From ded5c41170bf155706013ca5508be2ee8560a260 Mon Sep 17 00:00:00 2001
From: Evgeny Aleksandrov <evgeny@aleksandrov.ws>
Date: Sun, 6 Aug 2023 14:39:07 +0300
Subject: [PATCH 1/5] Update codesign task

---
 ProvisionQL/GeneratePreviewForURL.m | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ProvisionQL/GeneratePreviewForURL.m b/ProvisionQL/GeneratePreviewForURL.m
index 3419293..7762f4f 100644
--- a/ProvisionQL/GeneratePreviewForURL.m
+++ b/ProvisionQL/GeneratePreviewForURL.m
@@ -247,11 +247,11 @@ void displayKeyAndValue(NSUInteger level, NSString *key, id value, NSMutableStri
     NSString *bundleExecutable = [appPropertyList objectForKey:@"CFBundleExecutable"];
 
     NSString *binaryPath = [basePath stringByAppendingPathComponent:bundleExecutable];
-    // get entitlements: codesign -d <AppBinary> --entitlements :-
+    // get entitlements: codesign -d <AppBinary> --entitlements - --xml
     NSTask *codesignTask = [NSTask new];
     [codesignTask setLaunchPath:@"/usr/bin/codesign"];
     [codesignTask setStandardOutput:[NSPipe pipe]];
-    [codesignTask setArguments:@[@"-d", binaryPath, @"--entitlements", @":-"]];
+    [codesignTask setArguments:@[@"-d", binaryPath, @"--entitlements", @"-", @"--xml"]];
     [codesignTask launch];
 
     NSData *pipeData = [[[codesignTask standardOutput] fileHandleForReading] readDataToEndOfFile];

From bee13e6a2343c477ddf692d2cac2879f7d885b13 Mon Sep 17 00:00:00 2001
From: Evgeny Aleksandrov <evgeny@aleksandrov.ws>
Date: Sun, 6 Aug 2023 14:46:10 +0300
Subject: [PATCH 2/5] Handle error when parsing entitlements plist

---
 ProvisionQL/GeneratePreviewForURL.m | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/ProvisionQL/GeneratePreviewForURL.m b/ProvisionQL/GeneratePreviewForURL.m
index 7762f4f..194c2b6 100644
--- a/ProvisionQL/GeneratePreviewForURL.m
+++ b/ProvisionQL/GeneratePreviewForURL.m
@@ -537,10 +537,13 @@ OSStatus GeneratePreviewForURL(void *thisInterface, QLPreviewRequestRef preview,
             if (codesignEntitlementsData != nil) {
                 // read the entitlements directly from the codesign output
                 NSDictionary *entitlementsPropertyList = [NSPropertyListSerialization propertyListWithData:codesignEntitlementsData options:0 format:NULL error:NULL];
-                NSMutableString *dictionaryFormatted = [NSMutableString string];
-                displayKeyAndValue(0, nil, entitlementsPropertyList, dictionaryFormatted);
-                synthesizedValue = [NSString stringWithFormat:@"<pre>%@</pre>", dictionaryFormatted];
-
+                if (entitlementsPropertyList != nil) {
+                    NSMutableString *dictionaryFormatted = [NSMutableString string];
+                    displayKeyAndValue(0, nil, entitlementsPropertyList, dictionaryFormatted);
+                    synthesizedValue = [NSString stringWithFormat:@"<pre>%@</pre>", dictionaryFormatted];
+                } else {
+                    synthesizedValue = @"Entitlements extraction failed.";
+                }
                 [synthesizedInfo setObject:synthesizedValue forKey:@"EntitlementsFormatted"];
             } else {
                 // read the entitlements from the provisioning profile instead

From 365fa123959a499bf34acfc787c6dae8f5470183 Mon Sep 17 00:00:00 2001
From: Evgeny Aleksandrov <evgeny@aleksandrov.ws>
Date: Sun, 6 Aug 2023 14:46:10 +0300
Subject: [PATCH 3/5] Redirect error output from codesign command for
 entitlements

---
 ProvisionQL/GeneratePreviewForURL.m | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/ProvisionQL/GeneratePreviewForURL.m b/ProvisionQL/GeneratePreviewForURL.m
index 194c2b6..c5b838e 100644
--- a/ProvisionQL/GeneratePreviewForURL.m
+++ b/ProvisionQL/GeneratePreviewForURL.m
@@ -251,13 +251,19 @@ void displayKeyAndValue(NSUInteger level, NSString *key, id value, NSMutableStri
     NSTask *codesignTask = [NSTask new];
     [codesignTask setLaunchPath:@"/usr/bin/codesign"];
     [codesignTask setStandardOutput:[NSPipe pipe]];
+    [codesignTask setStandardError:[NSPipe pipe]];
     [codesignTask setArguments:@[@"-d", binaryPath, @"--entitlements", @"-", @"--xml"]];
     [codesignTask launch];
 
-    NSData *pipeData = [[[codesignTask standardOutput] fileHandleForReading] readDataToEndOfFile];
+    NSData *outputData = [[[codesignTask standardOutput] fileHandleForReading] readDataToEndOfFile];
+    NSData *errorData = [[[codesignTask standardError] fileHandleForReading] readDataToEndOfFile];
     [codesignTask waitUntilExit];
 
-    return pipeData;
+    if (outputData.length == 0) {
+        return errorData;
+    }
+
+    return outputData;
 }
 
 OSStatus GeneratePreviewForURL(void *thisInterface, QLPreviewRequestRef preview, CFURLRef url, CFStringRef contentTypeUTI, CFDictionaryRef options) {
@@ -542,7 +548,16 @@ OSStatus GeneratePreviewForURL(void *thisInterface, QLPreviewRequestRef preview,
                     displayKeyAndValue(0, nil, entitlementsPropertyList, dictionaryFormatted);
                     synthesizedValue = [NSString stringWithFormat:@"<pre>%@</pre>", dictionaryFormatted];
                 } else {
-                    synthesizedValue = @"Entitlements extraction failed.";
+                    NSString *outputString = [[NSString alloc] initWithData:codesignEntitlementsData encoding:NSUTF8StringEncoding];
+                    NSString *errorOutput;
+                    if ([outputString hasPrefix:@"Executable="]) {
+                        // remove first line with long temporary path to the executable
+                        NSArray *allLines = [outputString componentsSeparatedByCharactersInSet:[NSCharacterSet newlineCharacterSet]];
+                        errorOutput = [[allLines subarrayWithRange:NSMakeRange(1, allLines.count - 1)] componentsJoinedByString:@"<br />"];
+                    } else {
+                        errorOutput = outputString;
+                    }
+                    synthesizedValue = errorOutput;
                 }
                 [synthesizedInfo setObject:synthesizedValue forKey:@"EntitlementsFormatted"];
             } else {

From 2a4536b8d92b7dfbf7c46a5d83ad278174e8f1e4 Mon Sep 17 00:00:00 2001
From: Evgeny Aleksandrov <evgeny@aleksandrov.ws>
Date: Sun, 6 Aug 2023 14:52:34 +0300
Subject: [PATCH 4/5] Add entitlements warning

---
 ProvisionQL/GeneratePreviewForURL.m | 7 +++++++
 ProvisionQL/Resources/template.html | 7 +++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/ProvisionQL/GeneratePreviewForURL.m b/ProvisionQL/GeneratePreviewForURL.m
index c5b838e..357d56b 100644
--- a/ProvisionQL/GeneratePreviewForURL.m
+++ b/ProvisionQL/GeneratePreviewForURL.m
@@ -540,6 +540,7 @@ OSStatus GeneratePreviewForURL(void *thisInterface, QLPreviewRequestRef preview,
                 [synthesizedInfo setObject:synthesizedValue forKey:@"TeamIds"];
             }
 
