From e8fc2dfe57f3da1e291c7002406397d664cc2921 Mon Sep 17 00:00:00 2001 From: ti-daal <164172474+ti-daal@users.noreply.github.com> Date: Fri, 17 May 2024 15:42:04 +0300 Subject: [PATCH] update go-xcode version (#43) Co-authored-by: daniil.titov Co-authored-by: Szabolcs Toth <54896607+tothszabi@users.noreply.github.com> --- go.mod | 5 +- go.sum | 27 +- .../bitrise-io/go-pkcs12/.gitattributes | 10 + .../bitrise-io/go-pkcs12/.gitignore | 2 + .../bitrise-io/{pkcs12 => go-pkcs12}/LICENSE | 0 .../{pkcs12 => go-pkcs12}/README.md | 18 +- .../{pkcs12 => go-pkcs12}/bmp-string.go | 19 +- .../{pkcs12 => go-pkcs12}/crypto.go | 94 ++++- .../{pkcs12 => go-pkcs12}/errors.go | 0 .../{pkcs12 => go-pkcs12}/internal/rc2/rc2.go | 0 .../bitrise-io/{pkcs12 => go-pkcs12}/mac.go | 20 +- .../bitrise-io/{pkcs12 => go-pkcs12}/pbkdf.go | 11 +- .../{pkcs12 => go-pkcs12}/pkcs12.go | 323 +++++++++++++++--- .../{pkcs12 => go-pkcs12}/safebags.go | 0 .../go-xcode/certificateutil/info_model.go | 2 +- .../go-xcode/certificateutil/util.go | 4 +- .../devportalservice/devportalservice.go | 12 - .../go-xcode/devportalservice/testdevice.go | 51 +++ .../go-xcode/profileutil/info_model.go | 19 +- .../bitrise-io/go-xcode/xcodebuild/build.go | 2 + .../xcodebuild/show_build_settings.go | 38 ++- .../bitrise-io/go-xcode/xcodebuild/test.go | 20 +- .../xcodeproject/serialized/serialized.go | 15 + .../xcodeproject/xcodeproj/schemes.go | 286 ++++++++++++++++ .../xcodeproject/xcodeproj/xcodeproj.go | 32 +- .../go-xcode/xcodeproject/xcscheme/util.go | 47 --- .../xcodeproject/xcscheme/xcscheme.go | 10 +- .../xcodeproject/xcworkspace/file_ref.go | 2 +- .../xcodeproject/xcworkspace/schemes.go | 215 ++++++++++++ .../xcodeproject/xcworkspace/utils.go | 8 + .../xcodeproject/xcworkspace/xcworkspace.go | 96 +----- .../bitrise-io/pkcs12/renovate.json | 6 - vendor/golang.org/x/crypto/LICENSE | 27 ++ vendor/golang.org/x/crypto/PATENTS | 22 ++ vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go | 77 +++++ vendor/modules.txt | 15 +- 36 files changed, 1259 insertions(+), 276 deletions(-) create mode 100644 vendor/github.com/bitrise-io/go-pkcs12/.gitattributes create mode 100644 vendor/github.com/bitrise-io/go-pkcs12/.gitignore rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/LICENSE (100%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/README.md (63%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/bmp-string.go (77%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/crypto.go (60%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/errors.go (100%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/internal/rc2/rc2.go (100%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/mac.go (70%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/pbkdf.go (96%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/pkcs12.go (60%) rename vendor/github.com/bitrise-io/{pkcs12 => go-pkcs12}/safebags.go (100%) create mode 100644 vendor/github.com/bitrise-io/go-xcode/devportalservice/testdevice.go create mode 100644 vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/schemes.go delete mode 100644 vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/util.go create mode 100644 vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/schemes.go create mode 100644 vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/utils.go delete mode 100644 vendor/github.com/bitrise-io/pkcs12/renovate.json create mode 100644 vendor/golang.org/x/crypto/LICENSE create mode 100644 vendor/golang.org/x/crypto/PATENTS create mode 100644 vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go diff --git a/go.mod b/go.mod index 4d5b724..6d9df57 100644 --- a/go.mod +++ b/go.mod @@ -5,15 +5,15 @@ go 1.17 require ( github.com/bitrise-io/go-steputils/v2 v2.0.0-alpha.26 github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.20 - github.com/bitrise-io/go-xcode v1.0.9 + github.com/bitrise-io/go-xcode v1.0.19 github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.26 github.com/stretchr/testify v1.8.4 ) require ( + github.com/bitrise-io/go-pkcs12 v0.0.0-20230815095624-feb898696e02 // indirect github.com/bitrise-io/go-plist v0.0.0-20210301100253-4b1a112ccd10 // indirect github.com/bitrise-io/go-utils v1.0.9 // indirect - github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa // indirect github.com/golang-jwt/jwt/v4 v4.4.1 // indirect @@ -23,6 +23,7 @@ require ( github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/stretchr/objx v0.5.0 // indirect + golang.org/x/crypto v0.12.0 // indirect golang.org/x/text v0.12.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect howett.net/plist v1.0.0 // indirect diff --git a/go.sum b/go.sum index 86f1027..f2c8dbb 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,12 @@ github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/bitrise-io/go-pkcs12 v0.0.0-20230815095624-feb898696e02 h1:DoXD85rP+di4sJplai0Fyvvt0HBK7umrqVHTGBnkaaQ= +github.com/bitrise-io/go-pkcs12 v0.0.0-20230815095624-feb898696e02/go.mod h1:R3yKQBGvbDTB/B173ZV/MnRfn6AERDUVeWxH8ZtwXcY= github.com/bitrise-io/go-plist v0.0.0-20210301100253-4b1a112ccd10 h1:/2OyBFI7GjYKexBPcfTPvKFz8Ks7qYzkkz2SQ8aiJgc= github.com/bitrise-io/go-plist v0.0.0-20210301100253-4b1a112ccd10/go.mod h1:pARutiL3kEuRLV3JvswidvfCj+9Y3qMZtji2BDqLFsA= github.com/bitrise-io/go-steputils v1.0.1/go.mod h1:YIUaQnIAyK4pCvQG0hYHVkSzKNT9uL2FWmkFNW4mfNI= -github.com/bitrise-io/go-steputils v1.0.2 h1:BEFG87r7uA/Yabk4SmuxP2yOgjjO+YGsDOYXtUH8IJ0= github.com/bitrise-io/go-steputils v1.0.2/go.mod h1:YIUaQnIAyK4pCvQG0hYHVkSzKNT9uL2FWmkFNW4mfNI= +github.com/bitrise-io/go-steputils v1.0.5 h1:OBH7CPXeqIWFWJw6BOUMQnUb8guspwKr2RhYBhM9tfc= +github.com/bitrise-io/go-steputils v1.0.5/go.mod h1:YIUaQnIAyK4pCvQG0hYHVkSzKNT9uL2FWmkFNW4mfNI= github.com/bitrise-io/go-steputils/v2 v2.0.0-alpha.2/go.mod h1:OC0mHpjD/bqmsHlhG+FWgTouBbcJvmyx896PDP3dRBs= github.com/bitrise-io/go-steputils/v2 v2.0.0-alpha.26 h1:trHf0s8Dmp9hfyvMyfCo0ruCI5lUgLf6La2i2LOoKIo= github.com/bitrise-io/go-steputils/v2 v2.0.0-alpha.26/go.mod h1:aS6TO1DpbWJoBuAlvmpS/I/FU97C71wv1F/+p+kVrCk= @@ -15,11 +18,11 @@ github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.1/go.mod h1:sy+Ir1X8P3tAAx/qU/r+h github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.11/go.mod h1:SJqGxzwjIAx2LVQxNGS4taN7X//eDPJLrFxJ1MpOuyA= github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.20 h1:R+xJRWsuHhF/Pnx0gjI1+HH4Y0YSFVI+U/CbLpSx4sU= github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.20/go.mod h1:Laih4ji980SQkRgdnMCH0g4u2GZI/5nnbqmYT9UfKFQ= -github.com/bitrise-io/go-xcode v1.0.9 h1:+sbqOYidQ+aiFfCTDpf2LdGSQEM5RfbtDsiG27zJG+s= github.com/bitrise-io/go-xcode v1.0.9/go.mod h1:Y0Wu2dXm0MilJ/4D3+gPHaNMlUcP+1DjIPoLPykq7wY= +github.com/bitrise-io/go-xcode v1.0.19 h1:pbPEIqTHigviG9+1ppMTLv5h6z4k2oz3gKYLKoHJ0yg= +github.com/bitrise-io/go-xcode v1.0.19/go.mod h1:9OwsvrhZ4A2JxHVoEY7CPcABAKA+OE7FQqFfBfvbFuY= github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.26 h1:4Mh+sdY+XXncLOHDZLyBvKEcTniaWruRzzN/k1QPE5I= github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.26/go.mod h1:8WBcRgrVXY8tzR7NcjE4fw6WguOIfB3YcC7ZTcQYUEY= -github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8 h1:kmvU8AxrNTxXsVPKepBHD8W+eCVmeaKyTkRuUJB2K38= github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8/go.mod h1:UiXKNs0essbC14a2TvGlnUKo9isP9m4guPrp8KJHJpU= github.com/bmatcuk/doublestar/v4 v4.2.0/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= @@ -35,8 +38,9 @@ github.com/gofrs/uuid v4.3.1+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRx github.com/golang-jwt/jwt/v4 v4.4.1 h1:pC5DB52sCeK48Wlb9oPcdhnjkz1TKt1D/P7WKJ0kUcQ= github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= @@ -48,8 +52,9 @@ github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER github.com/hashicorp/go-retryablehttp v0.7.1 h1:sUiuQAnLlbvmExtFQs72iFW/HXeUn8Z1aJLQ4LJJbTQ= github.com/hashicorp/go-retryablehttp v0.7.1/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go-version v1.5.0 h1:O293SZ2Eg+AAYijkVK3jR786Am1bhDEh2GHT0tIVE5E= github.com/hashicorp/go-version v1.5.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= +github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= @@ -89,6 +94,9 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= +golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= +golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -96,6 +104,7 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -110,15 +119,23 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220731174439-a90be440212d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= +golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= diff --git a/vendor/github.com/bitrise-io/go-pkcs12/.gitattributes b/vendor/github.com/bitrise-io/go-pkcs12/.gitattributes new file mode 100644 index 0000000..d2f212e --- /dev/null +++ b/vendor/github.com/bitrise-io/go-pkcs12/.gitattributes @@ -0,0 +1,10 @@ +# Treat all files in this repo as binary, with no git magic updating +# line endings. Windows users contributing to Go will need to use a +# modern version of git and editors capable of LF line endings. +# +# We'll prevent accidental CRLF line endings from entering the repo +# via the git-review gofmt checks. +# +# See golang.org/issue/9281 + +* -text diff --git a/vendor/github.com/bitrise-io/go-pkcs12/.gitignore b/vendor/github.com/bitrise-io/go-pkcs12/.gitignore new file mode 100644 index 0000000..8339fd6 --- /dev/null +++ b/vendor/github.com/bitrise-io/go-pkcs12/.gitignore @@ -0,0 +1,2 @@ +# Add no patterns to .hgignore except for files generated by the build. +last-change diff --git a/vendor/github.com/bitrise-io/pkcs12/LICENSE b/vendor/github.com/bitrise-io/go-pkcs12/LICENSE similarity index 100% rename from vendor/github.com/bitrise-io/pkcs12/LICENSE rename to vendor/github.com/bitrise-io/go-pkcs12/LICENSE diff --git a/vendor/github.com/bitrise-io/pkcs12/README.md b/vendor/github.com/bitrise-io/go-pkcs12/README.md similarity index 63% rename from vendor/github.com/bitrise-io/pkcs12/README.md rename to vendor/github.com/bitrise-io/go-pkcs12/README.md index f10f9f1..4a45f95 