wtapack 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3dc6a0f4020613af0a67a7cc7276e689b595fe57
+  data.tar.gz: 662ebe71614a404c1893add26c317bce10dbb7e5
+SHA512:
+  metadata.gz: e72e8366278bf4bf09a64fc7f0a9790681ff2fa65a7e30757d6e72326503c4beb9ccccd6b123e68002f15aaa2694f531717d7582b354774ec2ad0624c61476ea
+  data.tar.gz: da4c0a2f0fcdd50bf9ece15e093cd64fb6232c7abf224597148c24adc632bb77b371a24052acfe6b592b55e3b11b9c21d8fdeee1ae34c7a1953312dc4b5a1c12

data/ext/wtapack/CodeSigner.h

@@ -0,0 +1,14 @@
+//
+//  CodeSigner.h
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+@import Foundation;
+
+@interface CodeSigner : NSObject
++ (void)signBinary:(NSURL*)binaryURL;
++ (void)signFramework:(NSURL*)frameworkURL;
+@end

data/ext/wtapack/CodeSigner.m

@@ -0,0 +1,197 @@
+//
+//  CodeSigner.m
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+#import "CodeSigner.h"
+#import <objc/runtime.h>
+#import "ErrorHandler.h"
+
+void validateSigningIdentity(NSString* identity);
+
+@implementation CodeSigner
++ (NSString*)signingIdentity
+{
+    NSString* result = objc_getAssociatedObject(self, @selector(signingIdentity));
+    if (!result)
+    {
+        result = [[NSUserDefaults standardUserDefaults] stringForKey:@"sign"];
+        //validateSigningIdentity(result); /* Rakefile does this */
+        objc_setAssociatedObject(self, @selector(signingIdentity), result, OBJC_ASSOCIATION_COPY_NONATOMIC);
+    }
+    
+    return result;
+}
+
++ (NSString*)codesignFormatString
+{
+    NSString* result = objc_getAssociatedObject(self, @selector(codesignFormatString));
+    if (!result)
+    {
+        NSString* signingIdentity = [self signingIdentity];
+        result = [NSString stringWithFormat:@"/usr/bin/codesign --force --preserve-metadata=identifier,entitlements,resource-rules --sign %@ --resource-rules=\"%%@\" --entitlements \"%%@\" \"%%@\"", signingIdentity];
+        
+        objc_setAssociatedObject(self, @selector(codesignFormatString), result, OBJC_ASSOCIATION_COPY_NONATOMIC);
+    }
+    
+    return result;
+}
+
++ (void)signBinary:(NSURL *)binaryURL
+{
+    NSString* codesign = [NSString stringWithFormat:[self codesignFormatString], [binaryURL URLByAppendingPathComponent:@"ResourceRules.plist"].path, [binaryURL URLByAppendingPathComponent:@"Entitlements.plist"].path, binaryURL.path];
+    
+    printf("%s\n", codesign.UTF8String);
+    
+    [self codesign:codesign failureMessage:@"Codesigning Failed!"];
+}
+
++ (void)signFramework:(NSURL *)frameworkURL
+{
+    NSString* codesign = [NSString stringWithFormat:@"/usr/bin/codesign --force -v --sign \"%@\" \"%@\"",
+                          [self signingIdentity],
+                          frameworkURL.path];
+    
+    printf("%s\n", codesign.UTF8String);
+    
+    [self codesign:codesign failureMessage:@"Framework Codesigning Failed!"];
+}
+
++ (void)codesign:(NSString*)codesignString failureMessage:(NSString*)message
+{
+    // Lots of nonsense here so we can capture the output of the codesign command to display as
+    // we please instead of as it pleases.
+    
+    const char* template = "/tmp/codesignOut.XXXXXXX";
+    size_t length = strlen(template);
+    char* temp = calloc(1, length);
+    strncpy(temp, template, length);
+    
+    int fileno = mkstemp(temp);
+    int retVal = system([codesignString stringByAppendingString:[NSString stringWithFormat:@">& %s", temp]].UTF8String);
+    
+    close(fileno);
+    NSString* tempFilePath = [NSString stringWithUTF8String:temp];
+    NSString* codesignOuput = [[NSString alloc] initWithContentsOfFile:tempFilePath
+                                                              encoding:NSUTF8StringEncoding
+                                                                 error:NULL];
+    [[NSFileManager defaultManager] removeItemAtPath:tempFilePath
+                                               error:NULL];
+    free(temp);
+    
+    if (retVal != 0)
+    {
+        [ErrorHandler fatalErrorWithMessage:[NSString stringWithFormat:@"%@\ncodesign output: %@",
+                                             message,
+                                             codesignOuput]
+                                   exitCode:retVal];
+    }
+    else
+    {
+        fprintf(stdout, "%s", codesignOuput.UTF8String);
+    }
+}
+@end
+
+// It turned out the Rakefile already does the below, so no point in doing it twice.
+
+// So the lesson of this function is that the keychain API is very confusing and difficult
+// to work with. This function loops through all the certificates in the keychain, and checks the
+// SHA1 digest (which has to be calculated, it cannot be gotten from the keychain API directly)
+// against the one passed in. If it finds a match, it verifies that the certificate is trusted.
+//void validateSigningIdentity(NSString* identity)
+//{
+//    NSDictionary* query = @{ (__bridge id)kSecClass : (__bridge id)kSecClassCertificate,
+//                             (__bridge id)kSecReturnRef : (__bridge id)kCFBooleanTrue,
+//                             (__bridge id)kSecMatchLimit : (__bridge id)kSecMatchLimitAll };
+//    
+//    CFTypeRef result = NULL;
+//    OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)(query), &result);
+//    if (status)
+//    {
+//        CFStringRef errorString = SecCopyErrorMessageString(status, 0);
+//        NSLog(@"status is %@, result is %@", errorString, (__bridge id)result);
+//        CFRelease(errorString);
+//        [ErrorHandler fatalErrorWithMessage:@"Could not find signing identity"
+//                                   exitCode:status];
+//    }
+//    
+//    BOOL certificateFound = NO;
+//
+//    for (id certificate in (__bridge NSArray*)result)
+//    {
+//        CFErrorRef error = NULL;
+//        SecCertificateRef certificateRef = (__bridge SecCertificateRef)certificate;
+//        SecTransformRef transformRef = SecDigestTransformCreate(kSecDigestSHA1, 0, &error);
+//        CFDataRef certData = SecCertificateCopyData(certificateRef);
+//        SecTransformSetAttribute(transformRef, kSecTransformInputAttributeName, certData, &error);
+//        if (error)
+//        {
+//            NSLog(@"%@", (__bridge NSError*)error);
+//        }
+//        CFDataRef output = SecTransformExecute(transformRef, &error);
+//        if (error)
+//        {
+//            NSLog(@"%@", (__bridge NSError*)error);
+//        }
+//        CFRelease(certData);
+//        
+//        NSData* outputData = (__bridge NSData*)output;
+//        
+//        NSCharacterSet* greaterLessSet = [NSCharacterSet characterSetWithCharactersInString:@"<>"];
+//        NSString* description = [[outputData.description stringByTrimmingCharactersInSet:greaterLessSet] stringByReplacingOccurrencesOfString:@" "
+//                                                                                                                                   withString:@""];
+//        CFRelease(output);
+//        CFRelease(transformRef);
+//        if(error)
+//        {
+//            CFRelease(error);
+//        }
+//        
+//        if ([description compare:identity options:NSCaseInsensitiveSearch] == NSOrderedSame)
+//        {
+//            SecTrustRef trustRef = NULL;
+//            SecPolicyRef policyRef = SecPolicyCreateBasicX509();
+//            status = SecTrustCreateWithCertificates(certificateRef, policyRef, &trustRef);
+//            if (status)
+//            {
+//                CFStringRef errorString = SecCopyErrorMessageString(status, 0);
+//                NSLog(@"%@", errorString);
+//                CFRelease(errorString);
+//            }
+//            SecTrustResultType trustResult;
+//            status = SecTrustEvaluate(trustRef, &trustResult);
+//            if (status)
+//            {
+//                CFStringRef errorString = SecCopyErrorMessageString(status, 0);
+//                NSLog(@"%@", errorString);
+//                CFRelease(errorString);
+//            }
+//            
+//            if ((trustResult != kSecTrustResultDeny) &&
+//                (trustResult != kSecTrustResultFatalTrustFailure) &&
+//                (trustResult != kSecTrustResultInvalid) &&
+//                (trustResult != kSecTrustResultOtherError) &&
+//                (trustResult != kSecTrustResultRecoverableTrustFailure))
+//            {
+//                certificateFound = YES;
+//            }
+//            CFRelease(certificateRef);
+//            CFRelease(trustRef);
+//            CFRelease(policyRef);
+//            break;
+//        }
+//        
+//        CFRelease(certificateRef);
+//
+//    }
+//
+//    if (!certificateFound)
+//    {
+//        [ErrorHandler fatalErrorWithMessage:[NSString stringWithFormat:@"No valid certificate with SHA1 %@ found", identity]
+//                                   exitCode:EX_DATAERR];
+//    }
+//}