+            BOOL showEntitlementsWarning = false;
             if (codesignEntitlementsData != nil) {
                 // read the entitlements directly from the codesign output
                 NSDictionary *entitlementsPropertyList = [NSPropertyListSerialization propertyListWithData:codesignEntitlementsData options:0 format:NULL error:NULL];
@@ -557,6 +558,7 @@ OSStatus GeneratePreviewForURL(void *thisInterface, QLPreviewRequestRef preview,
                     } else {
                         errorOutput = outputString;
                     }
+                    showEntitlementsWarning = true;
                     synthesizedValue = errorOutput;
                 }
                 [synthesizedInfo setObject:synthesizedValue forKey:@"EntitlementsFormatted"];
@@ -574,6 +576,11 @@ OSStatus GeneratePreviewForURL(void *thisInterface, QLPreviewRequestRef preview,
                     [synthesizedInfo setObject:@"No Entitlements" forKey:@"EntitlementsFormatted"];
                 }
             }
+            if (showEntitlementsWarning) {
+                [synthesizedInfo setObject:@"" forKey:@"EntitlementsWarning"];
+            } else {
+                [synthesizedInfo setObject:@"hiddenDiv" forKey:@"EntitlementsWarning"];
+            }
 
             value = [propertyList objectForKey:@"DeveloperCertificates"];
             if ([value isKindOfClass:[NSArray class]]) {
diff --git a/ProvisionQL/Resources/template.html b/ProvisionQL/Resources/template.html
index 7bc6072..742e46e 100644
--- a/ProvisionQL/Resources/template.html
+++ b/ProvisionQL/Resources/template.html
@@ -61,7 +61,7 @@
                     text-transform: uppercase;
                 }
 
-                .expired {
+                .expired, .warning {
                     color: darkred;
                 }
                 .expiring {
@@ -116,7 +116,7 @@
                     a:hover   { color: #fff; }
                     a:visited { color: #aaa; }
 
-                    .expired {
+                    .expired, .warning {
                         color: red;
                     }
                     .expiring {
@@ -172,6 +172,9 @@ <h1><span class="__ExpStatus__">__Name__</span></h1>
 			Expiration Date: <strong><span class="__ExpStatus__">__ExpirationDateFormatted__ (__ExpirationSummary__)</span></strong><br />
 
             <h2>Entitlements</h2>
+            <div class="__EntitlementsWarning__ warning">
+                <strong>Entitlements extraction failed.</strong>
+            </div>
             __EntitlementsFormatted__
 
 			<h2>Developer Certificates</h2>

From 1bfa183a39aaa25a5743bbbf570c59bc6bdf9afa Mon Sep 17 00:00:00 2001
From: Evgeny Aleksandrov <evgeny@aleksandrov.ws>
Date: Sun, 6 Aug 2023 14:52:34 +0300
Subject: [PATCH 5/5] Remove unnecessary classes from the template

---
 ProvisionQL/Resources/template.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ProvisionQL/Resources/template.html b/ProvisionQL/Resources/template.html
index 742e46e..6eb172a 100644
--- a/ProvisionQL/Resources/template.html
+++ b/ProvisionQL/Resources/template.html
@@ -144,7 +144,7 @@ <h1>__AppInfoTitle__</h1>
 				Name: <strong>__CFBundleName__</strong><br />
 				Version: __CFBundleShortVersionString__ (__CFBundleVersion__)<br />
 				BundleId: __CFBundleIdentifier__<br />
-                <div class="extension __ExtensionInfo__">
+                <div class="__ExtensionInfo__">
                     Extension type: __NSExtensionPointIdentifier__<br />
                 </div>
 				DeviceFamily: __UIDeviceFamily__<br />
@@ -156,7 +156,7 @@ <h2>App Transport Security</h2>
             __AppTransportSecurityFormatted__
         </div>
 
-        <div class="provision __ProvisionInfo__">
+        <div class="__ProvisionInfo__">
             <div class="__AppInfo__">
                 <h1>Provisioning</h1>
                 Profile name: <strong>__Name__</strong><br />
@@ -184,7 +184,7 @@ <h2>Devices (__ProvisionedDevicesCount__)</h2>
             __ProvisionedDevicesFormatted__
 
 		</div>
-        <div class="fileInfo">
+        <div>
             <h2>File info</h2>
             __FileName__<br />
             __FileInfo__<br />