100644 --- a/vendor/github.com/bitrise-io/pkcs12/README.md +++ b/vendor/github.com/bitrise-io/go-pkcs12/README.md @@ -1,21 +1,26 @@ # package pkcs12 -[![GoDoc](https://godoc.org/software.sslmate.com/src/go-pkcs12?status.svg)](https://godoc.org/software.sslmate.com/src/go-pkcs12) +## Fork info + +This is a fork of https://github.com/SSLMate/go-pkcs12 that adds support for https://github.com/bitrise-io/go-pkcs12/pull/1 + +[![Documentation](https://pkg.go.dev/badge/software.sslmate.com/src/go-pkcs12)](https://pkg.go.dev/software.sslmate.com/src/go-pkcs12) import "software.sslmate.com/src/go-pkcs12" Package pkcs12 implements some of PKCS#12 (also known as P12 or PFX). -It is intended for decoding P12/PFX files for use with the `crypto/tls` +It is intended for decoding DER-encoded P12/PFX files for use with the `crypto/tls` package, and for encoding P12/PFX files for use by legacy applications which do not support newer formats. Since PKCS#12 uses weak encryption primitives, it SHOULD NOT be used for new applications. +Note that only DER-encoded PKCS#12 files are supported, even though PKCS#12 +allows BER encoding. This is because encoding/asn1 only supports DER. + This package is forked from `golang.org/x/crypto/pkcs12`, which is frozen. The implementation is distilled from https://tools.ietf.org/html/rfc7292 and referenced documents. -This repository holds supplementary Go cryptography libraries. - ## Import Path Note that although the source code and issue tracker for this package are hosted @@ -25,11 +30,6 @@ on GitHub, the import path is: Please be sure to use this path when you `go get` and `import` this package. -## Download/Install - -The easiest way to install is to run `go get -u software.sslmate.com/src/go-pkcs12`. You -can also manually git clone the repository to `$GOPATH/src/software.sslmate.com/src/go-pkcs12`. - ## Report Issues / Send Patches Open an issue or PR at https://github.com/SSLMate/go-pkcs12 diff --git a/vendor/github.com/bitrise-io/pkcs12/bmp-string.go b/vendor/github.com/bitrise-io/go-pkcs12/bmp-string.go similarity index 77% rename from vendor/github.com/bitrise-io/pkcs12/bmp-string.go rename to vendor/github.com/bitrise-io/go-pkcs12/bmp-string.go index 233b8b6..2bfbf2e 100644 --- a/vendor/github.com/bitrise-io/pkcs12/bmp-string.go +++ b/vendor/github.com/bitrise-io/go-pkcs12/bmp-string.go @@ -9,14 +9,27 @@ import ( "unicode/utf16" ) -// bmpString returns s encoded in UCS-2 with a zero terminator. +// bmpStringZeroTerminated returns s encoded in UCS-2 with a zero terminator. +func bmpStringZeroTerminated(s string) ([]byte, error) { + // References: + // https://tools.ietf.org/html/rfc7292#appendix-B.1 + // The above RFC provides the info that BMPStrings are NULL terminated. + + ret, err := bmpString(s) + if err != nil { + return nil, err + } + + return append(ret, 0, 0), nil +} + +// bmpString returns s encoded in UCS-2 func bmpString(s string) ([]byte, error) { // References: // https://tools.ietf.org/html/rfc7292#appendix-B.1 // https://en.wikipedia.org/wiki/Plane_(Unicode)#Basic_Multilingual_Plane // - non-BMP characters are encoded in UTF 16 by using a surrogate pair of 16-bit codes // EncodeRune returns 0xfffd if the rune does not need special encoding - // - the above RFC provides the info that BMPStrings are NULL terminated. ret := make([]byte, 0, 2*len(s)+2) @@ -27,7 +40,7 @@ func bmpString(s string) ([]byte, error) { ret = append(ret, byte(r/256), byte(r%256)) } - return append(ret, 0, 0), nil + return ret, nil } func decodeBMPString(bmpString []byte) (string, error) { diff --git a/vendor/github.com/bitrise-io/pkcs12/crypto.go b/vendor/github.com/bitrise-io/go-pkcs12/crypto.go similarity index 60% rename from vendor/github.com/bitrise-io/pkcs12/crypto.go rename to vendor/github.com/bitrise-io/go-pkcs12/crypto.go index 1709b51..e948ff5 100644 --- a/vendor/github.com/bitrise-io/pkcs12/crypto.go +++ b/vendor/github.com/bitrise-io/go-pkcs12/crypto.go @@ -7,18 +7,28 @@ package pkcs12 import ( "bytes" + "crypto/aes" "crypto/cipher" "crypto/des" + "crypto/sha1" + "crypto/sha256" "crypto/x509/pkix" "encoding/asn1" "errors" + "hash" - "github.com/bitrise-io/pkcs12/internal/rc2" + "golang.org/x/crypto/pbkdf2" + "github.com/bitrise-io/go-pkcs12/internal/rc2" ) var ( oidPBEWithSHAAnd3KeyTripleDESCBC = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 1, 12, 1, 3}) oidPBEWithSHAAnd40BitRC2CBC = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 1, 12, 1, 6}) + oidPBES2 = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 1, 5, 13}) + oidPBKDF2 = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 1, 5, 12}) + oidHmacWithSHA1 = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 2, 7}) + oidHmacWithSHA256 = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 2, 9}) + oidAES256CBC = asn1.ObjectIdentifier([]int{2, 16, 840, 1, 101, 3, 4, 1, 42}) ) // pbeCipher is an abstraction of a PKCS#12 cipher. @@ -72,6 +82,17 @@ func pbeCipherFor(algorithm pkix.AlgorithmIdentifier, password []byte) (cipher.B cipherType = shaWithTripleDESCBC{} case algorithm.Algorithm.Equal(oidPBEWithSHAAnd40BitRC2CBC): cipherType = shaWith40BitRC2CBC{} + case algorithm.Algorithm.Equal(oidPBES2): + // rfc7292#appendix-B.1 (the original PKCS#12 PBE) requires passwords formatted as BMPStrings. + // However, rfc8018#section-3 recommends that the password for PBES2 follow ASCII or UTF-8. + // This is also what Windows expects. + // Therefore, we convert the password to UTF-8. + originalPassword, err := decodeBMPString(password) + if err != nil { + return nil, nil, err + } + utf8Password := []byte(originalPassword) + return pbes2CipherFor(algorithm, utf8Password) default: return nil, nil, NotImplementedError("algorithm " + algorithm.Algorithm.String() + " is not supported") } @@ -134,6 +155,77 @@ func pbDecrypt(info decryptable, password []byte) (decrypted []byte, err error) return } +// PBES2-params ::= SEQUENCE { +// keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, +// encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} +// } +type pbes2Params struct { + Kdf pkix.AlgorithmIdentifier + EncryptionScheme pkix.AlgorithmIdentifier +} + +// PBKDF2-params ::= SEQUENCE { +// salt CHOICE { +// specified OCTET STRING, +// otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}} +// }, +// iterationCount INTEGER (1..MAX), +// keyLength INTEGER (1..MAX) OPTIONAL, +// prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT +// algid-hmacWithSHA1 +// } +type pbkdf2Params struct { + Salt asn1.RawValue + Iterations int + KeyLength int `asn1:"optional"` + Prf pkix.AlgorithmIdentifier +} + +func pbes2CipherFor(algorithm pkix.AlgorithmIdentifier, password []byte) (cipher.Block, []byte, error) { + var params pbes2Params + if err := unmarshal(algorithm.Parameters.FullBytes, ¶ms); err != nil { + return nil, nil, err + } + + if !params.Kdf.Algorithm.Equal(oidPBKDF2) { + return nil, nil, NotImplementedError("kdf algorithm " + params.Kdf.Algorithm.String() + " is not supported") + } + + var kdfParams pbkdf2Params + if err := unmarshal(params.Kdf.Parameters.FullBytes, &kdfParams); err != nil { + return nil, nil, err + } + if kdfParams.Salt.Tag != asn1.TagOctetString { + return nil, nil, errors.New("pkcs12: only octet string salts are supported for pbkdf2") + } + + var prf func() hash.Hash + switch { + case kdfParams.Prf.Algorithm.Equal(oidHmacWithSHA256): + prf = sha256.New + case kdfParams.Prf.Algorithm.Equal(oidHmacWithSHA1): + prf = sha1.New + case kdfParams.Prf.Algorithm.Equal(asn1.ObjectIdentifier([]int{})): + prf = sha1.New + } + + key := pbkdf2.Key(password, kdfParams.Salt.Bytes, kdfParams.Iterations, 32, prf) + iv := params.EncryptionScheme.Parameters.Bytes + + var block cipher.Block + switch { + case params.EncryptionScheme.Algorithm.Equal(oidAES256CBC): + b, err := aes.NewCipher(key) + if err != nil { + return nil, nil, err + } + block = b + default: + return nil, nil, NotImplementedError("pbes2 algorithm " + params.EncryptionScheme.Algorithm.String() + " is not supported") + } + return block, iv, nil +} + // decryptable abstracts an object that contains ciphertext. type decryptable interface { Algorithm() pkix.AlgorithmIdentifier diff --git a/vendor/github.com/bitrise-io/pkcs12/errors.go b/vendor/github.com/bitrise-io/go-pkcs12/errors.go similarity index 100% rename from vendor/github.com/bitrise-io/pkcs12/errors.go rename to vendor/github.com/bitrise-io/go-pkcs12/errors.go diff --git a/vendor/github.com/bitrise-io/pkcs12/internal/rc2/rc2.go b/vendor/github.com/bitrise-io/go-pkcs12/internal/rc2/rc2.go similarity index 100% rename from vendor/github.com/bitrise-io/pkcs12/internal/rc2/rc2.go rename to vendor/github.com/bitrise-io/go-pkcs12/internal/rc2/rc2.go diff --git a/vendor/github.com/bitrise-io/pkcs12/mac.go b/vendor/github.com/bitrise-io/go-pkcs12/mac.go similarity index 70% rename from vendor/github.com/bitrise-io/pkcs12/mac.go rename to vendor/github.com/bitrise-io/go-pkcs12/mac.go index b7b05de..b8a3439 100644 --- a/vendor/github.com/bitrise-io/pkcs12/mac.go +++ b/vendor/github.com/bitrise-io/go-pkcs12/mac.go @@ -8,8 +8,10 @@ package pkcs12 import ( "crypto/hmac" "crypto/sha1" + "crypto/sha256" "crypto/x509/pkix" "encoding/asn1" + "hash" ) type macData struct { @@ -25,17 +27,25 @@ type digestInfo struct { } var ( - oidSHA1 = asn1.ObjectIdentifier([]int{1, 3, 14, 3, 2, 26}) + oidSHA1 = asn1.ObjectIdentifier([]int{1, 3, 14, 3, 2, 26}) + oidSHA256 = asn1.ObjectIdentifier([]int{2, 16, 840, 1, 101, 3, 4, 2, 1}) ) func verifyMac(macData *macData, message, password []byte) error { - if !macData.Mac.Algorithm.Algorithm.Equal(oidSHA1) { + var hFn func() hash.Hash + var key []byte + switch { + case macData.Mac.Algorithm.Algorithm.Equal(oidSHA1): + hFn = sha1.New + key = pbkdf(sha1Sum, 20, 64, macData.MacSalt, password, macData.Iterations, 3, 20) + case macData.Mac.Algorithm.Algorithm.Equal(oidSHA256): + hFn = sha256.New + key = pbkdf(sha256Sum, 32, 64, macData.MacSalt, password, macData.Iterations, 3, 32) + default: return NotImplementedError("unknown digest algorithm: " + macData.Mac.Algorithm.Algorithm.String()) } - key := pbkdf(sha1Sum, 20, 64, macData.MacSalt, password, macData.Iterations, 3, 20) - - mac := hmac.New(sha1.New, key) + mac := hmac.New(hFn, key) mac.Write(message) expectedMAC := mac.Sum(nil) diff --git a/vendor/github.com/bitrise-io/pkcs12/pbkdf.go b/vendor/github.com/bitrise-io/go-pkcs12/pbkdf.go similarity index 96% rename from vendor/github.com/bitrise-io/pkcs12/pbkdf.go rename to vendor/github.com/bitrise-io/go-pkcs12/pbkdf.go index 5c419d4..e6e0c62 100644 --- a/vendor/github.com/bitrise-io/pkcs12/pbkdf.go +++ b/vendor/github.com/bitrise-io/go-pkcs12/pbkdf.go @@ -7,6 +7,7 @@ package pkcs12 import ( "bytes" "crypto/sha1" + "crypto/sha256" "math/big" ) @@ -20,6 +21,12 @@ func sha1Sum(in []byte) []byte { return sum[:] } +// sha256Sum returns the SHA-256 hash of in. +func sha256Sum(in []byte) []byte { + sum := sha256.Sum256(in) + return sum[:] +} + // fillWithRepeats returns v*ceiling(len(pattern) / v) bytes consisting of // repeats of pattern. func fillWithRepeats(pattern []byte, v int) []byte { @@ -102,7 +109,7 @@ func pbkdf(hash func([]byte) []byte, u, v int, salt, password []byte, r int, ID c := (size + u - 1) / u // 6. For i=1, 2, ..., c, do the following: - A := make([]byte, c*20) + A := make([]byte, c*u) var IjBuf []byte for i := 0; i < c; i++ { // A. Set A2=H^r(D||I). (i.e., the r-th hash of D||1, @@ -111,7 +118,7 @@ func pbkdf(hash func([]byte) []byte, u, v int, salt, password []byte, r int, ID for j := 1; j < r; j++ { Ai = hash(Ai) } - copy(A[i*20:], Ai[:]) + copy(A[i*u:], Ai[:]) if i < c-1 { // skip on last iteration // B. Concatenate copies of Ai to create a string B of length v diff --git a/vendor/github.com/bitrise-io/pkcs12/pkcs12.go b/vendor/github.com/bitrise-io/go-pkcs12/pkcs12.go similarity index 60% rename from vendor/github.com/bitrise-io/pkcs12/pkcs12.go rename to vendor/github.com/bitrise-io/go-pkcs12/pkcs12.go index c257a3e..f2f2d8d 100644 --- a/vendor/github.com/bitrise-io/pkcs12/pkcs12.go +++ b/vendor/github.com/bitrise-io/go-pkcs12/pkcs12.go @@ -4,15 +4,18 @@ // license that can be found in the LICENSE file. // Package pkcs12 implements some of PKCS#12 (also known as P12 or PFX). -// It is intended for decoding P12/PFX files for use with the crypto/tls +// It is intended for decoding DER-encoded P12/PFX files for use with the crypto/tls // package, and for encoding P12/PFX files for use by legacy applications which // do not support newer formats. Since PKCS#12 uses weak encryption // primitives, it SHOULD NOT be used for new applications. // +// Note that only DER-encoded PKCS#12 files are supported, even though PKCS#12 +// allows BER encoding. This is because encoding/asn1 only supports DER. +// // This package is forked from golang.org/x/crypto/pkcs12, which is frozen. // The implementation is distilled from https://tools.ietf.org/html/rfc7292 // and referenced documents. -package pkcs12 +package pkcs12 // import "software.sslmate.com/src/go-pkcs12" import ( "crypto/ecdsa" @@ -24,6 +27,7 @@ import ( "encoding/hex" "encoding/pem" "errors" + "fmt" "io" ) @@ -40,6 +44,9 @@ var ( oidFriendlyName = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 1, 9, 20}) oidLocalKeyID = asn1.ObjectIdentifier([]int{1, 2, 840, 113549, 1, 9, 21}) oidMicrosoftCSPName = asn1.ObjectIdentifier([]int{1, 3, 6, 1, 4, 1, 311, 17, 1}) + + oidJavaTrustStore = asn1.ObjectIdentifier([]int{2, 16, 840, 1, 113894, 746875, 1, 1}) + oidAnyExtendedKeyUsage = asn1.ObjectIdentifier([]int{2, 5, 29, 37, 0}) ) type pfxPdu struct { @@ -78,6 +85,15 @@ type safeBag struct { Attributes []pkcs12Attribute `asn1:"set,optional"` } +func (bag *safeBag) hasAttribute(id asn1.ObjectIdentifier) bool { + for _, attr := range bag.Attributes { + if attr.Id.Equal(id) { + return true + } + } + return false +} + type pkcs12Attribute struct { Id asn1.ObjectIdentifier Value asn1.RawValue `asn1:"set"` @@ -120,17 +136,18 @@ func unmarshal(in []byte, out interface{}) error { } // ToPEM converts all "safe bags" contained in pfxData to PEM blocks. -// DO NOT USE THIS FUNCTION. ToPEM creates invalid PEM blocks; private keys +// +// Deprecated: ToPEM creates invalid PEM blocks (private keys // are encoded as raw RSA or EC private keys rather than PKCS#8 despite being -// labeled "PRIVATE KEY". To decode a PKCS#12 file, use DecodeChain instead, -// and use the encoding/pem package to convert to PEM if necessary. +// labeled "PRIVATE KEY"). To decode a PKCS#12 file, use [DecodeChain] instead, +// and use the [encoding/pem] package to convert to PEM if necessary. func ToPEM(pfxData []byte, password string) ([]*pem.Block, error) { - encodedPassword, err := bmpString(password) + encodedPassword, err := bmpStringZeroTerminated(password) if err != nil { return nil, ErrIncorrectPassword } - bags, encodedPassword, err := getSafeContents(pfxData, encodedPassword) + bags, encodedPassword, err := getSafeContents(pfxData, encodedPassword, 2) if err != nil { return nil, err @@ -229,10 +246,10 @@ func convertAttribute(attribute *pkcs12Attribute) (key, value string, err error) return key, value, nil } -// Decode extracts a certificate and private key from pfxData. This function +// Decode extracts a certificate and private key from pfxData, which must be a DER-encoded PKCS#12 file. This function // assumes that there is only one certificate and only one private key in the // pfxData. Since PKCS#12 files often contain more than one certificate, you -// probably want to use DecodeChain instead. +// probably want to use [DecodeChain] or [DecodeAll] instead. func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error) { var caCerts []*x509.Certificate privateKey, certificate, caCerts, err = DecodeChain(pfxData, password) @@ -243,51 +260,76 @@ func Decode(pfxData []byte, password string) (privateKey interface{}, certificat } // DecodeChain extracts a certificate, a CA certificate chain, and private key -// from pfxData. This function assumes that there is at least one certificate +// from pfxData, which must be a DER-encoded PKCS#12 file. This function assumes that there is at least one certificate // and only one private key in the pfxData. The first certificate is assumed to // be the leaf certificate, and subsequent certificates, if any, are assumed to // comprise the CA certificate chain. func DecodeChain(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, caCerts []*x509.Certificate, err error) { - certificates, privateKeys, err := DecodeAll(pfxData, password) + encodedPassword, err := bmpStringZeroTerminated(password) if err != nil { return nil, nil, nil, err } - if len(certificates) == 0 { - return nil, nil, nil, errors.New("pkcs12: certificate missing") + bags, encodedPassword, err := getSafeContents(pfxData, encodedPassword, 2) + if err != nil { + return nil, nil, nil, err } - certificate = certificates[0] - if len(certificates) > 1 { - caCerts = certificates[1:] + for _, bag := range bags { + switch { + case bag.Id.Equal(oidCertBag): + certsData, err := decodeCertBag(bag.Value.Bytes) + if err != nil { + return nil, nil, nil, err + } + certs, err := x509.ParseCertificates(certsData) + if err != nil { + return nil, nil, nil, err + } + if len(certs) != 1 { + err = errors.New("pkcs12: expected exactly one certificate in the certBag") + return nil, nil, nil, err + } + if certificate == nil { + certificate = certs[0] + } else { + caCerts = append(caCerts, certs[0]) + } + + case bag.Id.Equal(oidPKCS8ShroundedKeyBag): + if privateKey != nil { + err = errors.New("pkcs12: expected exactly one key bag") + return nil, nil, nil, err + } + + if privateKey, err = decodePkcs8ShroudedKeyBag(bag.Value.Bytes, encodedPassword); err != nil { + return nil, nil, nil, err + } + } } - if len(privateKeys) == 0 { - return nil, nil, nil, errors.New("pkcs12: private key missing") + if certificate == nil { + return nil, nil, nil, errors.New("pkcs12: certificate missing") } - if len(privateKeys) > 1 { - return nil, nil, nil, errors.New("pkcs12: expected exactly one key bag") + if privateKey == nil { + return nil, nil, nil, errors.New("pkcs12: private key missing") } - privateKey = privateKeys[0] - return } -// DecodeAll extracts all certificates and private keys from pfxData. -func DecodeAll(pfxData []byte, password string) ([]*x509.Certificate, []interface{}, error) { - encodedPassword, err := bmpString(password) +// DecodeAll extracts all certificates and private keys from pfxData. This behaves the same as [Decode], but can be used with +// PKCS#12 files containing multiple (unrelated) certificates. +func DecodeAll(pfxData []byte, password string) (privateKeys []interface{}, certificates []*x509.Certificate, err error) { + encodedPassword, err := bmpStringZeroTerminated(password) if err != nil { return nil, nil, err } - bags, encodedPassword, err := getSafeContents(pfxData, encodedPassword) + bags, encodedPassword, err := getSafeContents(pfxData, encodedPassword, 2) if err != nil { return nil, nil, err } - - var certificates []*x509.Certificate - var privateKeys []interface{} for _, bag := range bags { switch { case bag.Id.Equal(oidCertBag): @@ -314,10 +356,54 @@ func DecodeAll(pfxData []byte, password string) ([]*x509.Certificate, []interfac } } - return certificates, privateKeys, nil + return +} + +// DecodeTrustStore extracts the certificates from pfxData, which must be a DER-encoded +// PKCS#12 file containing exclusively certificates with attribute 2.16.840.1.113894.746875.1.1, +// which is used by Java to designate a trust anchor. +func DecodeTrustStore(pfxData []byte, password string) (certs []*x509.Certificate, err error) { + encodedPassword, err := bmpStringZeroTerminated(password) + if err != nil { + return nil, err + } + + bags, encodedPassword, err := getSafeContents(pfxData, encodedPassword, 1) + if err != nil { + return nil, err + } + + for _, bag := range bags { + switch { + case bag.Id.Equal(oidCertBag): + if !bag.hasAttribute(oidJavaTrustStore) { + return nil, errors.New("pkcs12: trust store contains a certificate that is not marked as trusted") + } + certsData, err := decodeCertBag(bag.Value.Bytes) + if err != nil { + return nil, err + } + parsedCerts, err := x509.ParseCertificates(certsData) + if err != nil { + return nil, err + } + + if len(parsedCerts) != 1 { + err = errors.New("pkcs12: expected exactly one certificate in the certBag") + return nil, err + } + + certs = append(certs, parsedCerts[0]) + + default: + return nil, errors.New("pkcs12: expected only certificate bags") + } + } + + return } -func getSafeContents(p12Data, password []byte) (bags []safeBag, updatedPassword []byte, err error) { +func getSafeContents(p12Data, password []byte, expectedItems int) (bags []safeBag, updatedPassword []byte, err error) { pfx := new(pfxPdu) if err := unmarshal(p12Data, pfx); err != nil { return nil, nil, errors.New("pkcs12: error reading P12 data: " + err.Error()) @@ -337,10 +423,10 @@ func getSafeContents(p12Data, password []byte) (bags []safeBag, updatedPassword } if len(pfx.MacData.Mac.Algorithm.Algorithm) == 0 { - return nil, nil, errors.New("pkcs12: no MAC in data") - } - - if err := verifyMac(&pfx.MacData, pfx.AuthSafe.Content.Bytes, password); err != nil { + if !