ios-mobileprovision-finder
Advanced tools
API to find an iOS mobile provision
Usage: ios-mobileprovision-finder -u [device uuid] -i [app bundle id]
Options:
-h, --help Show help [boolean]
-u, --uuid Provide one or more device UUIDs the searched provisioning
profile should be able to deploy to. [array]
-i, --app-id Provide application bundle identifier the searched
provisioning profile should match. [string]
-e, --eligible Prints only eligible profiles [boolean] [default: false]
-t, --team Provide team name the provisioning profile should belong to.
[string]
-p, --type 'development', 'distribution', 'adhoc' or 'all'; - specify the
provisioning profile type. [string] [default: "development"]
Example:
mcsofcankov:ios-mobileprovision-finder cankov$ ios-mobileprovision-finder -e -i org.nativescript.examples -t 'Telerik A D'
eligible:
- 'iOS Team Provisioning Profile: *' Telerik A D (exp: 5 Nov 2017) 16455071-eb38-4ebc-9a79-0ef50f76307a id: CHSQ3M3P37.* Development
- 'NativeScriptWildCard' Telerik A D (exp: 2 Nov 2017) 3aa58a65-f8da-4c67-bce8-ff9624822e31 id: CHSQ3M3P37.* Development
- 'iOS Team Provisioning Profile: org.nativescript.examples' Telerik A D (exp: 5 Nov 2017) f79232c0-b3b3-4b9d-be8e-f4f398cead88 id: CHSQ3M3P37.org.nativescript.examples Development
Read the public API from index.d.ts and the ios-mobileprovision-finder.ts command line tool for example.
import { provision, cert } from "./index";
const certificates = cert.read();
const provisionProfiles = provision.read();
const result = provision.select(provisionProfiles, {
AppId: "org.nativescript.examples",
TeamName: "Telerik AD",
Certificates: certificates.valid
});
result.eligible.forEach(({Name, UUID}) => {
console.log(` - ${Name} ${UUID}`);
});
Read all files in Library/MobileDevice/Provisioning Profiles/ and scan for the plist containing provisioning profile information. Parse the plist and keep the data.
List all the valid certificates in the default keychain search list using:
security find-identity -p codesigning
It yelds output such as:
1) FAE6210D184FCC1707B87F1C582280A286898EE3 "iPhone Distribution: Telerik A D (CHSQ3M3P37)"
2) 89936062DD52C7FEF2273E677AC98D109F198A84 "iPhone Developer: Panayot Cankov (3KZR3BE4ZD)" (CSSMERR_TP_CERT_REVOKED)
3) 0F0077D3EBEA9D0AB6668B8BCB90152ACE7BA4E9 "iPhone Developer: Panayot Cankov (TT4M4FMX2A)" (CSSMERR_TP_CERT_REVOKED)
4) 07AB20E16C86E2B548A91920B83EC27D78AFC7EB "iPhone Developer: Panayot Cankov (3KZR3BE4ZD)"
5) 9354FAEF631DC3E9B07929F20991829FF5E21C36 "iPhone Developer: Panayot Cankov (TT4M4FMX2A)"
6) 9D591A6ADAF9C99A9C19FC1A8EE7FA153C613441 "iPhone Distribution: Telerik AD"
That is then parsed and the PEMs are retrieved using:
security find-certificate -apZ
This prints the certificate SHAs, match ths SHA with the valid certs from the previous step, along PEMs. The PEMs and cert names are combined and later certificates can be matched with the certificates in the provisioning profiles.
This relies on the cert hashes.
FAQs
API to find an iOS mobile provision
We found that ios-mobileprovision-finder demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.
Security News
The npm package for the LottieFiles Player web component was hit with a supply chain attack after a software engineer's npmjs credentials were compromised.