| 1 | {"version":3,"file":"codeSign.js","sourceRoot":"","sources":["../src/codeSign.ts"],"names":[],"mappings":";AAAA,uBAAqB,QACrB,CAAC,CAD4B;AAC7B,gCAA2B,iBAC3B,CAAC,CAD2C;AAC5C,8BAAyB,eACzB,CAAC,CADuC;AACxC,qBAAuB,IACvB,CAAC,CAD0B;AAC3B,MAAY,IAAI,WAAM,MACtB,CAAC,CAD2B;AAC5B,0BAAoC,WACpC,CAAC,CAD8C;AAC/C,2BAA2C,UAC3C,CAAC,CADoD;AACrD,yBAA4B,QAC5B,CAAC,CADmC;AACpC,0BAA0B,WAE1B,CAAC,CAFoC;AAErC,MAAM,SAAS,GAAG,mBAAS,CAAA;AAC3B,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;AAOxB;IACE,MAAM,CAAC,oBAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AACvC,CAAC;AAED;IACE,MAAM,CAAC,MAAM,GAAG,YAAY,EAAE,GAAG,WAAW,CAAA;AAC9C,CAAC;AAFe,4BAAoB,uBAEnC,CAAA;AAED,wBAA+B,YAAoB,EAAE,OAAe,EAAE,cAAsB;IAC1F,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,WAAM,EAAE,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC,CAAA;IAClE,MAAM,iBAAiB,GAAG,IAAI,CAAC,IAAI,CAAC,WAAM,EAAE,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC,CAAA;IAEtE,MAAM,gBAAgB,GAAG,YAAY,EAAE,CAAA;IACvC,MAAM,CAAC,wBAAc,CAAC,OAAO,CAAC,GAAG,CAAC;QAC9B,sBAAQ,CAAC,oEAAoE,EAAE,aAAa,CAAC;QAC7F,sBAAQ,CAAC,OAAO,EAAE,iBAAiB,CAAC;QACpC,kBAAe,CAAC,SAAS,CAAC;YACxB,CAAC,iBAAiB,EAAE,IAAI,EAAE,gBAAgB,EAAE,YAAY,CAAC;YACzD,CAAC,iBAAiB,EAAE,IAAI,EAAE,gBAAgB,EAAE,YAAY,CAAC;YACzD,CAAC,uBAAuB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,CAAC;SAC5D,EAAE,EAAE,IAAI,WAAI,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;KAC/B,CAAC;SACD,IAAI,CAAC,MAAM,WAAW,CAAC,YAAY,EAAE,aAAa,EAAE,iBAAiB,EAAE,cAAc,CAAC,CAAC,EACxF,KAAK;QACH,MAAM,KAAK,GAAG,CAAC,0BAAU,CAAC,aAAa,EAAE,IAAI,CAAC,EAAE,0BAAU,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC,CAAA;QACpF,EAAE,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,CAAC;YAClB,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC,CAAA;QAC1C,CAAC;QACD,MAAM,CAAC,aAAG,CAAC,KAAK,CAAC,CAAA;IACnB,CAAC,CAAC,CAAA;AACN,CAAC;AAtBe,sBAAc,iBAsB7B,CAAA;AAED,qBAA2B,YAAoB,EAAE,aAAqB,EAAE,iBAAyB,EAAE,cAAsB;;QACvH,MAAM,WAAI,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,aAAa,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC,CAAA;QAChG,MAAM,WAAI,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,iBAAiB,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC,CAAA;QAC1H,IAAI,OAAO,GAAG,MAAM,iBAAiB,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAA;QACxE,MAAM,CAAC;YACL,OAAO,EAAE,OAAO;YAChB,eAAe,EAAE,YAAY;SAC9B,CAAA;IACH,CAAC;CAAA;AAED,2BAA2B,QAAgB,EAAE,QAAgB;IAC3D,MAAM,CAAC,WAAI,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,GAAG,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;SAC7H,IAAI,CAAC,MAAM;QACV,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAA;QACpE,EAAE,CAAC,CAAC,KAAK,IAAI,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;QACxD,CAAC;QACD,IAAI,CAAC,CAAC;YACJ,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC,CAAC,CAAA;AACN,CAAC;AAED,cAAqB,IAAY,EAAE,OAAwB;IACzD,MAAM,IAAI,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IACnE,EAAE,CAAC,CAAC,OAAO,CAAC,eAAe,IAAI,IAAI,CAAC,CAAC,CAAC;QACpC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,eAAe,CAAC,CAAA;IAClD,CAAC;IACD,MAAM,CAAC,WAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;AAC/B,CAAC;AANe,YAAI,OAMnB,CAAA;AAED,wBAA+B,YAAoB,EAAE,cAAc,GAAY,IAAI;IACjF,MAAM,MAAM,GAAG,WAAI,CAAC,UAAU,EAAE,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC,CAAA;IAClE,EAAE,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;QACnB,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK;YACvB,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,4CAA4C,CAAC,CAAC,CAAC,CAAC;gBAC1E,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IACD,IAAI,CAAC,CAAC;QACJ,MAAM,CAAC,MAAM,CAAA;IACf,CAAC;AACH,CAAC;AAZe,sBAAc,iBAY7B,CAAA;AAED,6BAAoC,OAAe;IACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,WAAM,EAAE,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC,CAAA;IAC7D,MAAM,CAAC,sBAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC;SAC/B,UAAU,CAAC,QAAQ,CAAC,CAAA;AACzB,CAAC;AAJe,2BAAmB,sBAIlC,CAAA","sourcesContent":["import { exec } from \"./util\"\nimport { deleteFile } from \"./promisifed-fs\"\nimport { download } from \"./httpRequest\"\nimport { tmpdir } from \"os\"\nimport * as path from \"path\"\nimport { executeFinally, all } from \"./promise\"\nimport { Promise as BluebirdPromise } from \"bluebird\"\nimport { randomBytes } from \"crypto\"\nimport { tsAwaiter } from \"./awaiter\"\n\nconst __awaiter = tsAwaiter\nArray.isArray(__awaiter)\n\nexport interface CodeSigningInfo {\n cscName: string\n cscKeychainName?: string\n}\n\nfunction randomString(): string {\n return randomBytes(8).toString(\"hex\")\n}\n\nexport function generateKeychainName(): string {\n return \"csc-\" + randomString() + \".keychain\"\n}\n\nexport function createKeychain(keychainName: string, cscLink: string, cscKeyPassword: string): Promise<CodeSigningInfo> {\n const appleCertPath = path.join(tmpdir(), randomString() + \".cer\")\n const developerCertPath = path.join(tmpdir(), randomString() + \".p12\")\n\n const keychainPassword = randomString()\n return executeFinally(Promise.all([\n download(\"https://developer.apple.com/certificationauthority/AppleWWDRCA.cer\", appleCertPath),\n download(cscLink, developerCertPath),\n BluebirdPromise.mapSeries([\n [\"create-keychain\", \"-p\", keychainPassword, keychainName],\n [\"unlock-keychain\", \"-p\", keychainPassword, keychainName],\n [\"set-keychain-settings\", \"-t\", \"3600\", \"-u\", keychainName]\n ], it => exec(\"security\", it))\n ])\n .then(() => importCerts(keychainName, appleCertPath, developerCertPath, cscKeyPassword)),\n error => {\n const tasks = [deleteFile(appleCertPath, true), deleteFile(developerCertPath, true)]\n if (error != null) {\n tasks.push(deleteKeychain(keychainName))\n }\n return all(tasks)\n })\n}\n\nasync function importCerts(keychainName: string, appleCertPath: string, developerCertPath: string, cscKeyPassword: string): Promise<CodeSigningInfo> {\n await exec(\"security\", [\"import\", appleCertPath, \"-k\", keychainName, \"-T\", \"/usr/bin/codesign\"])\n await exec(\"security\", [\"import\", developerCertPath, \"-k\", keychainName, \"-T\", \"/usr/bin/codesign\", \"-P\", cscKeyPassword])\n let cscName = await extractCommonName(cscKeyPassword, developerCertPath)\n return {\n cscName: cscName,\n cscKeychainName: keychainName\n }\n}\n\nfunction extractCommonName(password: string, certPath: string): BluebirdPromise<string> {\n return exec(\"openssl\", [\"pkcs12\", \"-nokeys\", \"-nodes\", \"-passin\", \"pass:\" + password, \"-nomacver\", \"-clcerts\", \"-in\", certPath])\n .then(result => {\n const match = result[0].toString().match(/^subject.*\\/CN=([^\\/]+)/m)\n if (match == null || match[1] == null) {\n throw new Error(\"Cannot extract common name from p12\")\n }\n else {\n return match[1]\n }\n })\n}\n\nexport function sign(path: string, options: CodeSigningInfo): BluebirdPromise<any> {\n const args = [\"--deep\", \"--force\", \"--sign\", options.cscName, path]\n if (options.cscKeychainName != null) {\n args.push(\"--keychain\", options.cscKeychainName)\n }\n return exec(\"codesign\", args)\n}\n\nexport function deleteKeychain(keychainName: string, ignoreNotFound: boolean = true): BluebirdPromise<any> {\n const result = exec(\"security\", [\"delete-keychain\", keychainName])\n if (ignoreNotFound) {\n return result.catch(error => {\n if (!error.message.includes(\"The specified keychain could not be found.\")) {\n throw error\n }\n })\n }\n else {\n return result\n }\n}\n\nexport function downloadCertificate(cscLink: string): Promise<string> {\n const certPath = path.join(tmpdir(), randomString() + \".p12\")\n return download(cscLink, certPath)\n .thenReturn(certPath)\n}"]} |