
|
66
|
+
|
67
|
+
# Two spaces, no tabs (for indentation).
|
68
|
+
Layout/IndentationWidth:
|
69
|
+
Enabled: true
|
70
|
+
|
71
|
+
Layout/LeadingCommentSpace:
|
72
|
+
Enabled: true
|
73
|
+
|
74
|
+
Layout/SpaceAfterColon:
|
75
|
+
Enabled: true
|
76
|
+
|
77
|
+
Layout/SpaceAfterComma:
|
78
|
+
Enabled: true
|
79
|
+
|
80
|
+
Layout/SpaceAfterSemicolon:
|
81
|
+
Enabled: true
|
82
|
+
|
83
|
+
Layout/SpaceAroundEqualsInParameterDefault:
|
84
|
+
Enabled: true
|
85
|
+
|
86
|
+
Layout/SpaceAroundKeyword:
|
87
|
+
Enabled: true
|
88
|
+
|
89
|
+
Layout/SpaceAroundOperators:
|
90
|
+
Enabled: true
|
91
|
+
|
92
|
+
Layout/SpaceBeforeComma:
|
93
|
+
Enabled: true
|
94
|
+
|
95
|
+
Layout/SpaceBeforeComment:
|
96
|
+
Enabled: true
|
97
|
+
|
98
|
+
Layout/SpaceBeforeFirstArg:
|
99
|
+
Enabled: true
|
100
|
+
|
101
|
+
Style/DefWithParentheses:
|
102
|
+
Enabled: true
|
103
|
+
|
104
|
+
# Defining a method with parameters needs parentheses.
|
105
|
+
Style/MethodDefParentheses:
|
106
|
+
Enabled: true
|
107
|
+
|
108
|
+
Style/FrozenStringLiteralComment:
|
109
|
+
Enabled: true
|
110
|
+
EnforcedStyle: always
|
111
|
+
|
112
|
+
Style/RedundantFreeze:
|
113
|
+
Enabled: true
|
114
|
+
|
115
|
+
# Use `foo {}` not `foo{}`.
|
116
|
+
Layout/SpaceBeforeBlockBraces:
|
117
|
+
Enabled: true
|
118
|
+
|
119
|
+
# Use `foo { bar }` not `foo {bar}`.
|
120
|
+
Layout/SpaceInsideBlockBraces:
|
121
|
+
Enabled: true
|
122
|
+
EnforcedStyleForEmptyBraces: space
|
123
|
+
|
124
|
+
# Use `{ a: 1 }` not `{a:1}`.
|
125
|
+
Layout/SpaceInsideHashLiteralBraces:
|
126
|
+
Enabled: true
|
127
|
+
|
128
|
+
Layout/SpaceInsideParens:
|
129
|
+
Enabled: true
|
130
|
+
|
131
|
+
# Check quotes usage according to lint rule below.
|
132
|
+
Style/StringLiterals:
|
133
|
+
Enabled: true
|
134
|
+
|
135
|
+
# Detect hard tabs, no hard tabs.
|
136
|
+
Layout/Tab:
|
137
|
+
Enabled: true
|
138
|
+
|
139
|
+
# Blank lines should not have any spaces.
|
140
|
+
Layout/TrailingBlankLines:
|
141
|
+
Enabled: true
|
142
|
+
|
143
|
+
# No trailing whitespace.
|
144
|
+
Layout/TrailingWhitespace:
|
145
|
+
Enabled: true
|
146
|
+
|
147
|
+
# Use quotes for string literals when they are enough.
|
148
|
+
Style/UnneededPercentQ:
|
149
|
+
Enabled: true
|
150
|
+
|
151
|
+
Lint/AmbiguousOperator:
|
152
|
+
Enabled: true
|
153
|
+
|
154
|
+
Lint/AmbiguousRegexpLiteral:
|
155
|
+
Enabled: true
|
156
|
+
|
157
|
+
Lint/ErbNewArguments:
|
158
|
+
Enabled: true
|
159
|
+
|
160
|
+
# Use my_method(my_arg) not my_method( my_arg ) or my_method my_arg.
|
161
|
+
Lint/RequireParentheses:
|
162
|
+
Enabled: true
|
163
|
+
|
164
|
+
Lint/ShadowingOuterLocalVariable:
|
165
|
+
Enabled: true
|
166
|
+
|
167
|
+
Lint/StringConversionInInterpolation:
|
168
|
+
Enabled: true
|
169
|
+
|
170
|
+
Lint/UriEscapeUnescape:
|
171
|
+
Enabled: true
|
172
|
+
|
173
|
+
Lint/UselessAssignment:
|
174
|
+
Enabled: true
|
175
|
+
|
176
|
+
Lint/DeprecatedClassMethods:
|
177
|
+
Enabled: true
|
178
|
+
|
179
|
+
Style/ParenthesesAroundCondition:
|
180
|
+
Enabled: true
|
181
|
+
|
182
|
+
Style/RedundantBegin:
|
183
|
+
Enabled: true
|
184
|
+
|
185
|
+
Style/RedundantReturn:
|
186
|
+
Enabled: true
|
187
|
+
AllowMultipleReturnValues: true
|
188
|
+
|
189
|
+
Style/Semicolon:
|
190
|
+
Enabled: true
|
191
|
+
AllowAsExpressionSeparator: true
|
192
|
+
|
193
|
+
# Prefer Foo.method over Foo::method
|
194
|
+
Style/ColonMethodCall:
|
195
|
+
Enabled: true
|
196
|
+
|
197
|
+
Style/TrivialAccessors:
|
198
|
+
Enabled: true
|
199
|
+
|
200
|
+
Performance/FlatMap:
|
201
|
+
Enabled: true
|
202
|
+
|
203
|
+
Performance/RedundantMerge:
|
204
|
+
Enabled: true
|
205
|
+
|
206
|
+
Performance/StartWith:
|
207
|
+
Enabled: true
|
208
|
+
|
209
|
+
Performance/EndWith:
|
210
|
+
Enabled: true
|
211
|
+
|
212
|
+
Performance/RegexpMatch:
|
213
|
+
Enabled: true
|
214
|
+
|
215
|
+
Performance/ReverseEach:
|
216
|
+
Enabled: true
|
217
|
+
|
218
|
+
Performance/UnfreezeString:
|
219
|
+
Enabled: true
|
data/.travis.yml
ADDED
data/.vscode/launch.json
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
{
|
2
|
+
// Use IntelliSense to learn about possible attributes.
|
3
|
+
// Hover to view descriptions of existing attributes.
|
4
|
+
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
|
5
|
+
"version": "0.2.0",
|
6
|
+
"configurations": [
|
7
|
+
{
|
8
|
+
"name": "Listen for rdebug-ide",
|
9
|
+
"type": "Ruby",
|
10
|
+
"request": "attach",
|
11
|
+
"remoteHost": "127.0.0.1",
|
12
|
+
"remotePort": "1234",
|
13
|
+
"remoteWorkspaceRoot": "${workspaceRoot}"
|
14
|
+
},
|
15
|
+
|
16
|
+
{
|
17
|
+
"name": "RSpec - all",
|
18
|
+
"type": "Ruby",
|
19
|
+
"request": "launch",
|
20
|
+
"program": "${workspaceRoot}/bin/rspec",
|
21
|
+
"args": [
|
22
|
+
"-I",
|
23
|
+
"${workspaceRoot}"
|
24
|
+
]
|
25
|
+
}
|
26
|
+
]
|
27
|
+
}
|
data/CODE_OF_CONDUCT.md
ADDED
@@ -0,0 +1,74 @@
|
|
1
|
+
# Contributor Covenant Code of Conduct
|
2
|
+
|
3
|
+
## Our Pledge
|
4
|
+
|
5
|
+
In the interest of fostering an open and welcoming environment, we as
|
6
|
+
contributors and maintainers pledge to making participation in our project and
|
7
|
+
our community a harassment-free experience for everyone, regardless of age, body
|
8
|
+
size, disability, ethnicity, gender identity and expression, level of experience,
|
9
|
+
nationality, personal appearance, race, religion, or sexual identity and
|
10
|
+
orientation.
