Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move apple wwdrca to credentials. #110

Open
wants to merge 15 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 14 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,4 @@ test-*
.DS_Store
*.orig
/examples
TEST-*
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ Changelog

See [GitHub releases](https://github.com/jenkinsci/xcode-plugin/releases)

#### Version 2.0.15 (14th Mar 2021)
- ##### Moved information in the AppleWWDRCA.cer file from the local file system to credentials.

#### Version 2.0.14 (14th Nov 2019)
- ##### Fix backward compatibility problem at Import Developer Profile.

Expand Down
288 changes: 181 additions & 107 deletions README.md

Large diffs are not rendered by default.

449 changes: 449 additions & 0 deletions README_JA.md

Large diffs are not rendered by default.

Binary file added docs/images/ScreenShot_2021-04-13_21.04.34.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_21.05.45.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_21.06.34.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_21.58.10.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_21.58.31.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_21.59.20.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_22.00.05.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_22.03.04.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_22.03.30.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_22.04.04.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-13_22.39.25.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-19_13.25.38.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-19_14.17.49.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-19_14.29.25.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-19_14.42.24.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-19_16.52.10.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-19_16.55.38.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-20_10.41.22.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-20_10.42.03.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-20_10.45.25.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-20_10.49.56.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-20_9.53.59.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-04-29_16.05.56.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/ScreenShot_2021-05-25_22.31.15.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/Screenshot_2021-05-26_17.31.50.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@
<connection>scm:git:git@github.com:jenkinsci/xcode-plugin.git</connection>
<developerConnection>scm:git:git@github.com:jenkinsci/xcode-plugin.git</developerConnection>
<url>https://github.com/jenkinsci/xcode-plugin</url>
<tag>xcode-plugin-2.0.11</tag>
<tag>xcode-plugin-2.0.15</tag>
</scm>
<repositories>
<repository>
Expand Down
118 changes: 118 additions & 0 deletions src/main/java/au/com/rayh/AppleWWDRCA.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
package au.com.rayh;

import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.domains.DomainRequirement;
import hudson.Extension;
import hudson.security.ACL;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.*;

import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;

import jenkins.security.ConfidentialKey;

import org.apache.commons.fileupload.FileItem;
import org.apache.commons.io.IOUtils;
import org.kohsuke.stapler.DataBoundConstructor;

import com.cloudbees.plugins.credentials.CredentialsScope;
import com.cloudbees.plugins.credentials.impl.BaseStandardCredentials;

/**
* Apple Worldwide Developer Relations Certification Authority, which consists of any number of
* certificate for prepare certificate for code signing, and mobile provisioning profiles.
*
* @author Kazuhide Takahashi
*/
public class AppleWWDRCA extends BaseStandardCredentials {
@DataBoundConstructor
public AppleWWDRCA(@CheckForNull CredentialsScope scope, @CheckForNull String id, @CheckForNull String description,
FileItem image) throws IOException {
super(scope, id, description);

if ( image != null ) {
// for added secrecy, store this in the confidential store
new ConfidentialKeyImpl(id).store(image);
}
}

/**
* Retrieves the AppleWWDRCA.cer file image.
* @return AppleWWDRCA.cer file image
* @throws IOException file I/O
*/
public byte[] getImage() throws IOException {
return new ConfidentialKeyImpl(getId()).load();
}

/**
* Obtains the certificates in this AppleWWDRCA.cer file.
* @return X509Certificates
* @throws IOException file I/O
* @throws GeneralSecurityException Certificate error
*/
public @Nonnull List<X509Certificate> getCertificates() throws IOException, GeneralSecurityException {
List<X509Certificate> r = new ArrayList<>();
try ( InputStream inputStream = new ByteArrayInputStream(getImage()) ) {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection c = certificateFactory.generateCertificates(inputStream);
Iterator i = c.iterator();
while ( i.hasNext() ) {
X509Certificate cert = (X509Certificate) i.next();
r.add((X509Certificate)cert);
}
}
return r;
}

public String getDisplayNameOf(X509Certificate p) {
String name = p.getSubjectDN().getName();
try {
LdapName n = new LdapName(name);
for ( Rdn rdn : n.getRdns() ) {
if ( rdn.getType().equalsIgnoreCase("CN") )
return rdn.getValue().toString();
}
}
catch ( InvalidNameException e ) {
// fall through
}
return name; // fallback
}

