provisinfo 0.1.3 → 0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c085fa743d77df73e59ee42b73987675bbc18480
-  data.tar.gz: 15a477681c5149f289e4797c9d506886b9a14f57
+  metadata.gz: 84c054f090b22dc5feecaf2bc9951589edf5fba4
+  data.tar.gz: 6279105bd9997ce3c9a4b9009d9b07b7868ffcb7
 SHA512:
-  metadata.gz: 1b369a3e0588122af96126ca30e0a5da5915ed2b86666f350ca0694c8f21997309967d9c4468c9a2a831f2168920e40db7c312271b762f23cf693ab0a2e50a34
-  data.tar.gz: 7d34953cee8f38db88618126e3cb65e6c9b39f5d8c4c9f2c0548c95b381a2563aeed94ff851b0cc11ca0b84e954bde959875923a6819ebaf21d769b3ccb61d9a
+  metadata.gz: 2c43fce6c23ec7d1e17cd57027f7f6adb9657fd6d2b956619ce195cecef29036636f72dbdd6d45c0cf8d61b8a970bf35f30aad1194d5d5cb1cf53bc2f0c3ed6c
+  data.tar.gz: 1816daafdcec1e08860b97cf8c4002b7de72633312d6b9746d6bbfcab2241dffc09bd53d30aed642ee4ccc94fb74410206f31e05d9cfdd2b50b7664d58ce3d74

data/README.md

@@ -21,7 +21,9 @@ Or install it yourself as:
 ## Usage
 It can be used like a CLI client:
     
-    provisinfo info --filepath p1.mobileprovision   
+    provisinfo info --filename p1.mobileprovision   
+
+    provisinfo validate --provisioning p1.mobileprovision --certificate cert.p12
 
 Or you can use in your code:
 
@@ -31,6 +33,7 @@ Or you can use in your code:
     
     #access to any property
     p1.appID
+    puts p1.expirationDate < DateTime.now ? "Expired" : "Active"
     
     
 ## Development

data/bin/provisinfo

@@ -9,10 +9,12 @@ program :description, 'CLI for \'provisinfo\' - Provisioning for Human beings. E
 program :help, 'Author', 'Oswaldo Rubio <osrufung@gmail.com>'
 program :help, 'GitHub', 'https://github.com/osrufung/provisinfo'
     
+default_command :info
+
 command :info do |c|
   c.syntax = 'provisinfo info [options]'
-  c.summary = 'Extracts information from mobileprovision file'
-  c.description = 'Show user friendly information from mobileprovision file'
+  c.summary = 'Show user friendly information from mobileprovision file'
+  c.description = c.summary
   c.example 'description', 'provisinfo info --filename prov1.mobileprovision'
   c.option '--filename STRING', 'String','.mobileprovision filepath'
   c.action do |args, options|
@@ -20,3 +22,16 @@ command :info do |c|
     Provisinfo.show_info(options.filename)
   end
 end
+
+command :validate do |c|
+  c.syntax = 'provisinfo validate [options]'
+  c.summary = 'Validates that a provisioning profile was signed with a given developer certificate'
+  c.description = c.summary
+  c.example 'description', 'provisinfo validate --provisioning prov1.mobileprovision --certificate cert.p12'
+  c.option '--provisioning STRING', 'String','.mobileprovision filepath'
+  c.option '--certificate STRING', 'String','path to a p12 certificate.'
+  c.action do |args, options|
+    # Do something or c.when_called Provisioning info::Commands::Name    
+    Provisinfo.validate(options.provisioning,options.certificate)
+  end
+end

data/lib/provisinfo/provisioning.rb

@@ -2,6 +2,15 @@ require 'plist'
 require 'json'
 require 'date'
 
+require "openssl"
+require "rexml/document"
+ 
+RED = 31
+GREEN = 32
+
+def puts_message(color, code, text)
+  puts "[ \e[#{color}m#{code.upcase}\e[0m ] #{text}"
+end
 
 class Provisioning
   attr_accessor :name
@@ -13,9 +22,10 @@ class Provisioning
   attr_accessor :expirationDate
   