|
11
|
+
|
12
|
+
## Our Standards
|
13
|
+
|
14
|
+
Examples of behavior that contributes to creating a positive environment
|
15
|
+
include:
|
16
|
+
|
17
|
+
* Using welcoming and inclusive language
|
18
|
+
* Being respectful of differing viewpoints and experiences
|
19
|
+
* Gracefully accepting constructive criticism
|
20
|
+
* Focusing on what is best for the community
|
21
|
+
* Showing empathy towards other community members
|
22
|
+
|
23
|
+
Examples of unacceptable behavior by participants include:
|
24
|
+
|
25
|
+
* The use of sexualized language or imagery and unwelcome sexual attention or
|
26
|
+
advances
|
27
|
+
* Trolling, insulting/derogatory comments, and personal or political attacks
|
28
|
+
* Public or private harassment
|
29
|
+
* Publishing others' private information, such as a physical or electronic
|
30
|
+
address, without explicit permission
|
31
|
+
* Other conduct which could reasonably be considered inappropriate in a
|
32
|
+
professional setting
|
33
|
+
|
34
|
+
## Our Responsibilities
|
35
|
+
|
36
|
+
Project maintainers are responsible for clarifying the standards of acceptable
|
37
|
+
behavior and are expected to take appropriate and fair corrective action in
|
38
|
+
response to any instances of unacceptable behavior.
|
39
|
+
|
40
|
+
Project maintainers have the right and responsibility to remove, edit, or
|
41
|
+
reject comments, commits, code, wiki edits, issues, and other contributions
|
42
|
+
that are not aligned to this Code of Conduct, or to ban temporarily or
|
43
|
+
permanently any contributor for other behaviors that they deem inappropriate,
|
44
|
+
threatening, offensive, or harmful.
|
45
|
+
|
46
|
+
## Scope
|
47
|
+
|
48
|
+
This Code of Conduct applies both within project spaces and in public spaces
|
49
|
+
when an individual is representing the project or its community. Examples of
|
50
|
+
representing a project or community include using an official project e-mail
|
51
|
+
address, posting via an official social media account, or acting as an appointed
|
52
|
+
representative at an online or offline event. Representation of a project may be
|
53
|
+
further defined and clarified by project maintainers.
|
54
|
+
|
55
|
+
## Enforcement
|
56
|
+
|
57
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
58
|
+
reported by contacting the project team at git@patrickmetcalfe.com. All
|
59
|
+
complaints will be reviewed and investigated and will result in a response that
|
60
|
+
is deemed necessary and appropriate to the circumstances. The project team is
|
61
|
+
obligated to maintain confidentiality with regard to the reporter of an incident.
|
62
|
+
Further details of specific enforcement policies may be posted separately.
|
63
|
+
|
64
|
+
Project maintainers who do not follow or enforce the Code of Conduct in good
|
65
|
+
faith may face temporary or permanent repercussions as determined by other
|
66
|
+
members of the project's leadership.
|
67
|
+
|
68
|
+
## Attribution
|
69
|
+
|
70
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
|
71
|
+
available at [http://contributor-covenant.org/version/1/4][version]
|
72
|
+
|
73
|
+
[homepage]: http://contributor-covenant.org
|
74
|
+
[version]: http://contributor-covenant.org/version/1/4/
|
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,80 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