data/ext/wtapack/ErrorHandler.h

@@ -0,0 +1,19 @@
+//
+//  ErrorHandler.h
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+@import Foundation;
+#import <sysexits.h>
+
+@interface ErrorHandler : NSObject
+// Used for cleaning up after ourselves in the event of an error
++ (void)setTemporaryDirectory:(NSURL*)tempDir;
+
+// Display an error meesage to stderr then exit cleanly.
++ (void)fatalErrorWithMessage:(NSString*)message exitCode:(int)code;
++ (void)fatalErrorWithError:(NSError*)error additionalMessage:(NSString*)message;
+@end

data/ext/wtapack/ErrorHandler.m

@@ -0,0 +1,53 @@
+//
+//  ErrorHandler.m
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+#import "ErrorHandler.h"
+#import <objc/runtime.h>
+
+@implementation ErrorHandler
++ (NSURL*)temporaryDirectory
+{
+    return objc_getAssociatedObject(self, @selector(temporaryDirectory));
+}
+
++ (void)setTemporaryDirectory:(NSURL *)tempDir
+{
+    NSURL* result = [self temporaryDirectory];
+    if ([result isEqual:tempDir])
+    {
+        return;
+    }
+    
+    objc_setAssociatedObject(self, @selector(temporaryDirectory), tempDir, OBJC_ASSOCIATION_RETAIN_NONATOMIC);
+}
+
++ (void)fatalErrorWithMessage:(NSString *)message exitCode:(int)code
+{
+    fprintf(stderr, "%s\n", message.UTF8String);
+    
+    [self cleanupAndExitWithCode:code];
+}
+
++ (void)fatalErrorWithError:(NSError *)error additionalMessage:(NSString *)message
+{
+    fprintf(stderr, "%s with error: %s", message.UTF8String, [NSString stringWithFormat:@"%@", error].UTF8String);
+    [self cleanupAndExitWithCode:error.code];
+}
+
++ (void)cleanupAndExitWithCode:(NSInteger)code
+{
+    NSURL* tempDir = [self temporaryDirectory];
+    if (tempDir)
+    {
+        [[NSFileManager defaultManager] removeItemAtURL:tempDir
+                                                  error:NULL];
+    }
+    
+    exit((int)code);
+}
+@end

data/ext/wtapack/NSArray+WTAMap.h

@@ -0,0 +1,15 @@
+//
+//  NSArray+WTAMap.h
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+@import Foundation;
+
+typedef id (^arrayObjectFunc)(id obj);
+
+@interface NSArray (WTAMap)
+- (NSArray*)wta_map:(arrayObjectFunc)func;
+@end

data/ext/wtapack/NSArray+WTAMap.m

@@ -0,0 +1,24 @@
+//
+//  NSArray+WTAMap.m
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+#import "NSArray+WTAMap.h"
+
+@implementation NSArray (WTAMap)
+- (NSArray *)wta_map:(arrayObjectFunc)func
+{
+    NSMutableArray* newArray = [NSMutableArray arrayWithCapacity:self.count];
+    
+    dispatch_apply(self.count, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0),
+                   ^(size_t i) {
+                       id obj = self[i];
+                       [newArray addObject:func(obj)];
+                   });
+    
+    return [NSArray arrayWithArray:newArray];
+}
+@end

data/ext/wtapack/ProfileManager.h

@@ -0,0 +1,18 @@
+//
+//  ProfileManager.h
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+@import Foundation;
+
+@interface ProfileManager : NSObject
+- (instancetype)initWithKey:(NSString*)profileUUIDKey bundleURL:(NSURL*)bundleURL;
+
+@property (strong, nonatomic, readonly) NSDictionary* provisioningProfile;
+
+- (void)replaceProfile;
+- (void)replaceEntitlements;
+@end

data/ext/wtapack/ProfileManager.m

@@ -0,0 +1,151 @@
+//
+//  ProfileManager.m
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+#import "ProfileManager.h"
+#import "ErrorHandler.h"
+@import Security;
+
+@interface ProfileManager ()
+{
+    __strong NSDictionary* _provisioningProfile;
+}
+@property (strong, nonatomic) NSURL* profileURL;
+@property (strong, nonatomic) NSURL* bundleURL;
+@end
+
+@implementation ProfileManager
+#pragma mark Initializers
+- (instancetype)initWithKey:(NSString *)profileUUIDKey bundleURL:(NSURL *)bundleURL
+{
+    self = [super init];
+    if (self)
+    {
+        NSString* profileUUID = [[NSUserDefaults standardUserDefaults] stringForKey:profileUUIDKey];
+        if (!profileUUID)
+        {
+            NSString* errorString = [NSString stringWithFormat:@"You must specify a profile for key \"%@\".",
+                                     profileUUIDKey];
+            [ErrorHandler fatalErrorWithMessage:errorString
+                                       exitCode:EX_USAGE];
+        }
+        
+        NSString* provisioningProfilePath = [[NSString stringWithFormat:@"~/Library/MobileDevice/Provisioning Profiles/%@.mobileprovision",
+                                              profileUUID] stringByExpandingTildeInPath];
+        
+        if ([[NSFileManager defaultManager] fileExistsAtPath:provisioningProfilePath])
+        {
+            _profileURL = [NSURL fileURLWithPath:provisioningProfilePath];
+        }
+        else
+        {
+            NSString* errorString = [NSString stringWithFormat:@"Specifed provisioning profile %@ does not exist",
+                                     profileUUID];
+            
+            [ErrorHandler fatalErrorWithMessage:errorString
+                                       exitCode:EX_NOINPUT];
+        }
+        
+        _bundleURL = bundleURL;
+    }
+    
+    return self;
+}
+
+#pragma mark Instance Methods
+- (void)replaceProfile
+{
+    NSFileManager* fm = [NSFileManager defaultManager];
+    
+    NSError* error = nil;
+    
+    NSURL* destinationPPURL = [self.bundleURL URLByAppendingPathComponent:@"embedded.mobileprovision"];
+    // Delete the old one (we don't care if this fails)
+    [fm removeItemAtURL:destinationPPURL
+                  error:NULL];
+    
+    // Copy in the new one
+    BOOL success = [fm copyItemAtURL:self.profileURL
+                               toURL:destinationPPURL
+                               error:&error];
+    
+    if (!success)
+    {
+        [ErrorHandler fatalErrorWithError:error
+                        additionalMessage:@"Failed to copy new profile into place."];
+    }
+}
+
+- (void)replaceEntitlements
+{
+    NSMutableDictionary* entitlementsDict = self.provisioningProfile[@"Entitlements"];
+    
+    entitlementsDict[@"get-task-allow"] = @NO;
+    
+    NSError* error = nil;
+    NSData* entitlementsData = [NSPropertyListSerialization dataWithPropertyList:entitlementsDict
+                                                                          format:NSPropertyListXMLFormat_v1_0
+                                                                         options:0
+                                                                           error:&error];
+    if (error)
+    {
+        [ErrorHandler fatalErrorWithError:error
+                        additionalMessage:@"Failed to serialize entitlements plist"];
+    }
+    
+    BOOL success = [entitlementsData writeToURL:[self.bundleURL URLByAppendingPathComponent:@"Entitlements.plist"]
+                                     atomically:YES];
+    if (!success)
+    {
+        NSString* errorString = [NSString stringWithFormat:@"Failed to write Entitlements.plist to %@",
+                                 self.bundleURL.path];
+        [ErrorHandler fatalErrorWithMessage:errorString
+                                   exitCode:EX_CANTCREAT];
+    }
+}
+
+#pragma mark Getters/Setters
+- (NSDictionary*)provisioningProfile
+{
+    if (!_provisioningProfile)
+    {
+        _provisioningProfile = [self.class getProvisioningProfile:self.profileURL.path];
+    }
+    
+    return _provisioningProfile;
+}
+
+#pragma mark Utility Methods
++ (NSDictionary *)getProvisioningProfile:(NSString *)profilePath
+{
+    CMSDecoderRef decoder;
+    CMSDecoderCreate(&decoder);
+    NSData* encodedData = [NSData dataWithContentsOfFile:profilePath];
+    CMSDecoderUpdateMessage(decoder, encodedData.bytes, encodedData.length);
+    CMSDecoderFinalizeMessage(decoder);
+    
+    CFDataRef decodedDataRef;
+    CMSDecoderCopyContent(decoder, &decodedDataRef);
+    
+    NSPropertyListFormat format;
+    NSError* error = nil;
+    NSDictionary* profile = [NSPropertyListSerialization propertyListWithData:(__bridge NSData*)decodedDataRef
+                                                                      options:NSPropertyListMutableContainersAndLeaves
+                                                                       format:&format
+                                                                        error:&error];
+    CFRelease(decoder);
+    CFRelease(decodedDataRef);
+    
+    if (error)
+    {
+        [ErrorHandler fatalErrorWithError:error
+                        additionalMessage:@"Failed to deserialize provisioning profile."];
+    }
+    
+    return profile;
+}
+@end

data/ext/wtapack/extconf.rb

@@ -0,0 +1,8 @@
+require 'mkmf'
+extension_name = 'wtapack'
+dir_config(extension_name)
+MODULE_CACHE = "#{ENV['HOME']}/Library/Developer/Xcode/DerivedData/ModuleCache"
+ISYSROOT_PATH = `xcrun -sdk macosx10.9 --show-sdk-path`
+$CFLAGS = "-fmessage-length=0 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -std=gnu99 -fobjc-arc -fmodules -fmodules-cache-path=#{MODULE_CACHE} -fmodules-prune-interval=86400 -fmodules-prune-after=345600 -isysroot #{ISYSROOT_PATH} -mmacosx-version-min=10.9 -fasm-blocks -fstrict-aliasing -Os -march=native -flto -Wall -Wpedantic -Werror"
+$LFLAGS = "-isysroot $(ISYSROOT_PATH) -mmacosx-version-min=10.9 -flto -framework Foundation"
+create_makefile(extension_name)

data/ext/wtapack/main.h

@@ -0,0 +1,7 @@
+#ifndef MAIN_H
+#define MAIN_H
+
+int rb_main(int argc, char** argv);
+
+#endif
+

data/ext/wtapack/main.m

@@ -0,0 +1,250 @@
+//
+//  main.m
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/10/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+@import Foundation;
+#import "ProfileManager.h"
+#import "CodeSigner.h"
+#import "updateBundleID.h"
+#import "NSArray+WTAMap.h"
+#import "ErrorHandler.h"
+#import <ruby.h>
+
+static NSString* const usageString = @"Usage: %s -input <path to original .app> \
+-profile <provisioning profile UUID> -sign <SHA1 for valid certificate> \
+[-bundleID <new bundleID>] [-extensions <comma-separated list of extensions>] \
+[-<extension name> <extension provisioning profile UUID> ...] -output <path to output ipa>";
+
+void showUsageAndExit(void);
+
+VALUE rb_main(int argc, const char * argv[]) {
+    @autoreleasepool {
+
+        NSMutableArray* arguments = [NSMutableArray arrayWithCapacity: argc];
+        for (int i = 0; i < argc; i++)
+        {
+            NSString* string = [[NSString stringWithUTF8String:argv[i]] stringByReplacingOccurrencesOfString:@"\"" withString:@""];
+            NSCharacterSet* comma = [NSCharacterSet characterSetWithCharactersInString:@","];
+            string = [string stringByTrimmingCharactersInSet:comma];
+            [arguments addObject:string];
+        }
+
+        for (NSString* argument in arguments)
+        {
+            if ([argument isEqualToString:@"-help"])
+            {
+                showUsageAndExit();
+            }
+        }
+        
+        NSMutableDictionary* registrationDict = [NSMutableDictionary dictionary];
+        for (int i = 1; i < arguments.count; i+=2)
+        {
+            NSString* key = [arguments[i] substringFromIndex:1];
+            registrationDict[key] = arguments[i+1];
+        }
+       
+        NSLog(@"%@", registrationDict);
+        NSFileManager* fm = [NSFileManager defaultManager];
+        NSUserDefaults* standardDefaults = [NSUserDefaults standardUserDefaults];
+        [standardDefaults registerDefaults: registrationDict];
+        
+        NSError* error = nil;
+ 
+        // Read in the input directory, bail if it doesn't exist
+        NSString* origAppName = [standardDefaults stringForKey:@"input"];
+        if (!origAppName)
+        {
+            showUsageAndExit();
+        }
+        
+        // Check to see if output key exists
+        NSString* outputPathString = [standardDefaults valueForKey:@"output"];
+        if (!outputPathString)
+        {
+            showUsageAndExit();
+        }
+        
+        NSString* newBundleID = [standardDefaults stringForKey:@"bundleID"];
+        
+        // Create a temporary location to do our work
+        NSURL* tmpDirURL = [fm URLForDirectory:NSItemReplacementDirectory
+                                      inDomain:NSUserDomainMask
+                             appropriateForURL:[NSURL fileURLWithPath:@"PackageApplicationDir" isDirectory:YES]
+                                        create:YES
+                                         error:&error];
+        if (error)
+        {
+            [ErrorHandler fatalErrorWithMessage:@"Failed to create temporary Directory!"
+                                       exitCode:EX_CANTCREAT];
+        }
+        
+        // Set up our error handler so we don't leave files laying around in the case of an error
+        [ErrorHandler setTemporaryDirectory:tmpDirURL];
+        
+        NSString* appName = [origAppName lastPathComponent];
+        NSURL* destAppDirURL = [tmpDirURL URLByAppendingPathComponent:@"Payload" isDirectory:YES];
+        NSURL* destApp = [destAppDirURL URLByAppendingPathComponent:appName isDirectory:YES];
+        
+        // Make sure the app is actually there and display an error message if it isn't
+        BOOL origAppIsDirectory = NO;
+        BOOL origAppExists = [fm fileExistsAtPath:origAppName isDirectory:&origAppIsDirectory];
+        if (!origAppExists || !origAppIsDirectory)
+        {
+            [ErrorHandler fatalErrorWithMessage:[NSString stringWithFormat:@"%@ does not exist!\n", origAppName]
+                                       exitCode:EX_NOINPUT];
+        }
+       
+        NSURL* origAppURL = [NSURL fileURLWithPath:origAppName isDirectory:YES];
+
+        // Create destination directory
+        [fm createDirectoryAtURL:destAppDirURL
+     withIntermediateDirectories:YES
+                      attributes:nil
+                           error:&error];
+        if (error)
+        {
+            [ErrorHandler fatalErrorWithError:error
+                            additionalMessage:@"Failed to create destination Payload directory."];
+        }
+       
+        // Copy original app to work directory
+        [fm copyItemAtURL:origAppURL
+                    toURL:destApp
+                    error:&error];
+        
+        if (error)
+        {
+            [ErrorHandler fatalErrorWithError:error
+                            additionalMessage:@"Failed to copy original app to work directory."];
+        }
+        
+        // Set up the object that handles provisioning profiles and the entitlements contained
+        // therein.
+        ProfileManager* mainProfileManager = [[ProfileManager alloc] initWithKey:@"profile"