(len(password) == 2 && password[0] == 0 && password[1] == 0) { + return nil, nil, errors.New("pkcs12: no MAC in data") + } + } else if err := verifyMac(&pfx.MacData, pfx.AuthSafe.Content.Bytes, password); err != nil { if err == ErrIncorrectPassword && len(password) == 2 && password[0] == 0 && password[1] == 0 { // some implementations use an empty byte array // for the empty string password try one more @@ -358,8 +444,8 @@ func getSafeContents(p12Data, password []byte) (bags []safeBag, updatedPassword return nil, nil, err } - if len(authenticatedSafe) != 2 { - return nil, nil, NotImplementedError("expected exactly two items in the authenticated safe") + if len(authenticatedSafe) != expectedItems { + return nil, nil, NotImplementedError(fmt.Sprintf("expected exactly %d items in the authenticated safe", expectedItems)) } for _, ci := range authenticatedSafe { @@ -401,11 +487,11 @@ func getSafeContents(p12Data, password []byte) (bags []safeBag, updatedPassword // // The private key is encrypted with the provided password, but due to the // weak encryption primitives used by PKCS#12, it is RECOMMENDED that you -// specify a hard-coded password (such as pkcs12.DefaultPassword) and protect +// specify a hard-coded password (such as [DefaultPassword]) and protect // the resulting pfxData using other means. // // The rand argument is used to provide entropy for the encryption, and -// can be set to rand.Reader from the crypto/rand package. +// can be set to [crypto/rand.Reader]. // // Encode emulates the behavior of OpenSSL's PKCS12_create: it creates two // SafeContents: one that's encrypted with RC2 and contains the certificates, @@ -414,7 +500,7 @@ func getSafeContents(p12Data, password []byte) (bags []safeBag, updatedPassword // LocalKeyId attribute set to the SHA-1 fingerprint of the end-entity // certificate. func Encode(rand io.Reader, privateKey interface{}, certificate *x509.Certificate, caCerts []*x509.Certificate, password string) (pfxData []byte, err error) { - encodedPassword, err := bmpString(password) + encodedPassword, err := bmpStringZeroTerminated(password) if err != nil { return nil, err } @@ -497,6 +583,163 @@ func Encode(rand io.Reader, privateKey interface{}, certificate *x509.Certificat return } +// EncodeTrustStore produces pfxData containing any number of CA certificates +// (certs) to be trusted. The certificates will be marked with a special OID that +// allow it to be used as a Java TrustStore in Java 1.8 and newer. +// +// Due to the weak encryption primitives used by PKCS#12, it is RECOMMENDED that +// you specify a hard-coded password (such as [DefaultPassword]) and protect +// the resulting pfxData using other means. +// +// The rand argument is used to provide entropy for the encryption, and +// can be set to [crypto/rand.Reader]. +// +// EncodeTrustStore creates a single SafeContents that's encrypted with RC2 +// and contains the certificates. +// +// The Subject of the certificates are used as the Friendly Names (Aliases) +// within the resulting pfxData. If certificates share a Subject, then the +// resulting Friendly Names (Aliases) will be identical, which Java may treat as +// the same entry when used as a Java TrustStore, e.g. with `keytool`. To +// customize the Friendly Names, use [EncodeTrustStoreEntries]. +func EncodeTrustStore(rand io.Reader, certs []*x509.Certificate, password string) (pfxData []byte, err error) { + var certsWithFriendlyNames []TrustStoreEntry + for _, cert := range certs { + certsWithFriendlyNames = append(certsWithFriendlyNames, TrustStoreEntry{ + Cert: cert, + FriendlyName: cert.Subject.String(), + }) + } + return EncodeTrustStoreEntries(rand, certsWithFriendlyNames, password) +} + +// TrustStoreEntry represents an entry in a Java TrustStore. +type TrustStoreEntry struct { + Cert *x509.Certificate + FriendlyName string +} + +// EncodeTrustStoreEntries produces pfxData containing any number of CA +// certificates (entries) to be trusted. The certificates will be marked with a +// special OID that allow it to be used as a Java TrustStore in Java 1.8 and newer. +// +// This is identical to [EncodeTrustStore], but also allows for setting specific +// Friendly Names (Aliases) to be used per certificate, by specifying a slice +// of TrustStoreEntry. +// +// If the same Friendly Name is used for more than one certificate, then the +// resulting Friendly Names (Aliases) in the pfxData will be identical, which Java +// may treat as the same entry when used as a Java TrustStore, e.g. with `keytool`. +// +// Due to the weak encryption primitives used by PKCS#12, it is RECOMMENDED that +// you specify a hard-coded password (such as [DefaultPassword]) and protect +// the resulting pfxData using other means. +// +// The rand argument is used to provide entropy for the encryption, and +// can be set to [crypto/rand.Reader]. +// +// EncodeTrustStoreEntries creates a single SafeContents that's encrypted +// with RC2 and contains the certificates. +func EncodeTrustStoreEntries(rand io.Reader, entries []TrustStoreEntry, password string) (pfxData []byte, err error) { + encodedPassword, err := bmpStringZeroTerminated(password) + if err != nil { + return nil, err + } + + var pfx pfxPdu + pfx.Version = 3 + + var certAttributes []pkcs12Attribute + + extKeyUsageOidBytes, err := asn1.Marshal(oidAnyExtendedKeyUsage) + if err != nil { + return nil, err + } + + // the oidJavaTrustStore attribute contains the EKUs for which + // this trust anchor will be valid + certAttributes = append(certAttributes, pkcs12Attribute{ + Id: oidJavaTrustStore, + Value: asn1.RawValue{ + Class: 0, + Tag: 17, + IsCompound: true, + Bytes: extKeyUsageOidBytes, + }, + }) + + var certBags []safeBag + for _, entry := range entries { + + bmpFriendlyName, err := bmpString(entry.FriendlyName) + if err != nil { + return nil, err + } + + encodedFriendlyName, err := asn1.Marshal(asn1.RawValue{ + Class: 0, + Tag: 30, + IsCompound: false, + Bytes: bmpFriendlyName, + }) + if err != nil { + return nil, err + } + + friendlyName := pkcs12Attribute{ + Id: oidFriendlyName, + Value: asn1.RawValue{ + Class: 0, + Tag: 17, + IsCompound: true, + Bytes: encodedFriendlyName, + }, + } + + certBag, err := makeCertBag(entry.Cert.Raw, append(certAttributes, friendlyName)) + if err != nil { + return nil, err + } + certBags = append(certBags, *certBag) + } + + // Construct an authenticated safe with one SafeContent. + // The SafeContents is encrypted and contains the cert bags. + var authenticatedSafe [1]contentInfo + if authenticatedSafe[0], err = makeSafeContents(rand, certBags, encodedPassword); err != nil { + return nil, err + } + + var authenticatedSafeBytes []byte + if authenticatedSafeBytes, err = asn1.Marshal(authenticatedSafe[:]); err != nil { + return nil, err + } + + // compute the MAC + pfx.MacData.Mac.Algorithm.Algorithm = oidSHA1 + pfx.MacData.MacSalt = make([]byte, 8) + if _, err = rand.Read(pfx.MacData.MacSalt); err != nil { + return nil, err + } + pfx.MacData.Iterations = 1 + if err = computeMac(&pfx.MacData, authenticatedSafeBytes, encodedPassword); err != nil { + return nil, err + } + + pfx.AuthSafe.ContentType = oidDataContentType + pfx.AuthSafe.Content.Class = 2 + pfx.AuthSafe.Content.Tag = 0 + pfx.AuthSafe.Content.IsCompound = true + if pfx.AuthSafe.Content.Bytes, err = asn1.Marshal(authenticatedSafeBytes); err != nil { + return nil, err + } + + if pfxData, err = asn1.Marshal(pfx); err != nil { + return nil, errors.New("pkcs12: error writing P12 data: " + err.Error()) + } + return +} + func makeCertBag(certBytes []byte, attributes []pkcs12Attribute) (certBag *safeBag, err error) { certBag = new(safeBag) certBag.Id = oidCertBag diff --git a/vendor/github.com/bitrise-io/pkcs12/safebags.go b/vendor/github.com/bitrise-io/go-pkcs12/safebags.go similarity index 100% rename from vendor/github.com/bitrise-io/pkcs12/safebags.go rename to vendor/github.com/bitrise-io/go-pkcs12/safebags.go diff --git a/vendor/github.com/bitrise-io/go-xcode/certificateutil/info_model.go b/vendor/github.com/bitrise-io/go-xcode/certificateutil/info_model.go index 226b63f..0a0a834 100644 --- a/vendor/github.com/bitrise-io/go-xcode/certificateutil/info_model.go +++ b/vendor/github.com/bitrise-io/go-xcode/certificateutil/info_model.go @@ -8,7 +8,7 @@ import ( "strings" "time" - "github.com/bitrise-io/pkcs12" + "github.com/bitrise-io/go-pkcs12" ) // CertificateInfoModel ... diff --git a/vendor/github.com/bitrise-io/go-xcode/certificateutil/util.go b/vendor/github.com/bitrise-io/go-xcode/certificateutil/util.go index e53e734..bde9969 100644 --- a/vendor/github.com/bitrise-io/go-xcode/certificateutil/util.go +++ b/vendor/github.com/bitrise-io/go-xcode/certificateutil/util.go @@ -10,7 +10,7 @@ import ( "github.com/bitrise-io/go-utils/command" "github.com/bitrise-io/go-utils/fileutil" - "github.com/bitrise-io/pkcs12" + "github.com/bitrise-io/go-pkcs12" "github.com/pkg/errors" ) @@ -21,7 +21,7 @@ func commandError(printableCmd string, cmdOut string, cmdErr error) error { // CertificatesFromPKCS12Content returns an array of CertificateInfoModel // Used to parse p12 file containing multiple codesign identities (exported from macOS Keychain) func CertificatesFromPKCS12Content(content []byte, password string) ([]CertificateInfoModel, error) { - certificates, privateKeys, err := pkcs12.DecodeAll(content, password) + privateKeys, certificates, err := pkcs12.DecodeAll(content, password) if err != nil { return nil, err } diff --git a/vendor/github.com/bitrise-io/go-xcode/devportalservice/devportalservice.go b/vendor/github.com/bitrise-io/go-xcode/devportalservice/devportalservice.go index a4702b5..ccab44a 100644 --- a/vendor/github.com/bitrise-io/go-xcode/devportalservice/devportalservice.go +++ b/vendor/github.com/bitrise-io/go-xcode/devportalservice/devportalservice.go @@ -166,18 +166,6 @@ type APIKeyConnection struct { PrivateKey string `json:"private_key"` } -// TestDevice ... -type TestDevice struct { - ID int `json:"id"` - UserID int `json:"user_id"` - // DeviceID is the Apple device UDID - DeviceID string `json:"device_identifier"` - Title string `json:"title"` - CreatedAt time.Time `json:"created_at"` - UpdatedAt time.Time `json:"updated_at"` - DeviceType string `json:"device_type"` -} - // IsEqualUDID compares two UDIDs (stored in the DeviceID field of TestDevice) func IsEqualUDID(UDID string, otherUDID string) bool { return normalizeDeviceUDID(UDID) == normalizeDeviceUDID(otherUDID) diff --git a/vendor/github.com/bitrise-io/go-xcode/devportalservice/testdevice.go b/vendor/github.com/bitrise-io/go-xcode/devportalservice/testdevice.go new file mode 100644 index 0000000..9300c91 --- /dev/null +++ b/vendor/github.com/bitrise-io/go-xcode/devportalservice/testdevice.go @@ -0,0 +1,51 @@ +package devportalservice + +import ( + "fmt" + "os" + "strings" + "time" + + "github.com/bitrise-io/go-utils/pathutil" +) + +// TestDevice ... +type TestDevice struct { + ID int `json:"id"` + UserID int `json:"user_id"` + // DeviceID is the Apple device UDID + DeviceID string `json:"device_identifier"` + Title string `json:"title"` + CreatedAt time.Time `json:"created_at"` + UpdatedAt time.Time `json:"updated_at"` + DeviceType string `json:"device_type"` +} + +// ParseTestDevicesFromFile ... +func ParseTestDevicesFromFile(path string, currentTime time.Time) ([]TestDevice, error) { + absPath, err := pathutil.AbsPath(path) + if err != nil { + return []TestDevice{}, err + } + + bytes, err := os.ReadFile(absPath) + if err != nil { + return []TestDevice{}, err + } + + fileContent := strings.TrimSpace(string(bytes)) + identifiers := strings.Split(fileContent, ",") + + var testDevices []TestDevice + for i, identifier := range identifiers { + testDevices = append(testDevices, TestDevice{ + DeviceID: identifier, + Title: fmt.Sprintf("Device %d", i+1), + CreatedAt: currentTime, + UpdatedAt: currentTime, + DeviceType: "unknown", + }) + } + + return testDevices, nil +} diff --git a/vendor/github.com/bitrise-io/go-xcode/profileutil/info_model.go b/vendor/github.com/bitrise-io/go-xcode/profileutil/info_model.go index 47149d0..22c4758 100644 --- a/vendor/github.com/bitrise-io/go-xcode/profileutil/info_model.go +++ b/vendor/github.com/bitrise-io/go-xcode/profileutil/info_model.go @@ -33,6 +33,19 @@ type ProvisioningProfileInfoModel struct { Type ProfileType } +func collectCapabilitesPrintableInfo(entitlements plistutil.PlistData) map[string]interface{} { + capabilities := map[string]interface{}{} + + for key, value := range entitlements { + if KnownProfileCapabilitiesMap[ProfileTypeIos][key] || + KnownProfileCapabilitiesMap[ProfileTypeMacOs][key] { + capabilities[key] = value + } + } + + return capabilities +} + // PrintableProvisioningProfileInfo ... func (info ProvisioningProfileInfoModel) String(installedCertificates ...certificateutil.CertificateInfoModel) string { printable := map[string]interface{}{} @@ -40,8 +53,11 @@ func (info ProvisioningProfileInfoModel) String(installedCertificates ...certifi printable["export_type"] = string(info.ExportType) printable["team"] = fmt.Sprintf("%s (%s)", info.TeamName, info.TeamID) printable["bundle_id"] = info.BundleID - printable["expire"] = info.ExpirationDate.String() + printable["expiry"] = info.ExpirationDate.String() printable["is_xcode_managed"] = info.IsXcodeManaged() + + printable["capabilities"] = collectCapabilitesPrintableInfo(info.Entitlements) + if info.ProvisionedDevices != nil { printable["devices"] = info.ProvisionedDevices } @@ -60,6 +76,7 @@ func (info ProvisioningProfileInfoModel) String(installedCertificates ...certifi if installedCertificates != nil && !info.HasInstalledCertificate(installedCertificates) { errors = append(errors, "none of the profile's certificates are installed") } + if err := info.CheckValidity(); err != nil { errors = append(errors, err.Error()) } diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodebuild/build.go b/vendor/github.com/bitrise-io/go-xcode/xcodebuild/build.go index 166b7e1..5f9d3b0 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodebuild/build.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodebuild/build.go @@ -11,6 +11,8 @@ import ( const ( // XCWorkspaceExtension ... XCWorkspaceExtension = ".xcworkspace" + // XCProjExtension ... + XCProjExtension = ".xcodeproj" ) /* diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodebuild/show_build_settings.go b/vendor/github.com/bitrise-io/go-xcode/xcodebuild/show_build_settings.go index b548ffc..71b6d7b 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodebuild/show_build_settings.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodebuild/show_build_settings.go @@ -2,7 +2,9 @@ package xcodebuild import ( "bufio" + "bytes" "fmt" + "io" "path/filepath" "strings" @@ -97,21 +99,35 @@ func (c ShowBuildSettingsCommandModel) PrintableCmd() string { func parseBuildSettings(out string) (serialized.Object, error) { settings := serialized.Object{} - scanner := bufio.NewScanner(strings.NewReader(out)) - for scanner.Scan() { - line := strings.TrimSpace(scanner.Text()) + reader := bufio.NewReader(strings.NewReader(out)) + var buffer bytes.Buffer - if split := strings.Split(line, "="); len(split) > 1 { - key := strings.TrimSpace(split[0]) - value := strings.TrimSpace(strings.Join(split[1:], "=")) - value = strings.Trim(value, `"`) + for { + b, isPrefix, err := reader.ReadLine() + if err == io.EOF { + break + } else if err != nil { + return nil, err + } + + lineFragment := string(b) + buffer.WriteString(lineFragment) + + // isPrefix is set to false once a full line has been read + if isPrefix == false { + line := strings.TrimSpace(buffer.String()) - settings[key] = value + if split := strings.Split(line, "="); len(split) > 1 { + key := strings.TrimSpace(split[0]) + value := strings.TrimSpace(strings.Join(split[1:], "=")) + value = strings.Trim(value, `"`) + + settings[key] = value + } + + buffer.Reset() } } - if err := scanner.Err(); err != nil { - return nil, err - } return settings, nil } diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodebuild/test.go b/vendor/github.com/bitrise-io/go-xcode/xcodebuild/test.go index 446933d..26f554e 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodebuild/test.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodebuild/test.go @@ -3,6 +3,7 @@ package xcodebuild import ( "os" "os/exec" + "path/filepath" "github.com/bitrise-io/go-utils/command" ) @@ -32,9 +33,9 @@ xcodebuild -workspace \ // TestCommandModel ... type TestCommandModel struct { projectPath string - isWorkspace bool scheme string destination string + workDir string // buildsetting generateCodeCoverage bool @@ -48,10 +49,9 @@ type TestCommandModel struct { } // NewTestCommand ... -func NewTestCommand(projectPath string, isWorkspace bool) *TestCommandModel { +func NewTestCommand(projectPath string) *TestCommandModel { return &TestCommandModel{ projectPath: projectPath, - isWorkspace: isWorkspace, } } @@ -61,6 +61,12 @@ func (c *TestCommandModel) SetScheme(scheme string) *TestCommandModel { return c } +// SetDir ... +func (c *TestCommandModel) SetDir(workDir string) *TestCommandModel { + c.workDir = workDir + return c +} + // SetDestination ... func (c *TestCommandModel) SetDestination(destination string) *TestCommandModel { c.destination = destination @@ -95,9 +101,9 @@ func (c *TestCommandModel) cmdSlice() []string { slice := []string{toolName} if c.projectPath != "" { - if c.isWorkspace { + if filepath.Ext(c.projectPath) == XCWorkspaceExtension { slice = append(slice, "-workspace", c.projectPath) - } else { + } else if filepath.Ext(c.projectPath) == XCProjExtension { slice = append(slice, "-project", c.projectPath) } } @@ -134,7 +140,9 @@ func (c TestCommandModel) PrintableCmd() string { // Command ... func (c TestCommandModel) Command() *command.Model { cmdSlice := c.cmdSlice() - return command.New(cmdSlice[0], cmdSlice[1:]...) + cmd := command.New(cmdSlice[0], cmdSlice[1:]...) + cmd.SetDir(c.workDir) + return cmd } // Cmd ... diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/serialized/serialized.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/serialized/serialized.go index ce329f2..c5f542d 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/serialized/serialized.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/serialized/serialized.go @@ -21,6 +21,21 @@ func (o Object) Value(key string) (interface{}, error) { return value, nil } +// Bool ... +func (o Object) Bool(key string) (bool, error) { + value, err := o.Value(key) + if err != nil { + return false, err + } + + casted, ok := value.(bool) + if !ok { + return false, NewTypeCastError(key, value, "bool") + } + + return casted, nil +} + // String ... func (o Object) String(key string) (string, error) { value, err := o.Value(key) diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/schemes.