pass_signer (1.0.0)
|
5
|
+
rubyzip
|
6
|
+
|
7
|
+
GEM
|
8
|
+
remote: https://rubygems.org/
|
9
|
+
specs:
|
10
|
+
ast (2.4.0)
|
11
|
+
backport (1.0.0)
|
12
|
+
diff-lcs (1.3)
|
13
|
+
htmlentities (4.3.4)
|
14
|
+
jaro_winkler (1.5.1)
|
15
|
+
kramdown (1.17.0)
|
16
|
+
mini_portile2 (2.4.0)
|
17
|
+
nokogiri (1.10.1)
|
18
|
+
mini_portile2 (~> 2.4.0)
|
19
|
+
parallel (1.12.1)
|
20
|
+
parser (2.6.3.0)
|
21
|
+
ast (~> 2.4.0)
|
22
|
+
rainbow (3.0.0)
|
23
|
+
rake (12.3.2)
|
24
|
+
reverse_markdown (1.1.0)
|
25
|
+
nokogiri
|
26
|
+
rspec (3.8.0)
|
27
|
+
rspec-core (~> 3.8.0)
|
28
|
+
rspec-expectations (~> 3.8.0)
|
29
|
+
rspec-mocks (~> 3.8.0)
|
30
|
+
rspec-core (3.8.0)
|
31
|
+
rspec-support (~> 3.8.0)
|
32
|
+
rspec-expectations (3.8.3)
|
33
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
34
|
+
rspec-support (~> 3.8.0)
|
35
|
+
rspec-mocks (3.8.0)
|
36
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
37
|
+
rspec-support (~> 3.8.0)
|
38
|
+
rspec-support (3.8.0)
|
39
|
+
rubocop (0.70.0)
|
40
|
+
jaro_winkler (~> 1.5.1)
|
41
|
+
parallel (~> 1.10)
|
42
|
+
parser (>= 2.6)
|
43
|
+
rainbow (>= 2.2.2, < 4.0)
|
44
|
+
ruby-progressbar (~> 1.7)
|
45
|
+
unicode-display_width (>= 1.4.0, < 1.7)
|
46
|
+
rubocop-performance (1.3.0)
|
47
|
+
rubocop (>= 0.68.0)
|
48
|
+
ruby-progressbar (1.10.0)
|
49
|
+
rubyzip (1.2.2)
|
50
|
+
solargraph (0.32.3)
|
51
|
+
backport (~> 1.0)
|
52
|
+
bundler (>= 1.17.2)
|
53
|
+
htmlentities (~> 4.3, >= 4.3.4)
|
54
|
+
jaro_winkler (~> 1.5)
|
55
|
+
kramdown (~> 1.16)
|
56
|
+
parser (~> 2.3)
|
57
|
+
reverse_markdown (~> 1.0, >= 1.0.5)
|
58
|
+
rubocop (~> 0.52)
|
59
|
+
thor (~> 0.19, >= 0.19.4)
|
60
|
+
tilt (~> 2.0)
|
61
|
+
yard (~> 0.9)
|
62
|
+
thor (0.20.3)
|
63
|
+
tilt (2.0.9)
|
64
|
+
unicode-display_width (1.4.0)
|
65
|
+
yard (0.9.18)
|
66
|
+
|
67
|
+
PLATFORMS
|
68
|
+
ruby
|
69
|
+
|
70
|
+
DEPENDENCIES
|
71
|
+
bundler (~> 2.0)
|
72
|
+
pass_signer!
|
73
|
+
rake (~> 12)
|
74
|
+
rspec (~> 3.0)
|
75
|
+
rubocop (~> 0)
|
76
|
+
rubocop-performance
|
77
|
+
solargraph
|
78
|
+
|
79
|
+
BUNDLED WITH
|
80
|
+
2.0.1
|
data/README.md
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
# PassSigner
|
2
|
+
|
3
|
+
Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/pass_signer`. To experiment with that code, run `bin/console` for an interactive prompt.
|
4
|
+
|
5
|
+
TODO: Delete this and the text above, and describe your gem
|
6
|
+
|
7
|
+
## Installation
|
8
|
+
|
9
|
+
Add this line to your application's Gemfile:
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
gem 'pass_signer'
|
13
|
+
```
|
14
|
+
|
15
|
+
And then execute:
|
16
|
+
|
17
|
+
$ bundle
|
18
|
+
|
19
|
+
Or install it yourself as:
|
20
|
+
|
21
|
+
$ gem install pass_signer
|
22
|
+
|
23
|
+
## Usage
|
24
|
+
|
25
|
+
TODO: Write usage instructions here
|
26
|
+
|
27
|
+
## Development
|
28
|
+
|
29
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
30
|
+
|
31
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
32
|
+
|
33
|
+
## Contributing
|
34
|
+
|
35
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/pass_signer. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
|
36
|
+
|
37
|
+
## Code of Conduct
|
38
|
+
|
39
|
+
Everyone interacting in the PassSigner project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/pass_signer/blob/master/CODE_OF_CONDUCT.md).