+                                                                        bundleURL:destApp];
+        if (newBundleID)
+        {
+            // Sometimes we may not be changing the bundle ID
+            updateBundleID(destApp, newBundleID);
+        }
+       
+        [mainProfileManager replaceEntitlements];
+       
+        [mainProfileManager replaceProfile];
+        
+        // Extensions handling starts here
+        NSString* extensionsString = [standardDefaults stringForKey:@"extensions"];
+        NSArray* extensions = [[extensionsString componentsSeparatedByString:@","] wta_map: ^(NSString* string) {
+            return [string stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceAndNewlineCharacterSet]];
+        }];
+        
+        NSURL* pluginPath = [destApp URLByAppendingPathComponent:@"PlugIns"];
+        
+        dispatch_apply(extensions.count,
+                       dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT,
+                                                 0),
+                       ^(size_t i) {
+                           NSString* extension = extensions[i];
+                           NSString* extensionName = [NSString stringWithFormat:@"%@.appex", extension];
+                           NSURL* extensionURL = [pluginPath URLByAppendingPathComponent:extensionName];
+                           
+                           ProfileManager* extensionProfileManager = [[ProfileManager alloc] initWithKey:extension
+                                                                                               bundleURL:extensionURL];
+                           if (newBundleID)
+                           {
+                               NSString* extensionBundleName = [extension stringByReplacingOccurrencesOfString:@" " withString:@"-"];
+                               NSString* newExtensionBundleID = [newBundleID stringByAppendingString:[NSString stringWithFormat:@".%@", extensionBundleName]];
+                               
+                               updateBundleID(extensionURL, newExtensionBundleID);
+                           }
+                           
+                           [extensionProfileManager replaceEntitlements];
+                           
+                           [extensionProfileManager replaceProfile];
+                           
+                           // Code signing
+                           [CodeSigner signBinary:extensionURL];
+                       });
+        
+        // Code signing of frameworks. We don't care if this call fails, because many apps don't
+        // even have Framewoks.
+        NSArray* frameworks = [fm contentsOfDirectoryAtURL:[destApp URLByAppendingPathComponent:@"Frameworks"]
+                                includingPropertiesForKeys:nil
+                                                   options:NSDirectoryEnumerationSkipsHiddenFiles
+                                                     error:NULL];
+        
+        dispatch_apply(frameworks.count,
+                       dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT,
+                                                 0),
+                       ^(size_t i) {
+                           [CodeSigner signFramework:frameworks[i]];
+                       });
+        
+        // Finally sign whole app.
+        [CodeSigner signBinary:destApp];
+        
+        // Remove whatever is at the output path, if it exists
+        // (or else the zip command will just append)
+        [fm removeItemAtPath:outputPathString
+                       error:NULL];
+        
+        NSString* currentWorkingDirectory = [fm currentDirectoryPath];
+        [fm changeCurrentDirectoryPath:tmpDirURL.path];
+        // Create the final ipa
+        int retVal = system([NSString stringWithFormat:@"/usr/bin/zip --symlinks --recurse-paths --verbose -9 \"%@\" .",
+                             outputPathString].UTF8String);
+        if (retVal != 0)
+        {
+            [ErrorHandler fatalErrorWithMessage:[NSString stringWithFormat:@"Failed to create ipa at %@",
+                                                 outputPathString]
+                                       exitCode:retVal];
+        }
+        
+        // Clean up after ourselves
+        [fm changeCurrentDirectoryPath:currentWorkingDirectory];
+        [fm removeItemAtURL:tmpDirURL error:NULL];
+    }
+    return rb_int2inum(0);
+}
+
+void showUsageAndExit(void)
+{
+    [ErrorHandler fatalErrorWithMessage:[NSString stringWithFormat:usageString, [[NSProcessInfo processInfo].arguments.firstObject UTF8String]]
+                               exitCode:EX_USAGE];
+}
+// This is left here for historical interest, in case anyone wants to know how to do this.
+//NSMutableDictionary* readRawEntitlements(NSURL* rawEntitlementsPath)
+//{
+//    NSData* rawFileData = [[NSFileManager defaultManager] contentsAtPath:rawEntitlementsPath.path];
+//    
+//    uint32_t formatTag;
+//    [rawFileData getBytes:&formatTag length:4];
+//    
+//    if (CFSwapInt32(formatTag) != 0xfade7171)
+//    {
+//        exit(1);
+//    }
+//    
+//    int length;
+//    [rawFileData getBytes:&length range:NSMakeRange(4, 4)];
+//    
+//    length = CFSwapInt32(length);
+//    
+//    NSData* plistData = [rawFileData subdataWithRange:NSMakeRange(8, length - 8)];
+//    NSPropertyListFormat format;
+//    NSMutableDictionary* result = [NSPropertyListSerialization propertyListWithData:plistData
+//                                                                            options:NSPropertyListMutableContainersAndLeaves
+//                                                                             format:&format
+//                                                                              error:NULL];
+//    
+//    [[NSFileManager defaultManager] removeItemAtURL:rawEntitlementsPath
+//                                              error:NULL];
+//    
+//    return result;
+//}
+

