mac下查看.mobileprovision文件及钥匙串中证书.cer文件

时间:2023-03-08 16:39:34

mac下查看.mobileprovision文件及钥匙串中证书.cer文件

一. mobileprovision文件查看

xxx.mobileprovision是ios开发中的设备描述文件,里面有证书信息、调试设备的UUID信息、bundle identifier等,此文件是二进制格式不能直接打开,那么如何查看其中信息呢

方法1 使用mac自带security命令行

用mac自带的命令security,cd到mobileprovision所在的文件夹,执行

security cms -D -i XXX.mobileprovision

会得到下面的dict结构的详细信息

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>AppIDName</key>
<string>xxxx</string>
<key>ApplicationIdentifierPrefix</key>
<array>
<string>xxxx</string>
</array>
<key>CreationDate</key>
<date>--31T04::14Z</date>
<key>Platform</key>
<array>
<string>iOS</string>
</array>
<key>DeveloperCertificates</key>
<array>
<data>MIIFkDCCBHigxxxxxxxxxxxxxxxxxxWnPvqA5L3daJ1NY43ZXn5t6oGiAMwmrf8tXE/qgUpR+JH3+BENoD2y/DiQBTOzyb/LBC/KwNrdR5J95xsg9O3x5hEP8A0c</data>
</array>
<key>Entitlements</key>
<dict>
<key>com.apple.developer.pass-type-identifiers</key>
<array>
<string>xxxxx.*</string>
</array>
<key>keychain-access-groups</key>
<array>
<string>xxxxx.*</string>
</array>
<key>inter-app-audio</key>
<true/>
<key>get-task-allow</key>
<true/>
<key>application-identifier</key>
<string>8YBR4R554P.com.playcrab.heracles.dev</string>
<key>com.apple.developer.healthkit</key>
<true/>
<key>com.apple.developer.ubiquity-kvstore-identifier</key>
<string>8YBR4R554P.*</string>
<key>com.apple.developer.ubiquity-container-identifiers</key>
<array>
<string>8YBR4R554P.*</string>
</array>
<key>com.apple.developer.associated-domains</key>
<string>*</string>
<key>com.apple.security.application-groups</key>
<array>
</array>
<key>com.apple.developer.homekit</key>
<true/>
<key>com.apple.developer.team-identifier</key>
<string>8YBR4R554P</string>
<key>com.apple.external-accessory.wireless-configuration</key>
<true/>
<key>aps-environment</key>
<string>development</string>
<key>com.apple.developer.in-app-payments</key>
<array>
</array>
<key>com.apple.developer.default-data-protection</key>
<string>NSFileProtectionComplete</string>
<key>com.apple.developer.networking.vpn.api</key>
<array>
<string>allow-vpn</string>
</array>
<key>com.apple.developer.siri</key>
<true/>
</dict>
<key>ExpirationDate</key>
<date>--31T04::14Z</date>
<key>Name</key>
<string>xxxx</string>
<key>ProvisionedDevices</key>
<array>
<string>70daba5aefxxxxxb5cf04ec73a385d970</string>
<string>d8c16f16ef33xxxxxx3aad0xxxa382a9e2</string>
</array>
<key>TeamIdentifier</key>
<array>
<string>8YBRxxxx54P</string>
</array>
<key>TeamName</key>
<string>Nxxxx</string>
<key>TimeToLive</key>
<integer></integer>
<key>UUID</key>
<string>1c38459f-7xxxxxe286351</string>
<key>Version</key>
<integer></integer>
</dict>

方案2 mobileprovision-read命令来实现

在Terminal下输入下面的命令并回车

curl https://raw.githubusercontent.com/0xc010d/mobileprovision-read/master/main.m | clang -framework Foundation -framework Security -o /usr/local/bin/mobileprovision-read -x objective-c -

这条命令的作用是下载mobileprovision-read的源码,然后编译,最后把生成的二进制文件mobileprovision-read放入到/usr/local/bin/路径下。

执行下面命令后,可以得到与上面dict展示一样的信息

mobileprovision-read -f xxx.mobileprovision

二. 钥匙串中证书.cer文件查看

钥匙串访问(keychain access.app)中断各种证书,如何查看他们的公钥和私钥信息呢,比如如下证书中的公私钥信息呢

mac下查看.mobileprovision文件及钥匙串中证书.cer文件

需要右键将其导出成.p12文件,之后将.p12文件转成.pem文件,转成.pem的方法使用下面的命令

openssl pkcs12 -in xxx.p12 -out xxx.pem -nodes

之后用记事本打开xxx.pem文件,就能读到公钥私钥了

Bag Attributes
friendlyName: iPhone Developer: Ning xx (3Q73CFK5RP)
localKeyID: F0 BF 9E FD 7D 7E 2B 0F 5B F2 C5 1F BC 0D
subject=/UID=RNG8K5DALX/CN=iPhone Developer: Ning xx (xxxx)/OU=8YBR4R554P/O=Ning Liu/C=US
issuer=/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
-----BEGIN CERTIFICATE-----
xxxxx
IG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3Vt
XnbnM/N12EGccq7oH5WPQSOrcte5NxVFTdhT1mY7i4//Hf3N4n2gpjUUtykg8H4
jDQERpZHSbQYyHpcdiH6f9EsSXM+bA1a5yEpPL0zUJJSgCXR
-----END CERTIFICATE-----
Bag Attributes
friendlyName: xx
localKeyID: F0 BF 9E FD 7D 7E 2B 0F 5B F2 C5 1F BC 0D
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAvz/81SxGFOHWOlR6kC4vi+UO8o/4QW9vx7wu54utXb22hh9P
XbNv81+NQUo+e1BRr5h6ueDPUQFunBscQ10CNQp6CEHgTntYXMT2P
9a9+2mLCLZxGpKSbmYwuD4Sf1dpXKSOBc5rtPzlul2uHLbx10MSJri4=
-----END RSA PRIVATE KEY-----

上面是查看钥匙串中的公钥和密钥,那么怎么查看.cer呢?可以将其双击安装到钥匙串中,再按上述方法查看。

参考

1.命令行获取mobileprovision文件的UUID

2.Mac Security工具使用总结