|
data/Rakefile
ADDED
data/exe/pass_signer
ADDED
@@ -0,0 +1,42 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "pass_signer"
|
4
|
+
require 'optparse'
|
5
|
+
|
6
|
+
options = {}
|
7
|
+
optparse = OptionParser.new do |opts|
|
8
|
+
# Set a banner, displayed at the top of the screen
|
9
|
+
opts.banner = "Usage: sign_pass -p /path/to/pass/directory -c /path/to/ssl/certificate -w certififcate-password -o /path/for/output/file"
|
10
|
+
|
11
|
+
options[:pass_path] = ""
|
12
|
+
opts.on('-p', '--pass FILE', String, 'Path to the pass directory') do |file|
|
13
|
+
puts file
|
14
|
+
options[:pass_path] = file
|
15
|
+
end
|
16
|
+
|
17
|
+
opts.on('-c', '--certificate FILE', String, 'Path to the certificate') do |file|
|
18
|
+
options[:certificate] = file
|
19
|
+
end
|
20
|
+
|
21
|
+
opts.on('-w', '--password PASSWORD', String, 'Certificate password') do |password|
|
22
|
+
options[:certificate_password] = password
|
23
|
+
end
|
24
|
+
|
25
|
+
|
26
|
+
opts.on('-o', '--output FILE', String, 'File location for the output') do |file|
|
27
|
+
options[:output] = file
|
28
|
+
end
|
29
|
+
|
30
|
+
opts.on('-f', '--force', 'Force pass signing by removing manifest and signiture if needed') do |b|
|
31
|
+
options[:force_pass_signing] = b
|
32
|
+
end
|
33
|
+
|
34
|
+
opts.on('-h', '--help', 'Display this screen') do
|
35
|
+
puts opts
|
36
|
+
exit
|
37
|
+
end
|
38
|
+
end
|
39
|
+
optparse.parse!
|
40
|
+
pass = PassSigner.new(options[:pass_path], options[:certificate], options[:certificate_password], options[:output])
|
41
|
+
puts options[:force_pass_signing]
|
42
|
+
pass.sign_pass!(options[:force_pass_signing])
|
data/lib/pass_signer.rb
ADDED
@@ -0,0 +1,158 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'pass_signer/version'
|
4
|
+
require 'fileutils'
|
5
|
+
require 'tmpdir'
|
6
|
+
require 'digest/sha1'
|
7
|
+
require 'json'
|
8
|
+
require 'openssl'
|
9
|
+
require 'zip'
|
10
|
+
|
11
|
+
class PassSigner
|
12
|
+
class Error < StandardError; end
|
13
|
+
|
14
|
+
attr_accessor :pass_url, :certificate_url, :certificate_password, :output_url, :compress_into_zip_file, :temporary_directory, :temporary_path, :manifest_url, :signature_url, :wwdr_intermediate_certificate_path
|
15
|
+
|
16
|
+
def initialize(pass_url, certificate_url, certificate_password, wwdr_intermediate_certificate_path, output_url, compress_into_zip_file = true)
|
17
|
+
self.pass_url = pass_url
|
18
|
+
self.certificate_url = certificate_url
|
19
|
+
self.certificate_password = certificate_password
|
20
|
+
self.wwdr_intermediate_certificate_path = wwdr_intermediate_certificate_path
|
21
|
+
self.output_url = output_url
|
22
|
+
self.compress_into_zip_file = compress_into_zip_file
|
23
|
+
end
|
24
|
+
|
25
|
+
def sign_pass!(force_clean_raw_pass = false)
|
26
|
+
# Validate that requested contents are not a signed and expanded pass archive.
|
27
|
+
validate_directory_as_unsigned_raw_pass(force_clean_raw_pass)
|
28
|
+
|
29
|
+
# Get a temporary place to stash the pass contents
|
30
|
+
create_temporary_directory
|
31
|
+
|
32
|
+
# Make a copy of the pass contents to the temporary folder
|
33
|
+
copy_pass_to_temporary_location
|
34
|
+
|
35
|
+
# Clean out the unneeded .DS_Store files
|
36
|
+
clean_ds_store_files
|
37
|
+
|
38
|
+
# Build the json manifest
|
39
|
+
generate_json_manifest
|
40
|
+
|
41
|
+
# Sign the manifest
|
42
|
+
sign_manifest
|
43
|
+
|
44
|
+
# Package pass
|
45
|
+
compress_pass_file
|
46
|
+
|
47
|
+
# Clean up the temp directory
|
48
|
+
# self.delete_temp_dir
|
49
|
+
end
|
50
|
+
|
51
|
+
# private
|
52
|
+
|
53
|
+
# Ensures that the raw pass directory does not contain signatures
|
54
|
+
def validate_directory_as_unsigned_raw_pass(force_clean = false)
|
55
|
+
force_clean_raw_pass if force_clean
|
56
|
+
|
57
|
+
has_manifiest = File.exist?(File.join(pass_url, '/manifest.json'))
|
58
|
+
puts "Raw pass has manifest? #{has_manifiest}"
|
59
|
+
|
60
|
+
has_signiture = File.exist?(File.join(pass_url, '/signature'))
|
61
|
+
puts "Raw pass has signature? #{has_signiture}"
|
62
|
+
|
63
|
+
if has_signiture || has_manifiest
|
64
|
+
raise "#{pass_url} contains pass signing artificats that need to be removed before signing."