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/schemes.go new file mode 100644 index 0000000..8a64432 --- /dev/null +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/schemes.go @@ -0,0 +1,286 @@ +package xcodeproj + +import ( + "errors" + "fmt" + "os" + "os/user" + "path/filepath" + + "golang.org/x/text/unicode/norm" + + "github.com/bitrise-io/go-plist" + "github.com/bitrise-io/go-utils/log" + "github.com/bitrise-io/go-xcode/xcodeproject/serialized" + "github.com/bitrise-io/go-xcode/xcodeproject/xcscheme" +) + +// Schemes returns the schemes considered by Xcode, when opening the given project. +// The considered schemes are the project shared schemes and the project user schemes (for the current user). +// The default (shared scheme) is present in the user's xcschememanagement.plist, +// any schemes related change trigger generating all the schemes as xcscheme files. +// If no schemes are found, Xcode recreates the default schemes unless 'Autocreate schemes' option is disabled +// (in this case actions are disabled in Xcode, and 'No schemes' message appears). +func (p XcodeProj) Schemes() ([]xcscheme.Scheme, error) { + log.TDebugf("Searching schemes in project: %s", p.Path) + + schemes, err := p.visibleSchemes() + if err != nil { + return nil, err + } + + if len(schemes) == 0 { + isUserSchememanagementFileExist, err := p.isUserSchememanagementFileExist() + if err != nil { + return nil, err + } + + if isUserSchememanagementFileExist { + log.TDebugf("Default scheme found") + defaultSchemes := p.defaultSchemes() + return defaultSchemes, nil + } + + isAutocreateSchemesEnabled, err := p.isAutocreateSchemesEnabled() + if err != nil { + return nil, fmt.Errorf("failed to read the project autocreate scheme option: %w", err) + } + + if isAutocreateSchemesEnabled { + log.TDebugf("Autocreating the default scheme") + defaultSchemes := p.defaultSchemes() + return defaultSchemes, nil + } + + return nil, fmt.Errorf("no schemes found and the Xcode project's 'Autocreate schemes' option is disabled") + } + + log.TDebugf("%d scheme(s) found", len(schemes)) + return schemes, nil +} + +// SchemesWithAutocreateEnabled returns the schemes considered by Xcode, when opening the given project as part of a workspace. +// THIS SHOULD BE CALLED ONLY BY A WORKSPACE. If you want to get the schemes directly, please call XcodeProj.Schemes. +// +// SchemesWithAutocreateEnabled behaves similarly to XcodeProj.Schemes, +// the only difference is that the 'Autocreate schemes' option is coming from the workspace settings. +func (p XcodeProj) SchemesWithAutocreateEnabled(isAutocreateSchemesEnabled bool) ([]xcscheme.Scheme, error) { + log.TDebugf("Searching schemes in project: %s", p.Path) + + schemes, err := p.visibleSchemes() + if err != nil { + return nil, err + } + + if len(schemes) == 0 { + isUserSchememanagementFileExist, err := p.isUserSchememanagementFileExist() + if err != nil { + return nil, err + } + + if isUserSchememanagementFileExist { + log.TDebugf("Default scheme found") + defaultSchemes := p.defaultSchemes() + return defaultSchemes, nil + } + + if isAutocreateSchemesEnabled { + log.TDebugf("Autocreating the default scheme") + defaultSchemes := p.defaultSchemes() + return defaultSchemes, nil + } + + log.TDebugf("No schemes found") + + // It is perfectly fine if a project does not contain any accessible schemes at all. + // For example, the Pods.xcodeproj file generated by a newer Cocoapods version is such a project file. + return nil, nil + } + + log.TDebugf("%d scheme(s) found", len(schemes)) + + return schemes, nil +} + +// Scheme returns the project's scheme by name and the project's absolute path. +func (p XcodeProj) Scheme(name string) (*xcscheme.Scheme, string, error) { + schemes, err := p.Schemes() + if err != nil { + return nil, "", err + } + + normName := norm.NFC.String(name) + for _, scheme := range schemes { + if norm.NFC.String(scheme.Name) == normName { + return &scheme, p.Path, nil + } + } + + return nil, "", xcscheme.NotFoundError{Scheme: name, Container: p.Name} +} + +func (p XcodeProj) visibleSchemes() ([]xcscheme.Scheme, error) { + sharedSchemes, err := p.sharedSchemes() + if err != nil { + return nil, err + } + + userSchemes, err := p.userSchemes() + if err != nil { + return nil, err + } + + schemes := append(sharedSchemes, userSchemes...) + return schemes, nil +} + +func (p XcodeProj) sharedSchemes() ([]xcscheme.Scheme, error) { + sharedSchemeFilePaths, err := p.sharedSchemeFilePaths() + if err != nil { + return nil, err + } + + var sharedSchemes []xcscheme.Scheme + for _, pth := range sharedSchemeFilePaths { + scheme, err := xcscheme.Open(pth) + if err != nil { + return nil, err + } + + scheme.IsShared = true + sharedSchemes = append(sharedSchemes, scheme) + } + + return sharedSchemes, nil +} + +func (p XcodeProj) userSchemes() ([]xcscheme.Scheme, error) { + userSchemeFilePaths, err := p.userSchemeFilePaths() + if err != nil { + return nil, err + } + + var userSchemes []xcscheme.Scheme + for _, pth := range userSchemeFilePaths { + scheme, err := xcscheme.Open(pth) + if err != nil { + return nil, err + } + + userSchemes = append(userSchemes, scheme) + } + + return userSchemes, nil +} + +func (p XcodeProj) sharedSchemeFilePaths() ([]string, error) { + // .xcodeproj/xcshareddata/xcschemes/.xcscheme + sharedSchemesDir := filepath.Join(p.Path, "xcshareddata", "xcschemes") + return listSchemeFilePaths(sharedSchemesDir) +} + +func (p XcodeProj) userSchemeFilePaths() ([]string, error) { + // .xcodeproj/xcuserdata/.xcuserdatad/xcschemes/.xcscheme + userSchemesDir, err := p.userSchemesDir() + if err != nil { + return nil, err + } + return listSchemeFilePaths(userSchemesDir) +} + +func (p XcodeProj) userSchemesDir() (string, error) { + // .xcodeproj/xcuserdata/.xcuserdatad/xcschemes/ + currentUser, err := user.Current() + if err != nil { + return "", err + } + + username := currentUser.Username + + return filepath.Join(p.Path, "xcuserdata", username+".xcuserdatad", "xcschemes"), nil +} + +func (p XcodeProj) isUserSchememanagementFileExist() (bool, error) { + // .xcodeproj/xcuserdata/.xcuserdatad/xcschemes/xcschememanagement.plist + userSchemesDir, err := p.userSchemesDir() + if err != nil { + return false, err + } + schemeManagementPth := filepath.Join(userSchemesDir, "xcschememanagement.plist") + _, err = os.Stat(schemeManagementPth) + return err == nil, nil +} + +func (p XcodeProj) isAutocreateSchemesEnabled() (bool, error) { + // .xcodeproj/project.xcworkspace/xcshareddata/WorkspaceSettings.xcsettings + embeddedWorkspaceDir := filepath.Join(p.Path, "project.xcworkspace") + shareddataDir := filepath.Join(embeddedWorkspaceDir, "xcshareddata") + workspaceSettingsPth := filepath.Join(shareddataDir, "WorkspaceSettings.xcsettings") + + workspaceSettingsContent, err := os.ReadFile(workspaceSettingsPth) + if err != nil { + if errors.Is(err, os.ErrNotExist) { + // By default 'Autocreate Schemes' is enabled + return true, nil + } + + return false, err + } + + var settings serialized.Object + if _, err := plist.Unmarshal(workspaceSettingsContent, &settings); err != nil { + return false, err + } + + autoCreate, err := settings.Bool("IDEWorkspaceSharedSettings_AutocreateContextsIfNeeded") + if err != nil { + if serialized.IsKeyNotFoundError(err) { + // By default 'Autocreate Schemes' is enabled + return true, nil + } + return false, err + } + + return autoCreate, nil +} + +func (p XcodeProj) defaultSchemes() []xcscheme.Scheme { + var schemes []xcscheme.Scheme + for _, buildTarget := range p.Proj.Targets { + if buildTarget.Type != NativeTargetType || buildTarget.IsTest() { + continue + } + + var testTargets []Target + for _, testTarget := range p.Proj.Targets { + if testTarget.IsTest() && testTarget.DependsOn(buildTarget.ID) { + testTargets = append(testTargets, testTarget) + } + } + + scheme := newScheme(buildTarget, testTargets, filepath.Base(p.Path)) + scheme.IsShared = true + schemes = append(schemes, scheme) + } + return schemes +} + +func listSchemeFilePaths(dir string) ([]string, error) { + entries, err := os.ReadDir(dir) + if err != nil { + if errors.Is(err, os.ErrNotExist) { + return nil, nil + } + return nil, err + } + + var schemeFilePaths []string + for _, entry := range entries { + baseName := entry.Name() + if filepath.Ext(baseName) == ".xcscheme" { + schemeFilePaths = append(schemeFilePaths, filepath.Join(dir, baseName)) + } + } + + return schemeFilePaths, nil +} diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/xcodeproj.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/xcodeproj.go index ceb92ca..0361e9b 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/xcodeproj.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj/xcodeproj.go @@ -11,15 +11,13 @@ import ( "sort" "strings" - plist "github.com/bitrise-io/go-plist" + "github.com/bitrise-io/go-plist" "github.com/bitrise-io/go-utils/fileutil" "github.com/bitrise-io/go-utils/log" "github.com/bitrise-io/go-utils/pathutil" "github.com/bitrise-io/go-utils/pretty" "github.com/bitrise-io/go-xcode/xcodebuild" "github.com/bitrise-io/go-xcode/xcodeproject/serialized" - "github.com/bitrise-io/go-xcode/xcodeproject/xcscheme" - "golang.org/x/text/unicode/norm" ) const ( @@ -330,34 +328,6 @@ func (p XcodeProj) TargetBuildSettings(target, configuration string, customOptio return commandModel.RunAndReturnSettings() } -// Scheme returns the project's scheme by name and the project's absolute path. -func (p XcodeProj) Scheme(name string) (*xcscheme.Scheme, string, error) { - schemes, err := p.Schemes() - if err != nil { - return nil, "", err - } - - normName := norm.NFC.String(name) - for _, scheme := range schemes { - if norm.NFC.String(scheme.Name) == normName { - return &scheme, p.Path, nil - } - } - - return nil, "", xcscheme.NotFoundError{Scheme: name, Container: p.Name} -} - -// Schemes ... -func (p XcodeProj) Schemes() ([]xcscheme.Scheme, error) { - log.TDebugf("Locating scheme for project path: %s", p.Path) - - schemes, err := xcscheme.FindSchemesIn(p.Path) - - log.TDebugf("Located %v schemes", len(schemes)) - - return schemes, err -} - // Open ... func Open(pth string) (XcodeProj, error) { absPth, err := pathutil.AbsPath(pth) diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/util.