xxx.mobileprovision是ios开发中的设备描述文件,里面有证书信息、调试设备的UUID信息、bundle identifier等,此文件是二进制格式不能直接打开,那么如何查看其中信息呢
用mac自带的命令class="s1">security,cd到mobileprovision所在的文件夹,执行
security cms -D -i XXX.mobileprovision
会得到下面的dict结构的详细信息
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AppIDName</key> <string>xxxx</string> <key>ApplicationIdentifierPrefix</key> <array> <string>xxxx</string> </array> <key>CreationDate</key> <date>2016-10-31T04:06:14Z</date> <key>Platform</key> <array> <string>iOS</string> </array> <key>DeveloperCertificates</key> <array> <data>MIIFkDCCBHigxxxxxxxxxxxxxxxxxxWnPvqA5L3daJ1NY43ZXn5t6oGiAMwmrf8tXE/qgUpR+JH3+BENoD2y/DiQBTOzyb/LBC/KwNrdR5J95xsg9O3x5hEP8A0c</data> </array> <key>Entitlements</key> <dict> <key>com.apple.developer.pass-type-identifiers</key> <array> <string>xxxxx.*</string> </array> <key>keychain-access-groups</key> <array> <string>xxxxx.*</string> </array> <key>inter-app-audio</key> <true/> <key>get-task-allow</key> <true/> <key>application-identifier</key> <string>8YBR4R554P.com.playcrab.heracles.dev</string> <key>com.apple.developer.healthkit</key> <true/> <key>com.apple.developer.ubiquity-kvstore-identifier</key> <string>8YBR4R554P.*</string> <key>com.apple.developer.ubiquity-container-identifiers</key> <array> <string>8YBR4R554P.*</string> </array> <key>com.apple.developer.associated-domains</key> <string>*</string> <key>com.apple.security.application-groups</key> <array> </array> <key>com.apple.developer.homekit</key> <true/> <key>com.apple.developer.team-identifier</key> <string>8YBR4R554P</string> <key>com.apple.external-accessory.wireless-configuration</key> <true/> <key>aps-environment</key> <string>development</string> <key>com.apple.developer.in-app-payments</key> <array> </array> <key>com.apple.developer.default-data-protection</key> <string>NSFileProtectionComplete</string> <key>com.apple.developer.networking.vpn.api</key> <array> <string>allow-vpn</string> </array> <key>com.apple.developer.siri</key> <true/> </dict> <key>ExpirationDate</key> <date>2017-10-31T04:06:14Z</date> <key>Name</key> <string>xxxx</string> <key>ProvisionedDevices</key> <array> <string>70daba5aefxxxxxb5cf04ec73a385d970</string> <string>d8c16f16ef33xxxxxx3aad0xxxa382a9e2</string> </array> <key>TeamIdentifier</key> <array> <string>8YBRxxxx54P</string> </array> <key>TeamName</key> <string>Nxxxx</string> <key>TimeToLive</key> <integer>365</integer> <key>UUID</key> <string>1c38459f-7xxxxxe286351</string> <key>Version</key> <integer>1</integer> </dict>
在Terminal下输入下面的命令并回车
curl https://raw.githubusercontent.com/0xc010d/mobileprovision-read/master/main.m | clang -framework Foundation -framework Security -o /usr/local/bin/mobileprovision-read -x objective-c -
这条命令的作用是下载mobileprovision-read的源码,然后编译,最后把生成的二进制文件mobileprovision-read
放入到/usr/local/bin/
路径下。
执行下面命令后,可以得到与上面dict展示一样的信息
mobileprovision-read -f xxx.mobileprovision
钥匙串访问(keychain access.app)中断各种证书,如何查看他们的公钥和私钥信息呢,比如如下证书中的公私钥信息呢
需要右键将其导出成.p12文件,之后将.p12文件转成.pem文件,转成.pem的方法使用下面的命令
openssl pkcs12 -in xxx.p12 -out xxx.pem -nodes
之后用记事本打开xxx.pem文件,就能读到公钥私钥了
Bag Attributes friendlyName: iPhone Developer: Ning Liu (3Q73CFK5RP) localKeyID: F0 BF 58 9E FD 88 7D 61 7E 41 2B 0F 5B F2 03 C5 1F BC 0D 16 subject=/UID=RNG8K5DALX/CN=iPhone Developer: Ning Liu (3Q73CFK5RP)/OU=8YBR4R554P/O=Ning Liu/C=US issuer=/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgIIasmZb9B0IcUwDQYJKoZIhvcNAQELBQAwg IG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3Vt XnbnM/N12EGccq7oH5WPQSOrcte5NxVFTdhT1mY7i4/7/Hf3N4n2gpjUUtykg8H4 jDQERpZHSbQYyHpcdiH6f9EsSXM+bA1a5yEpPL0zUJJSgCXR -----END CERTIFICATE----- Bag Attributes friendlyName: guan localKeyID: F0 BF 58 9E FD 88 7D 61 7E 41 2B 0F 5B F2 03 C5 1F BC 0D 16 Key Attributes: <No Attributes> -----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAvz/81SxGFOHWOlR6kC4vi+UO8o/4QW9vx7wu54utXb22hh9P XbNv81+NQUo+e1BRr5h6ueDPUQFunBscQ10CNQp6CEHgTntYXMT2P 9a9+2mLCLZxGpKSbmYwuD4Sf1dpXKSOBc5rtPzlul2uHLbx10MSJri4= -----END RSA PRIVATE KEY-----
上面是查看钥匙串中的公钥和密钥,那么怎么查看.cer呢?可以将其双击安装到钥匙串中,再按上述方法查看。
参考
1.命令行获取mobileprovision文件的UUID
2.Mac Security工具使用总结