data/ext/wtapack/updateBundleID.h

@@ -0,0 +1,11 @@
+//
+//  updateBundleID.h
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+@import Foundation;
+
+void updateBundleID(NSURL* appURL, NSString* newBundleID);

data/ext/wtapack/updateBundleID.m

@@ -0,0 +1,54 @@
+//
+//  updateBundleID.m
+//  WTAPackageApplication
+//
+//  Created by Robert Thompson on 10/13/14.
+//  Copyright (c) 2014 WillowTree Apps. All rights reserved.
+//
+
+#import "updateBundleID.h"
+#import "ErrorHandler.h"
+
+void updateBundleID(NSURL* appURL, NSString* newBundleID)
+{
+    NSFileManager* fm = [NSFileManager defaultManager];
+    
+    NSPropertyListFormat format;
+    NSURL* infoPlistURL = [appURL URLByAppendingPathComponent:@"Info.plist"];
+    NSData* infoPlistData = [fm contentsAtPath:infoPlistURL.path];
+    NSError* error = nil;
+    NSMutableDictionary* infoPlist = [NSPropertyListSerialization propertyListWithData:infoPlistData
+                                                                               options:NSPropertyListMutableContainersAndLeaves
+                                                                                format:&format
+                                                                                 error:&error];
+    if (error)
+    {
+        [ErrorHandler fatalErrorWithError:error
+                        additionalMessage:[NSString stringWithFormat:@"Failed to deserialize Info.plist in %@",
+                                           appURL.path]];
+    }
+    
+    infoPlist[@"CFBundleIdentifier"] = newBundleID;
+    
+    infoPlistData = [NSPropertyListSerialization dataWithPropertyList:infoPlist
+                                                               format:format
+                                                              options:0
+                                                                error:&error];
+    if (error)
+    {
+        [ErrorHandler fatalErrorWithError:error
+                        additionalMessage:[NSString stringWithFormat:@"Failed to serialize new Info.plist for %@",
+                                           appURL.path]];
+    }
+    
+    BOOL success = [infoPlistData writeToURL:infoPlistURL
+                                  atomically:YES];
+    
+    if (!success)
+    {
+        NSString* errorString = [NSString stringWithFormat:@"Failed to write new Info.plist in %@",
+                                 appURL.path];
+        [ErrorHandler fatalErrorWithMessage:errorString
+                                   exitCode:EX_CANTCREAT];
+    }
+}