@Extension
public static class DescriptorImpl extends BaseStandardCredentialsDescriptor {
@Override
public String getDisplayName() {
return "Apple Worldwide Developer Relations Certification Authority";
}
}

static class ConfidentialKeyImpl extends ConfidentialKey {
ConfidentialKeyImpl(String id) {
super(AppleWWDRCA.class.getName()+"."+id);
}

public void store(FileItem submitted) throws IOException {
super.store(IOUtils.toByteArray(submitted.getInputStream()));
}

public @CheckForNull byte[] load() throws IOException {
return super.load();
}
}

public static List<AppleWWDRCA> getAllCertificates() {
return CredentialsProvider.lookupCredentials(AppleWWDRCA.class, (hudson.model.Item)null, ACL.SYSTEM, Collections.<DomainRequirement>emptyList());
}
}
24 changes: 12 additions & 12 deletions src/main/java/au/com/rayh/DeveloperProfile.java
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
import com.cloudbees.plugins.credentials.domains.DomainRequirement;
import hudson.Extension;
import hudson.security.ACL;
import hudson.util.IOUtils;
import hudson.util.Secret;

import java.io.ByteArrayInputStream;
Expand All @@ -29,6 +28,7 @@
import jenkins.security.ConfidentialKey;

import org.apache.commons.fileupload.FileItem;
import org.apache.commons.io.IOUtils;
import org.kohsuke.stapler.DataBoundConstructor;

import com.cloudbees.plugins.credentials.CredentialsScope;
Expand All @@ -52,15 +52,15 @@ public DeveloperProfile(@CheckForNull CredentialsScope scope, @CheckForNull Stri
super(scope, id, description);
this.password = password;

if (image!=null) {
if ( image != null ) {
// for added secrecy, store this in the confidential store
new ConfidentialKeyImpl(id).store(image);
}
}

@Deprecated
public DeveloperProfile(String id, String description, Secret password, FileItem image) throws IOException {
this(CredentialsScope.GLOBAL,id,description,password,image);
this(CredentialsScope.GLOBAL, id, description, password, image);
}

public Secret getPassword() {
Expand All @@ -87,21 +87,20 @@ public byte[] getImage() throws IOException {
List<X509Certificate> r = new ArrayList<>();

ZipEntry ze;
while ((ze = zip.getNextEntry()) != null) {
if (ze.getName().endsWith(".p12")) {
while ( (ze = zip.getNextEntry()) != null ) {
if ( ze.getName().endsWith(".p12") ) {
KeyStore ks = KeyStore.getInstance("pkcs12");
ks.load(zip, password.getPlainText().toCharArray());
Enumeration<String> en = ks.aliases();
while (en.hasMoreElements()) {
while ( en.hasMoreElements() ) {
String s = en.nextElement();
Certificate c = ks.getCertificate(s);
if (c instanceof X509Certificate) {
if ( c instanceof X509Certificate ) {
r.add((X509Certificate) c);
}
}
}
}

return r;
}
}
Expand All @@ -110,11 +109,12 @@ public String getDisplayNameOf(X509Certificate p) {
String name = p.getSubjectDN().getName();
try {
LdapName n = new LdapName(name);
for (Rdn rdn : n.getRdns()) {
if (rdn.getType().equalsIgnoreCase("CN"))
for ( Rdn rdn : n.getRdns() ) {
if ( rdn.getType().equalsIgnoreCase("CN") )
return rdn.getValue().toString();
}
} catch (InvalidNameException e) {
}
catch ( InvalidNameException e ) {
// fall through
}
return name; // fallback
Expand Down Expand Up @@ -143,6 +143,6 @@ public void store(FileItem submitted) throws IOException {
}

public static List<DeveloperProfile> getAllProfiles() {
return CredentialsProvider.lookupCredentials(DeveloperProfile.class, (hudson.model.Item)null, ACL.SYSTEM, Collections.<DomainRequirement>emptyList());
return CredentialsProvider.lookupCredentials(DeveloperProfile.class, (hudson.model.Item)null, ACL.SYSTEM, Collections.<DomainRequirement>emptyList());
}
}
Loading