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/util.go deleted file mode 100644 index 39dac2d..0000000 --- a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/util.go +++ /dev/null @@ -1,47 +0,0 @@ -package xcscheme - -import ( - "path/filepath" -) - -// FindSchemesIn ... -func FindSchemesIn(root string) (schemes []Scheme, err error) { - // - // Add the shared schemes to the list - sharedPths, err := pathsByPattern(root, "xcshareddata", "xcschemes", "*.xcscheme") - if err != nil { - return nil, err - } - - // - // Add the non-shared user schemes to the list - userPths, err := pathsByPattern(root, "xcuserdata", "*.xcuserdatad", "xcschemes", "*.xcscheme") - if err != nil { - return nil, err - } - - for _, schemePaths := range []struct { - schemes []string - isShared bool - }{ - {sharedPths, true}, - {userPths, false}, - } { - for _, pth := range schemePaths.schemes { - scheme, err := Open(pth) - if err != nil { - return nil, err - } - - scheme.IsShared = schemePaths.isShared - schemes = append(schemes, scheme) - } - } - - return -} - -func pathsByPattern(paths ...string) ([]string, error) { - pattern := filepath.Join(paths...) - return filepath.Glob(pattern) -} diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/xcscheme.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/xcscheme.go index 94a0884..f19ed06 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/xcscheme.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcscheme/xcscheme.go @@ -65,7 +65,9 @@ type BuildAction struct { // TestableReference ... type TestableReference struct { - Skipped string `xml:"skipped,attr"` + Skipped string `xml:"skipped,attr"` + Parallelizable string `xml:"parallelizable,attr,omitempty"` + BuildableReference BuildableReference } @@ -113,6 +115,12 @@ type TestAction struct { SelectedLauncherIdentifier string `xml:"selectedLauncherIdentifier,attr"` ShouldUseLaunchSchemeArgsEnv string `xml:"shouldUseLaunchSchemeArgsEnv,attr"` + // TODO: This property means that a TestPlan belongs to this test action. + // As long as the related testPlan has default settings it is not created as a separate TestPlan file. + // If any default test plan setting is changed, Xcode creates the TestPlan file, adds a TestPlans entry to the scheme and removes this property from the TestAction. + // Code working with test plans should be updated to consider this new property. + ShouldAutocreateTestPlan string `xml:"shouldAutocreateTestPlan,attr,omitempty"` + Testables []TestableReference `xml:"Testables>TestableReference"` TestPlans *TestPlans MacroExpansion MacroExpansion diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/file_ref.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/file_ref.go index c22b816..3f2a3e3 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/file_ref.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/file_ref.go @@ -38,7 +38,7 @@ func (f FileRef) TypeAndPath() (FileRefType, string, error) { case "container": return ContainerFileRefType, s[1], nil default: - return "", "", fmt.Errorf("unknown file reference type: %s", s[0]) + return "", "", fmt.Errorf("unknown file reference type: %s, value: %s", s[0], s[1]) } } diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/schemes.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/schemes.go new file mode 100644 index 0000000..d9265d3 --- /dev/null +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/schemes.go @@ -0,0 +1,215 @@ +package xcworkspace + +import ( + "errors" + "fmt" + "os" + "os/user" + "path/filepath" + + "github.com/bitrise-io/go-utils/log" + "github.com/bitrise-io/go-utils/pathutil" + "github.com/bitrise-io/go-xcode/xcodeproject/serialized" + "github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj" + "github.com/bitrise-io/go-xcode/xcodeproject/xcscheme" + "golang.org/x/text/unicode/norm" + "howett.net/plist" +) + +// Schemes returns the schemes considered by Xcode, when opening the given workspace. +// The considered schemes are the workspace shared schemes, the workspace user schemes (for the current user) +// and the embedded project's schemes (XcodeProj.SchemesWithAutocreateEnabled). +func (w Workspace) Schemes() (map[string][]xcscheme.Scheme, error) { + log.TDebugf("Searching schemes in workspace: %s", w.Path) + + schemesByContainer := map[string][]xcscheme.Scheme{} + + sharedSchemes, err := w.sharedSchemes() + if err != nil { + return nil, fmt.Errorf("failed to read shared schemes: %w", err) + } + + userSchemes, err := w.userSchemes() + if err != nil { + return nil, fmt.Errorf("failed to read user schemes: %w", err) + } + + workspaceSchemes := append(sharedSchemes, userSchemes...) + + log.TDebugf("%d scheme(s) found", len(workspaceSchemes)) + if len(workspaceSchemes) > 0 { + schemesByContainer[w.Path] = workspaceSchemes + } + + // project schemes + projectLocations, err := w.ProjectFileLocations() + if err != nil { + return nil, fmt.Errorf("failed to get project locations from workspace: %w", err) + } + + isAutocreateSchemesEnabled, err := w.isAutocreateSchemesEnabled() + if err != nil { + return nil, fmt.Errorf("failed to read the workspace autocreate scheme option: %w", err) + } + + for _, projectLocation := range projectLocations { + if exist, err := pathutil.IsPathExists(projectLocation); err != nil { + return nil, fmt.Errorf("failed to check if project (%s) exists: %w", projectLocation, err) + } else if !exist { + // at this point we are interested the schemes visible for the workspace + continue + } + + project, err := xcodeproj.Open(projectLocation) + if err != nil { + return nil, fmt.Errorf("failed to open project (%s): %w", projectLocation, err) + } + + projectSchemes, err := project.SchemesWithAutocreateEnabled(isAutocreateSchemesEnabled) + if err != nil { + return nil, fmt.Errorf("failed to read project (%s) schemes: %w", projectLocation, err) + } + + if len(projectSchemes) > 0 { + schemesByContainer[project.Path] = projectSchemes + } + } + + return schemesByContainer, nil +} + +// Scheme returns the scheme by name, and it's container's absolute path. +func (w Workspace) Scheme(name string) (*xcscheme.Scheme, string, error) { + schemesByContainer, err := w.Schemes() + if err != nil { + return nil, "", err + } + + normName := norm.NFC.String(name) + for container, schemes := range schemesByContainer { + for _, scheme := range schemes { + if norm.NFC.String(scheme.Name) == normName { + return &scheme, container, nil + } + } + } + + return nil, "", xcscheme.NotFoundError{Scheme: name, Container: w.Name} +} + +func (w Workspace) sharedSchemes() ([]xcscheme.Scheme, error) { + sharedSchemeFilePaths, err := w.sharedSchemeFilePaths() + if err != nil { + return nil, err + } + + var sharedSchemes []xcscheme.Scheme + for _, pth := range sharedSchemeFilePaths { + scheme, err := xcscheme.Open(pth) + if err != nil { + return nil, err + } + + sharedSchemes = append(sharedSchemes, scheme) + } + + return sharedSchemes, nil +} + +func (w Workspace) sharedSchemeFilePaths() ([]string, error) { + // .xcworkspace/xcshareddata/xcschemes/.xcscheme + sharedSchemesDir := filepath.Join(w.Path, "xcshareddata", "xcschemes") + return listSchemeFilePaths(sharedSchemesDir) +} + +func (w Workspace) userSchemes() ([]xcscheme.Scheme, error) { + userSchemeFilePaths, err := w.userSchemeFilePaths() + if err != nil { + return nil, err + } + + var userSchemes []xcscheme.Scheme + for _, pth := range userSchemeFilePaths { + scheme, err := xcscheme.Open(pth) + if err != nil { + return nil, err + } + + userSchemes = append(userSchemes, scheme) + } + + return userSchemes, nil +} + +func (w Workspace) userSchemeFilePaths() ([]string, error) { + // .xcworkspace/xcuserdata/.xcuserdatad/xcschemes/.xcscheme + userSchemesDir, err := w.userSchemesDir() + if err != nil { + return nil, err + } + return listSchemeFilePaths(userSchemesDir) +} + +func (w Workspace) userSchemesDir() (string, error) { + // .xcworkspace/xcuserdata/.xcuserdatad/xcschemes/ + currentUser, err := user.Current() + if err != nil { + return "", err + } + + username := currentUser.Username + + return filepath.Join(w.Path, "xcuserdata", username+".xcuserdatad", "xcschemes"), nil +} + +func (w Workspace) isAutocreateSchemesEnabled() (bool, error) { + // .xcworkspace/xcshareddata/WorkspaceSettings.xcsettings + shareddataDir := filepath.Join(w.Path, "xcshareddata") + workspaceSettingsPth := filepath.Join(shareddataDir, "WorkspaceSettings.xcsettings") + + workspaceSettingsContent, err := os.ReadFile(workspaceSettingsPth) + if err != nil { + if errors.Is(err, os.ErrNotExist) { + // By default 'Autocreate Schemes' is enabled + return true, nil + } + + return false, err + } + + var settings serialized.Object + if _, err := plist.Unmarshal(workspaceSettingsContent, &settings); err != nil { + return false, fmt.Errorf("failed to unmarshall settings: %w", err) + } + + autoCreate, err := settings.Bool("IDEWorkspaceSharedSettings_AutocreateContextsIfNeeded") + if err != nil { + if serialized.IsKeyNotFoundError(err) { + // By default 'Autocreate Schemes' is enabled + return true, nil + } + return false, err + } + + return autoCreate, nil +} + +func listSchemeFilePaths(dir string) ([]string, error) { + entries, err := os.ReadDir(dir) + if err != nil { + if errors.Is(err, os.ErrNotExist) { + return nil, nil + } + return nil, err + } + + var schemeFilePaths []string + for _, entry := range entries { + baseName := entry.Name() + if filepath.Ext(baseName) == ".xcscheme" { + schemeFilePaths = append(schemeFilePaths, filepath.Join(dir, baseName)) + } + } + + return schemeFilePaths, nil +} diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/utils.