FEAT: included codec for Apple's Provision Profile files

Oldes · Apr 7, 2022 · c4547d9 · c4547d9
1 parent 31dae91
commit c4547d9
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 20 deletions.
diff --git a/src/mezz/codec-der.reb b/src/mezz/codec-der.reb
@@ -310,7 +310,7 @@ register-codec [
  |
  #{2B060105050703} (main: "PKIX key purpose") [
  #"^(01)" (name: 'serverAuth)
-   #"^(02)" (name: 'clientAuth)
+ | #"^(02)" (name: 'clientAuth)
  | #"^(03)" (name: 'codeSigning)
  ] end
  |
@@ -319,6 +319,7 @@ register-codec [
  ] end
  |
  #{0992268993F22C6401} (main: "Attribute") [
+ ; http://oid-info.com/cgi-bin/display?tree=0.9.2342.19200300.100.1.1
  #"^(01)" (name: 'uid)
  ] end
  ]
@@ -335,17 +336,3 @@ register-codec [
 
  verbose: 0
 ]
-
-register-codec [
- name: 'mobileprovision
- type: 'cryptography
- title: "Apple's mobileprovision file"
- suffixes: [%.mobileprovision]
- decode: function[data [binary!]][
- try [
- der: codecs/DER/decode data
- result: to string! der/sequence/cs0/sequence/sequence/cs0/2
- ]
- result
- ]
-]
diff --git a/src/mezz/codec-plist.reb b/src/mezz/codec-plist.reb
@@ -2,20 +2,21 @@ REBOL [
  name: plist
  type: module
  options: [delay]
- version: 0.0.1
- title: "REBOL 3 codec for PLIST files"
+ version: 1.0.0
+ title: "PLIST codec"
  file: https://raw.githubusercontent.com/Oldes/Rebol3/master/src/mezz/codec-plist.reb
  author: "Oldes"
  history: [
- 07-Apr-2022 "Oldes" {Initial version of the PLIST decoder}
+ 07-Apr-2022 "Oldes" {Initial version of the PLIST and Provisioning Profile decoder}
  ]
- References: [
+ references: [
  https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/PropertyLists/Introduction/Introduction.html
  https://medium.com/@karaiskc/understanding-apples-binary-property-list-format-281e6da00dbd
  ]
  todo: {
  * Support binary PLIST version
  * PLIST encoder
+ * Provision profile data validation?
  }
 ]
 
@@ -113,7 +114,7 @@ register-codec [
  change/only v compose [
  commonName: (crt/subject/commonName)
  valid-to: (crt/valid-to)
- fingerprint: (crt/fingerprint)
+ fingerprint: (select crt 'fingerprint)
  ]
  ]
  ]
@@ -140,3 +141,50 @@ register-codec [
  ]
  ]
 ]
+
+register-codec [
+ name: 'provision
+ type: 'cryptography
+ title: "Apple's Provisioning Profile File Format"
+ suffixes: [%.provisionprofile %.mobileprovision]
+
+ decode: function [
+ {Extract PLIST data from a provision profile}
+ data [binary! file! url!]
+ ;return: [map!]
+ ] [
+ unless binary? data [ data: read data ]
+
+ der: codecs/der/decode data
+ parse der [
+ 'SEQUENCE into [
+ 'OBJECT_IDENTIFIER #{2A864886F70D010702} 'CS0 into [
+ 'SEQUENCE into [
+ 'INTEGER set version: binary!
+ 'SET into [
+ 'SEQUENCE into [
+ 'OBJECT_IDENTIFIER set oid: binary! (
+ hash-alg: codecs/der/decode-oid oid
+ )
+ to end
+ ]
+ ]
+ 'SEQUENCE into [
+ 'OBJECT_IDENTIFIER #{2A864886F70D010701} 'CS0 into [
+ 'OCTET_STRING set plist: binary!
+ ]
+ ]
+ ; follows certificates used to sign the data..
+ ; validation is not implemented!
+ to end
+ ]
+ to end
+ ]
+ to end
+ ]
+ ]
+ either binary? plist [
+ codecs/plist/decode plist
+ ][ none ]
+ ]
+]
diff --git a/src/tests/units/codecs-test.r3 b/src/tests/units/codecs-test.r3
@@ -546,6 +546,16 @@ if find codecs 'plist [
  --assert map? data: load %units/files/Some.plist
  --assert data/AppIDName = "Test Application"
  --assert data/UUID = "bba91992-3a72-46b3-bc5f-f7b59aa49236"
+
+ --test-- "Load mobileprovision file"
+ --assert all [
+ map? data: load %units/files/Some.mobileprovision
+ data/AppIDName = "Samorost 1"
+ data/UUID = "be387546-d90d-40cd-83e6-95eb6f5f0861"
+ block? data/ProvisionedDevices
+ block? data/DeveloperCertificates
+ object? decode 'crt data/DeveloperCertificates/1
+ ]
  ===end-group===
 ]
 

diff --git a/src/tests/units/files/Some.mobileprovision b/src/tests/units/files/Some.mobileprovision