mac下查看.mobileprovision文件及钥匙串中证书.cer文件

一. mobileprovision文件查看

xxx.mobileprovision是ios开发中的设备描述文件，里面有证书信息、调试设备的UUID信息、bundle identifier等，此文件是二进制格式不能直接打开，那么如何查看其中信息呢

方法1 使用mac自带security命令行

用mac自带的命令class="s1">security，cd到mobileprovision所在的文件夹，执行

security cms -D -i XXX.mobileprovision

会得到下面的dict结构的详细信息

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>AppIDName</key>
    <string>xxxx</string>
    <key>ApplicationIdentifierPrefix</key>
    <array>
    <string>xxxx</string>
    </array>
    <key>CreationDate</key>
    <date>2016-10-31T04:06:14Z</date>
    <key>Platform</key>
    <array>
        <string>iOS</string>
    </array>
    <key>DeveloperCertificates</key>
    <array>
        <data>MIIFkDCCBHigxxxxxxxxxxxxxxxxxxWnPvqA5L3daJ1NY43ZXn5t6oGiAMwmrf8tXE/qgUpR+JH3+BENoD2y/DiQBTOzyb/LBC/KwNrdR5J95xsg9O3x5hEP8A0c</data>
    </array>
    <key>Entitlements</key>
    <dict>
        <key>com.apple.developer.pass-type-identifiers</key>
        <array>
            <string>xxxxx.*</string>
        </array>
        <key>keychain-access-groups</key>
        <array>
            <string>xxxxx.*</string>        
        </array>
        <key>inter-app-audio</key>
        <true/>
        <key>get-task-allow</key>
        <true/>
        <key>application-identifier</key>
        <string>8YBR4R554P.com.playcrab.heracles.dev</string>
        <key>com.apple.developer.healthkit</key>
        <true/>
        <key>com.apple.developer.ubiquity-kvstore-identifier</key>
        <string>8YBR4R554P.*</string>
        <key>com.apple.developer.ubiquity-container-identifiers</key>
        <array>
            <string>8YBR4R554P.*</string>
        </array>
        <key>com.apple.developer.associated-domains</key>
        <string>*</string>
        <key>com.apple.security.application-groups</key>
        <array>
        </array>
        <key>com.apple.developer.homekit</key>
        <true/>
        <key>com.apple.developer.team-identifier</key>
        <string>8YBR4R554P</string>
        <key>com.apple.external-accessory.wireless-configuration</key>
        <true/>
        <key>aps-environment</key>
        <string>development</string>
        <key>com.apple.developer.in-app-payments</key>
        <array>
        </array>
        <key>com.apple.developer.default-data-protection</key>
        <string>NSFileProtectionComplete</string>
        <key>com.apple.developer.networking.vpn.api</key>
        <array>
            <string>allow-vpn</string>
        </array>
        <key>com.apple.developer.siri</key>
        <true/>
    </dict>
    <key>ExpirationDate</key>
    <date>2017-10-31T04:06:14Z</date>
    <key>Name</key>
    <string>xxxx</string>
    <key>ProvisionedDevices</key>
    <array>
        <string>70daba5aefxxxxxb5cf04ec73a385d970</string>
        <string>d8c16f16ef33xxxxxx3aad0xxxa382a9e2</string>
    </array>
    <key>TeamIdentifier</key>
    <array>
        <string>8YBRxxxx54P</string>
    </array>
    <key>TeamName</key>
    <string>Nxxxx</string>
    <key>TimeToLive</key>
    <integer>365</integer>
    <key>UUID</key>
    <string>1c38459f-7xxxxxe286351</string>
    <key>Version</key>
    <integer>1</integer>
</dict>

方案2 mobileprovision-read命令来实现

在Terminal下输入下面的命令并回车

curl https://raw.githubusercontent.com/0xc010d/mobileprovision-read/master/main.m | clang -framework Foundation -framework Security -o /usr/local/bin/mobileprovision-read -x objective-c -

这条命令的作用是下载mobileprovision-read的源码，然后编译，最后把生成的二进制文件mobileprovision-read放入到/usr/local/bin/路径下。

执行下面命令后，可以得到与上面dict展示一样的信息

mobileprovision-read -f xxx.mobileprovision

二. 钥匙串中证书.cer文件查看

钥匙串访问（keychain access.app）中断各种证书，如何查看他们的公钥和私钥信息呢，比如如下证书中的公私钥信息呢

需要右键将其导出成.p12文件，之后将.p12文件转成.pem文件，转成.pem的方法使用下面的命令

openssl pkcs12 -in xxx.p12 -out xxx.pem -nodes

之后用记事本打开xxx.pem文件，就能读到公钥私钥了

Bag Attributes
    friendlyName: iPhone Developer: Ning Liu (3Q73CFK5RP)
    localKeyID: F0 BF 58 9E FD 88 7D 61 7E 41 2B 0F 5B F2 03 C5 1F BC 0D 16 
subject=/UID=RNG8K5DALX/CN=iPhone Developer: Ning Liu (3Q73CFK5RP)/OU=8YBR4R554P/O=Ning Liu/C=US
issuer=/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIIasmZb9B0IcUwDQYJKoZIhvcNAQELBQAwg
IG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3Vt
XnbnM/N12EGccq7oH5WPQSOrcte5NxVFTdhT1mY7i4/7/Hf3N4n2gpjUUtykg8H4
jDQERpZHSbQYyHpcdiH6f9EsSXM+bA1a5yEpPL0zUJJSgCXR
-----END CERTIFICATE-----
Bag Attributes
    friendlyName: guan
    localKeyID: F0 BF 58 9E FD 88 7D 61 7E 41 2B 0F 5B F2 03 C5 1F BC 0D 16 
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAvz/81SxGFOHWOlR6kC4vi+UO8o/4QW9vx7wu54utXb22hh9P
XbNv81+NQUo+e1BRr5h6ueDPUQFunBscQ10CNQp6CEHgTntYXMT2P
9a9+2mLCLZxGpKSbmYwuD4Sf1dpXKSOBc5rtPzlul2uHLbx10MSJri4=
-----END RSA PRIVATE KEY-----

 上面是查看钥匙串中的公钥和密钥，那么怎么查看.cer呢？可以将其双击安装到钥匙串中，再按上述方法查看。

参考

1.命令行获取mobileprovision文件的UUID

2.Mac Security工具使用总结