|
65
|
+
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
def force_clean_raw_pass
|
70
|
+
puts 'Force cleaning the raw pass directory.'
|
71
|
+
if File.exist?(File.join(pass_url, '/manifest.json'))
|
72
|
+
File.delete(File.join(pass_url, '/manifest.json'))
|
73
|
+
end
|
74
|
+
|
75
|
+
if File.exist?(File.join(pass_url, '/signature'))
|
76
|
+
File.delete(File.join(pass_url, '/signature'))
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
# Creates a temporary place to work with the pass files without polluting the original
|
81
|
+
def create_temporary_directory
|
82
|
+
self.temporary_directory = Dir.mktmpdir
|
83
|
+
puts "Creating temp dir at #{temporary_directory}"
|
84
|
+
self.temporary_path = temporary_directory + '/' + pass_url.split('/').last
|
85
|
+
|
86
|
+
# Check if the directory exists
|
87
|
+
if File.directory?(temporary_path)
|
88
|
+
# Need to clean up the directory
|
89
|
+
FileUtils.rm_rf(temporary_path)
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
# Copies the pass contents to the temporary location
|
94
|
+
def copy_pass_to_temporary_location
|
95
|
+
puts 'Copying pass to temp directory.'
|
96
|
+
FileUtils.cp_r(pass_url, temporary_directory)
|
97
|
+
end
|
98
|
+
|
99
|
+
# Removes .DS_Store files if they exist
|
100
|
+
def clean_ds_store_files
|
101
|
+
puts 'Cleaning .DS_Store files'
|
102
|
+
Dir.glob(temporary_path + '**/.DS_Store').each do |file|
|
103
|
+
File.delete(file)
|
104
|
+
end
|
105
|
+
end
|
106
|
+
|
107
|
+
# Creates a json manifest where each files contents has a SHA1 hash
|
108
|
+
def generate_json_manifest
|
109
|
+
puts 'Generating JSON manifest'
|
110
|
+
manifest = {}
|
111
|
+
# Gather all the files and generate a sha1 hash
|
112
|
+
Dir.glob(temporary_path + '/**').each do |file|
|
113
|
+
manifest[File.basename(file)] = Digest::SHA1.hexdigest(File.read(file))
|
114
|
+
end
|
115
|
+
|
116
|
+
# Write the hash dictionary out to a manifest file
|
117
|
+
self.manifest_url = temporary_path + '/manifest.json'
|
118
|
+
File.open(manifest_url, 'w') do |f|
|
119
|
+
f.write(manifest.to_json)
|
120
|
+
end
|
121
|
+
end
|
122
|
+
|
123
|
+
def sign_manifest
|
124
|
+
puts 'Signing the manifest'
|
125
|
+
# Import the certificates
|
126
|
+
p12_certificate = OpenSSL::PKCS12.new(File.read(certificate_url), certificate_password)
|
127
|
+
wwdr_certificate = OpenSSL::X509::Certificate.new(File.read(wwdr_intermediate_certificate_path))
|
128
|
+
|
129
|
+
# Sign the data
|
130
|
+
flag = OpenSSL::PKCS7::BINARY | OpenSSL::PKCS7::DETACHED
|
131
|
+
signed = OpenSSL::PKCS7.sign(p12_certificate.certificate, p12_certificate.key, File.read(manifest_url), [wwdr_certificate], flag)
|
132
|
+
|
133
|
+
# Create an output path for the signed data
|
134
|
+
self.signature_url = temporary_path + '/signature'
|
135
|
+
|
136
|
+
# Write out the data
|
137
|
+
File.open(signature_url, 'w') do |f|
|
138
|
+
f.syswrite signed.to_der
|
139
|
+
end
|
140
|
+
end
|
141
|
+
|
142
|
+
def compress_pass_file
|
143
|
+
puts 'Compressing the pass'
|
144
|
+
zipped_file = File.open(output_url, 'w')
|
145
|
+
|
146
|
+
Zip::OutputStream.open(zipped_file.path) do |z|
|
147
|
+
Dir.glob(temporary_path + '/**').each do |file|
|
148
|
+
z.put_next_entry(File.basename(file))
|
149
|
+
z.print IO.read(file)
|
150
|
+
end
|
151
|
+
end
|
152
|
+
zipped_file
|
153
|
+
end
|
154
|
+
|
155
|
+
def delete_temp_dir
|
156
|
+
FileUtils.rm_rf(temporary_path)
|
157
|
+
end
|
158
|
+
end
|
data/pass_signer.gemspec
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
lib = File.expand_path('lib', __dir__)
|
4
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
5
|
+
require 'pass_signer/version'
|
6
|
+
|
7
|
+
Gem::Specification.new do |spec|
|
8
|
+
spec.name = 'pass_signer'
|
9
|
+
spec.version = PassSigner::VERSION
|
10
|
+
spec.authors = ['Patrick Metcalfe']
|
11
|
+
spec.email = ['git@patrickmetcalfe.com']
|
12
|
+
spec.license = 'GPL-3.0'
|
13
|
+
spec.summary = 'Signs passes for Apple Wallet.'