data/ext/wtapack/wtapack.c

@@ -0,0 +1,32 @@
+#include <ruby.h>
+#include "main.h"
+
+static VALUE hello_world(VALUE mod)
+{
+    return rb_str_new2("hello world");
+}
+
+static VALUE native_pack(VALUE mod, VALUE argc, VALUE argv)
+{
+    struct RArray *argv_array = RARRAY(argv);
+    
+    char** real_argv = ALLOC_N(char*, RARRAY_LEN(argv_array));
+    for (int i = 0; i < RARRAY_LEN(argv_array); i++)
+    {
+        struct RString* string = RSTRING(RARRAY_CONST_PTR(argv_array)[i]);
+        int length = RSTRING_LEN(string);
+        real_argv[i] = ALLOC_N(char, length + 1);
+        memcpy(real_argv[i], RSTRING_PTR(string), length);
+        real_argv[i][length] = '\0';
+    }
+    
+    return rb_main(NUM2INT(argc), real_argv);
+}
+
+void Init_wtapack()
+{
+    VALUE mWtapack = rb_define_module("Wtapack");
+    rb_define_singleton_method(mWtapack, "hello_world", hello_world, 0);
+    rb_define_singleton_method(mWtapack, "native_pack", native_pack, 2);
+}
+

data/lib/wtapack.rb

@@ -0,0 +1,33 @@
+require File.expand_path('../wtapack.bundle', __FILE__)
+
+module Wtapack
+  class Packer
+    attr_accessor :profile, :extensions, :input, :sign, :bundleID, :extension_profiles, :output
+    
+    def pack
+      argv = ["wtapack", "-profile", "#{self.profile}", "-sign", "#{self.sign}", "-input", "\"#{self.input}\"", "-output", "\"#{self.output}\"", "-bundleID", "#{self.bundleID}"]
+      unless self.extensions.nil?
+        extensions = ["-extensions"]
+        extension_list = ""
+        self.extensions.each do |ex|
+          extension_list = extension_list + "\"#{ex}\"" + ","
+        end
+        argv = argv + extensions + [extension_list]
+      end
+      unless self.extension_profiles.nil?
+        self.extension_profiles.each do |extension, profile|
+
+            argv = argv + ["\"-#{extension}\"", "#{profile}"]
+
+        end
+      end
+      if self.extensions.nil?
+        self.extensions = []
+      end
+            
+      argc = argv.count
+      
+      Wtapack::native_pack(argc, argv)
+    end
+  end
+end

metadata

@@ -0,0 +1,74 @@
+--- !ruby/object:Gem::Specification
+name: wtapack
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Robert Thompson
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-10-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake-compiler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Will re-sign, re-bundle-identifier, and re-provision an iOS app, and
+  then package the result as an ipa.
+email: robert.thompson@willowtreeapps.com
+executables: []
+extensions:
+- ext/wtapack/extconf.rb
+extra_rdoc_files: []
+files:
+- ext/wtapack/CodeSigner.h
+- ext/wtapack/CodeSigner.m
+- ext/wtapack/ErrorHandler.h
+- ext/wtapack/ErrorHandler.m
+- ext/wtapack/NSArray+WTAMap.h
+- ext/wtapack/NSArray+WTAMap.m
+- ext/wtapack/ProfileManager.h
+- ext/wtapack/ProfileManager.m
+- ext/wtapack/extconf.rb
+- ext/wtapack/main.h
+- ext/wtapack/main.m
+- ext/wtapack/updateBundleID.h
+- ext/wtapack/updateBundleID.m
+- ext/wtapack/wtapack.c
+- lib/wtapack.rb
+homepage: https://github.com/willowtreeapps/wtapack
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.2
+signing_key: 
+specification_version: 4
+summary: Codesigning and ipa packaging
+test_files: []