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/utils.go new file mode 100644 index 0000000..f199db5 --- /dev/null +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/utils.go @@ -0,0 +1,8 @@ +package xcworkspace + +import "path/filepath" + +// IsWorkspace ... +func IsWorkspace(pth string) bool { + return filepath.Ext(pth) == ".xcworkspace" +} diff --git a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/xcworkspace.go b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/xcworkspace.go index c2b7e3c..b8842e0 100644 --- a/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/xcworkspace.go +++ b/vendor/github.com/bitrise-io/go-xcode/xcodeproject/xcworkspace/xcworkspace.go @@ -8,12 +8,9 @@ import ( "github.com/bitrise-io/go-utils/fileutil" "github.com/bitrise-io/go-utils/log" - "github.com/bitrise-io/go-utils/pathutil" "github.com/bitrise-io/go-xcode/xcodebuild" "github.com/bitrise-io/go-xcode/xcodeproject/serialized" "github.com/bitrise-io/go-xcode/xcodeproject/xcodeproj" - "github.com/bitrise-io/go-xcode/xcodeproject/xcscheme" - "golang.org/x/text/unicode/norm" ) const ( @@ -30,23 +27,23 @@ type Workspace struct { Path string } -// Scheme returns the scheme by name and it's container's absolute path. -func (w Workspace) Scheme(name string) (*xcscheme.Scheme, string, error) { - schemesByContainer, err := w.Schemes() +// Open ... +func Open(pth string) (Workspace, error) { + contentsPth := filepath.Join(pth, "contents.xcworkspacedata") + b, err := fileutil.ReadBytesFromFile(contentsPth) if err != nil { - return nil, "", err + return Workspace{}, err } - normName := norm.NFC.String(name) - for container, schemes := range schemesByContainer { - for _, scheme := range schemes { - if norm.NFC.String(scheme.Name) == normName { - return &scheme, container, nil - } - } + var workspace Workspace + if err := xml.Unmarshal(b, &workspace); err != nil { + return Workspace{}, fmt.Errorf("failed to unmarshal workspace file: %s, error: %s", pth, err) } - return nil, "", xcscheme.NotFoundError{Scheme: name, Container: w.Name} + workspace.Name = strings.TrimSuffix(filepath.Base(pth), filepath.Ext(pth)) + workspace.Path = pth + + return workspace, nil } // SchemeBuildSettings ... @@ -65,51 +62,6 @@ func (w Workspace) SchemeBuildSettings(scheme, configuration string, customOptio return object, err } -// Schemes ... -func (w Workspace) Schemes() (map[string][]xcscheme.Scheme, error) { - log.TDebugf("Looking for schemes in workspace: %s", w.Name) - - schemesByContainer := map[string][]xcscheme.Scheme{} - - workspaceSchemes, err := xcscheme.FindSchemesIn(w.Path) - if err != nil { - return nil, err - } - - schemesByContainer[w.Path] = workspaceSchemes - - // project schemes - projectLocations, err := w.ProjectFileLocations() - if err != nil { - return nil, err - } - - for _, projectLocation := range projectLocations { - if exist, err := pathutil.IsPathExists(projectLocation); err != nil { - return nil, fmt.Errorf("failed to check if project exist at: %s, error: %s", projectLocation, err) - } else if !exist { - // at this point we are interested the schemes visible for the workspace - continue - } - - project, err := xcodeproj.Open(projectLocation) - if err != nil { - return nil, err - } - - projectSchemes, err := project.Schemes() - if err != nil { - return nil, err - } - - schemesByContainer[project.Path] = projectSchemes - } - - log.TDebugf("Found %v workspace schemes", len(schemesByContainer)) - - return schemesByContainer, nil -} - // FileLocations ... func (w Workspace) FileLocations() ([]string, error) { var fileLocations []string @@ -149,27 +101,3 @@ func (w Workspace) ProjectFileLocations() ([]string, error) { } return projectLocations, nil } - -// Open ... -func Open(pth string) (Workspace, error) { - contentsPth := filepath.Join(pth, "contents.xcworkspacedata") - b, err := fileutil.ReadBytesFromFile(contentsPth) - if err != nil { - return Workspace{}, err - } - - var workspace Workspace - if err := xml.Unmarshal(b, &workspace); err != nil { - return Workspace{}, fmt.Errorf("failed to unmarshal workspace file: %s, error: %s", pth, err) - } - - workspace.Name = strings.TrimSuffix(filepath.Base(pth), filepath.Ext(pth)) - workspace.Path = pth - - return workspace, nil -} - -// IsWorkspace ... -func IsWorkspace(pth string) bool { - return filepath.Ext(pth) == ".xcworkspace" -} diff --git a/vendor/github.com/bitrise-io/pkcs12/renovate.json b/vendor/github.com/bitrise-io/pkcs12/renovate.json deleted file mode 100644 index 7369fcf..0000000 --- a/vendor/github.com/bitrise-io/pkcs12/renovate.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "local>bitrise-io/renovate-config" - ] -} diff --git a/vendor/golang.org/x/crypto/LICENSE b/vendor/golang.org/x/crypto/LICENSE new file mode 100644 index 0000000..6a66aea --- /dev/null +++ b/vendor/golang.org/x/crypto/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/golang.org/x/crypto/PATENTS b/vendor/golang.org/x/crypto/PATENTS new file mode 100644 index 0000000..7330990 --- /dev/null +++ b/vendor/golang.org/x/crypto/PATENTS @@ -0,0 +1,22 @@ +Additional IP Rights Grant (Patents) + +"This implementation" means the copyrightable works distributed by +Google as part of the Go project. + +Google hereby grants to You a perpetual, worldwide, non-exclusive, +no-charge, royalty-free, irrevocable (except as stated in this section) +patent license to make, have made, use, offer to sell, sell, import, +transfer and otherwise run, modify and propagate the contents of this +implementation of Go, where such license applies only to those patent +claims, both currently owned or controlled by Google and acquired in +the future, licensable by Google that are necessarily infringed by this +implementation of Go. This grant does not include claims that would be +infringed only as a consequence of further modification of this +implementation. If you or your agent or exclusive licensee institute or +order or agree to the institution of patent litigation against any +entity (including a cross-claim or counterclaim in a lawsuit) alleging +that this implementation of Go or any code incorporated within this +implementation of Go constitutes direct or contributory patent +infringement, or inducement of patent infringement, then any patent +rights granted to you under this License for this implementation of Go +shall terminate as of the date such litigation is filed. diff --git a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go new file mode 100644 index 0000000..904b57e --- /dev/null +++ b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go @@ -0,0 +1,77 @@ +// Copyright 2012 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +/* +Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC +2898 / PKCS #5 v2.0. + +A key derivation function is useful when encrypting data based on a password +or any other not-fully-random data. It uses a pseudorandom function to derive +a secure encryption key based on the password. + +While v2.0 of the standard defines only one pseudorandom function to use, +HMAC-SHA1, the drafted v2.1 specification allows use of all five FIPS Approved +Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To +choose, you can pass the `New` functions from the different SHA packages to +pbkdf2.Key. +*/ +package pbkdf2 // import "golang.org/x/crypto/pbkdf2" + +import ( + "crypto/hmac" + "hash" +) + +// Key derives a key from the password, salt and iteration count, returning a +// []byte of length keylen that can be used as cryptographic key. The key is +// derived based on the method described as PBKDF2 with the HMAC variant using +// the supplied hash function. +// +// For example, to use a HMAC-SHA-1 based PBKDF2 key derivation function, you +// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by +// doing: +// +// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New) +// +// Remember to get a good random salt. At least 8 bytes is recommended by the +// RFC. +// +// Using a higher iteration count will increase the cost of an exhaustive +// search but will also make derivation proportionally slower. +func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte { + prf := hmac.New(h, password) + hashLen := prf.Size() + numBlocks := (keyLen + hashLen - 1) / hashLen + + var buf [4]byte + dk := make([]byte, 0, numBlocks*hashLen) + U := make([]byte, hashLen) + for block := 1; block <= numBlocks; block++ { + // N.B.: || means concatenation, ^ means XOR + // for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter + // U_1 = PRF(password, salt || uint(i)) + prf.Reset() + prf.Write(salt) + buf[0] = byte(block >> 24) + buf[1] = byte(block >> 16) + buf[2] = byte(block >> 8) + buf[3] = byte(block) + prf.Write(buf[:4]) + dk = prf.Sum(dk) + T := dk[len(dk)-hashLen:] + copy(U, T) + + // U_n = PRF(password, U_(n-1)) + for n := 2; n <= iter; n++ { + prf.Reset() + prf.Write(U) + U = U[:0] + U = prf.Sum(U) + for x := range U { + T[x] ^= U[x] + } + } + } + return dk[:keyLen] +} diff --git a/vendor/modules.txt b/vendor/modules.txt index fc5e03f..15782fb 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1,3 +1,7 @@ +# github.com/bitrise-io/go-pkcs12 v0.0.0-20230815095624-feb898696e02 +## explicit; go 1.19 +github.com/bitrise-io/go-pkcs12 +github.com/bitrise-io/go-pkcs12/internal/rc2 # github.com/bitrise-io/go-plist v0.0.0-20210301100253-4b1a112ccd10 ## explicit; go 1.15 github.com/bitrise-io/go-plist @@ -27,8 +31,8 @@ github.com/bitrise-io/go-utils/v2/exitcode github.com/bitrise-io/go-utils/v2/log github.com/bitrise-io/go-utils/v2/log/colorstring github.com/bitrise-io/go-utils/v2/pathutil -# github.com/bitrise-io/go-xcode v1.0.9 -## explicit; go 1.15 +# github.com/bitrise-io/go-xcode v1.0.19 +## explicit; go 1.20 github.com/bitrise-io/go-xcode/certificateutil github.com/bitrise-io/go-xcode/devportalservice github.com/bitrise-io/go-xcode/exportoptions @@ -46,10 +50,6 @@ github.com/bitrise-io/go-xcode/v2/autocodesign github.com/bitrise-io/go-xcode/v2/autocodesign/devportalclient/appstoreconnect github.com/bitrise-io/go-xcode/v2/autocodesign/devportalclient/time github.com/bitrise-io/go-xcode/v2/autocodesign/projectmanager -# github.com/bitrise-io/pkcs12 v0.0.0-20211108084543-e52728e011c8 -## explicit -github.com/bitrise-io/pkcs12 -github.com/bitrise-io/pkcs12/internal/rc2 # github.com/davecgh/go-spew v1.1.1 ## explicit github.com/davecgh/go-spew/spew @@ -81,6 +81,9 @@ github.com/stretchr/objx ## explicit; go 1.20 github.com/stretchr/testify/assert github.com/stretchr/testify/mock +# golang.org/x/crypto v0.12.0 +## explicit; go 1.17 +golang.org/x/crypto/pbkdf2 # golang.org/x/text v0.12.0 ## explicit; go 1.17 golang.org/x/text/transform