|
14
|
+
spec.description = 'Apple Wallet passes require signing. Apple provides code for this, it isnt ideal.'
|
15
|
+
spec.homepage = 'https://github.com/pducks32/pass_signer'
|
16
|
+
|
17
|
+
# Specify which files should be added to the gem when it is released.
|
18
|
+
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
19
|
+
spec.files = Dir.chdir(File.expand_path(__dir__)) do
|
20
|
+
`git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
21
|
+
end
|
22
|
+
spec.bindir = 'exe'
|
23
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
24
|
+
spec.require_paths = ['lib']
|
25
|
+
|
26
|
+
spec.add_development_dependency 'bundler', '~> 2.0'
|
27
|
+
spec.add_development_dependency 'rake', '~> 12'
|
28
|
+
spec.add_development_dependency 'rspec', '~> 3.0'
|
29
|
+
spec.add_development_dependency 'rubocop', '~> 0'
|
30
|
+
spec.add_development_dependency 'rubocop-performance'
|
31
|
+
spec.add_development_dependency 'solargraph'
|
32
|
+
|
33
|
+
spec.add_dependency 'rubyzip'
|
34
|
+
end
|
metadata
ADDED
@@ -0,0 +1,159 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: pass_signer
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Patrick Metcalfe
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-05-23 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '2.0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '2.0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '12'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '12'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '3.0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '3.0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rubocop
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rubocop-performance
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: solargraph
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rubyzip
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :runtime
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
description: Apple Wallet passes require signing. Apple provides code for this, it
|
112
|
+
isnt ideal.
|
113
|
+
email:
|
114
|
+
- git@patrickmetcalfe.com
|
115
|
+
executables:
|
116
|
+
- pass_signer
|
117
|
+
extensions: []
|
118
|
+
extra_rdoc_files: []
|
119
|
+
files:
|
120
|
+
- ".gitignore"
|
121
|
+
- ".rspec"
|
122
|
+
- ".rubocop.yml"
|
123
|
+
- ".travis.yml"
|
124
|
+
- ".vscode/launch.json"
|
125
|
+
- CODE_OF_CONDUCT.md
|
126
|
+
- Gemfile
|
127
|
+
- Gemfile.lock
|
128
|
+
- README.md
|
129
|
+
- Rakefile
|
130
|
+
- bin/console
|
131
|
+
- bin/setup
|
132
|
+
- exe/pass_signer
|
133
|
+
- lib/pass_signer.rb
|
134
|
+
- lib/pass_signer/version.rb
|
135
|
+
- pass_signer.gemspec
|
136
|
+
homepage: https://github.com/pducks32/pass_signer
|
137
|
+
licenses:
|
138
|
+
- GPL-3.0
|
139
|
+
metadata: {}
|
140
|
+
post_install_message:
|
141
|
+
rdoc_options: []
|
142
|
+
require_paths:
|
143
|
+
- lib
|
144
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
145
|
+
requirements:
|
146
|
+
- - ">="
|
147
|
+
- !ruby/object:Gem::Version
|
148
|
+
version: '0'
|
149
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
150
|
+
requirements:
|
151
|
+
- - ">="
|
152
|
+
- !ruby/object:Gem::Version
|
153
|
+
version: '0'
|
154
|
+
requirements: []
|
155
|
+
rubygems_version: 3.0.1
|
156
|
+
signing_key:
|
157
|
+
specification_version: 4
|
158
|
+
summary: Signs passes for Apple Wallet.
|
159
|
+
test_files: []
|