   #by default, it will load the first .mobileprovision file in current directory
+
   def initialize(filename = nil)   
     if filename.nil?
-	    @filename = self.class.list_files().first 
+	    @filename = self.class.list_provisioning_files().first 
 	  else
       @filename = filename
     end	   
@@ -27,7 +37,9 @@ class Provisioning
     end
 	  
   end
-  
+ 
+ 
+
   def load_from_file()    
     xml_raw = `security cms -D -i #{@filename}` 
 	  xml_parsed = Plist::parse_xml(xml_raw)   
@@ -36,11 +48,10 @@ class Provisioning
 	  @uuid = xml_parsed['UUID']    
 	  @appID = xml_parsed['Entitlements']['application-identifier']
     @expirationDate = xml_parsed['ExpirationDate']
-  
 
   end
  
-  def self.list_files()
+  def self.list_provisioning_files()
     provisioning_file_paths = []
 	  Dir.entries('.').each do |path|
 	    provisioning_file_paths << path if path=~ /.*\.mobileprovision$/
@@ -62,10 +73,54 @@ class Provisioning
     
   end 
   
-end
+  def matches_certificate?(certificate_filename, password)
+
+    if certificate_filename.nil? or not File.exists?(certificate_filename)
+      abort("can't find the certificate file.")
+    end
+
+    profile = File.read(self.filename)
+    certificate = File.read(certificate_filename)
+    p7 = OpenSSL::PKCS7.new(profile)
+    cert = OpenSSL::PKCS12.new(certificate, password)
+    store = OpenSSL::X509::Store.new
+    p7.verify([], store)
+
+    plist = REXML::Document.new(p7.data)
+    plist.elements.each('/plist/dict/key') do |ele|
+    if ele.text == "DeveloperCertificates"
+      keys = ele.next_element
+      key = keys.get_elements('//array/data')[0].text
+
+      key = key.scan(/.{1,64}/).join("\n")
+
+      profile_cert = "-----BEGIN CERTIFICATE-----\n" + key.gsub(/\t/, "") + "\n-----END CERTIFICATE-----\n"
+      
+      @provisioning_cert = OpenSSL::X509::Certificate.new(profile_cert)
+    end
+  end
+  
+  return @provisioning_cert.to_s != cert.certificate.to_s
+  end
+
+ end
   
   
 if __FILE__ == $0
-  p1 = Provisioning.new('failed.mobileprovision')
+
+  # failed test case
+  p1 = Provisioning.new('3WKJWX.mobileprovision')
   p1.show_info()  
+  p p1.expirationDate < DateTime.now ? "Expired" : "Active"
+
+ 
+  # Validation case
+    p1 = Provisioning.new('3WKJWX.mobileprovision')
+    
+   if p1.matches_certificate?('3WKJWX.p12','')
+    puts_message(RED, "error", "Provisioning profile was not signed with provided certificate.")
+   else
+    puts_message(GREEN, "passed", "Provisioning profile matches certificate file.")
+  end
+
 end  

data/lib/provisinfo/version.rb

@@ -1,3 +1,3 @@
 module Provisinfo
-  VERSION = "0.1.3"
+  VERSION = "0.1.4"
 end

data/lib/provisinfo.rb

@@ -2,8 +2,13 @@ require 'provisinfo/version'
 require 'provisinfo/provisioning'
 
 module Provisinfo
-  def self.show_info(provisioninFileName)
-    p1 = Provisioning.new(provisioninFileName)
+  def self.show_info(provisioningFileName)
+    p1 = Provisioning.new(provisionginFileName)
     p1.show_info()         
   end
+
+  def self.validate(provisioningFileName,certificateFileName)
+  	p1 = Provisioning.new(provisioningFileName)
+  	p1.validate(certificateFileName)
+  end
 end

data/provisinfo.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
   spec.email         = ["osrufung@gmail.com"]
 
   spec.summary       = %q{A provisioning profile CLI inspector}
-  spec.description   = %q{A simple provisioning profile CLI inspector to extract metadata from .mobileprovision file.}
+  spec.description   = %q{A simple provisioning profile CLI inspector to extract metadata from .mobileprovision file and validate iOS p12 certificates.}
   spec.homepage      = "https://github.com/osrufung/provisinfo"
 
 
@@ -23,4 +23,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_dependency 'commander', '~> 4.1'
   spec.add_dependency 'plist', '~> 3.1.0'
+
+  
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: provisinfo
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - Oswaldo Rubio
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-21 00:00:00.000000000 Z
+date: 2015-11-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -67,7 +67,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 3.1.0
 description: A simple provisioning profile CLI inspector to extract metadata from
-  .mobileprovision file.
+  .mobileprovision file and validate iOS p12 certificates.
 email:
 - osrufung@gmail.com
 executables: