Last active
August 29, 2015 14:17
-
-
Save obxhdx/07b49b66f24c081afd2e to your computer and use it in GitHub Desktop.
Extracts certificates information from a Provisioning Profile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Based on https://gist.github.com/commandtab/2370710 | |
| # xmlstarlet is required (brew install xmlstarlet) | |
| # What this script does: | |
| # - Parses a provisioning profile | |
| # - Loops through all DeveloperCertificates <data> entries | |
| # - Removes any leading whitespace | |
| # - Removes any blank lines | |
| # - Decodes the Base64 blob | |
| # - Parses the certificate with OpenSSL extracting the "subject" and the "expiration date" info (e.g: "subject= /UID=AABBCCDDEE/CN=iPhone Developer: First Last (FFGGHHIIJJ)/C=US") | |
| # - Filters the relevant output | |
| # - Sorts and aligns the results | |
| # The labels in the output mean: | |
| # CN = CommonName | |
| # OU = OrganizationalUnit | |
| # O = Organization | |
| # C = CountryName | |
| # notAfter = Expiration date | |
| PROVISIONING_PROFILE="$1" | |
| for data in $(security cms -D -i $PROVISIONING_PROFILE | xml sel -t -v "/plist/dict/key[. = 'DeveloperCertificates']/following-sibling::array[1]"); do | |
| echo "$data" | awk '{print $1}' | sed '/^$/d' | base64 -d | openssl x509 -subject -enddate -inform der | head -n 2 | tr '\n' '/' | awk -F'/' '{print $3,$2,$4,$5,$6,$7}' FS='/' OFS='/' | |
| done | sort | column -t -s '/' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment