jabou/certificate_validity.sh

## certificate_validity.sh
# skip if we don't run in debug

if [ "$CONFIGURATION" != "Debug" ]; then
echo "Skip certificate check"
exit 0
fi

# 1 Create file for storing last shown date
if [ ! -d ~/.cache/ ]; then
    mkdir ~/.cache/
fi
PROJECT_CACHE=~/.cache/$(basename -- $(find . -name *.xcworkspace)).txt
touch $PROJECT_CACHE

# 2 Variables
CERTIFICATES="${PROJECT_DIR}/MyProject/SupportingFiles/Certificates/"
TEMP_DIR="${PROJECT_DIR}/temp_cert"
TODAY=`date +"%Y%m%d"`
REMIND_IN=2 # 2 months
REMINDER_TIME=$[ $REMIND_IN * 30 * 24 * 60 * 60 ]
LAST_CHECK=$(head -n 1 $PROJECT_CACHE)
CERT_WARNING=""

# Temp dir for converted certs
mkdir $TEMP_DIR

# 3 Check validity
for cert in $(find "$CERTIFICATES" -name '*.der')
do
# 4 Convert to .pem for validity date check
CERT_NAME=$(basename -- $cert)
TEMP_CERT="$TEMP_DIR/$CERT_NAME.pem"
openssl x509 -inform der -in $cert -out $TEMP_CERT
# 5
if openssl x509 -checkend $REMINDER_TIME -noout -in $TEMP_CERT; then
echo "Certificate $CERT_NAME is still valid"
else
EXPIRY_DATE=($(openssl x509 -enddate -noout -in $TEMP_CERT|cut -d= -f 2))
FORMATTED_EXPIRY="${EXPIRY_DATE[0]} ${EXPIRY_DATE[1]}"
CERT_WARNING+="$CERT_NAME on $FORMATTED_EXPIRY\n"
echo "Certificate $CERT_NAME will expire."
fi
done

# 6 Alert user

if [[ ! -z "$CERT_WARNING" ]] && ([ -s $LAST_CHECK ] || [ $LAST_CHECK -lt $TODAY ]); then

CERTIFICATE_WARNING="The following certificates expire in $REMIND_IN month(s):\n\n$CERT_WARNING\n\nThe dates can be off by one day so make sure to check the dates by opening the certificates before notifying the client."
OSASCRIPT_MESSAGE=$(printf 'tell app "Xcode" to display dialog "%s" with title "Certificates validity" with icon caution buttons {"OK"} default button "OK"' "$CERTIFICATE_WARNING")
osascript -e "$OSASCRIPT_MESSAGE"

echo $TODAY > $PROJECT_CACHE
fi

rm -rf $TEMP_DIR
	# skip if we don't run in debug

	if [ "$CONFIGURATION" != "Debug" ]; then
	echo "Skip certificate check"
	exit 0
	fi

	# 1 Create file for storing last shown date
	if [ ! -d ~/.cache/ ]; then
	mkdir ~/.cache/
	fi
	PROJECT_CACHE=~/.cache/$(basename -- $(find . -name *.xcworkspace)).txt
	touch $PROJECT_CACHE

	# 2 Variables
	CERTIFICATES="${PROJECT_DIR}/MyProject/SupportingFiles/Certificates/"
	TEMP_DIR="${PROJECT_DIR}/temp_cert"
	TODAY=`date +"%Y%m%d"`
	REMIND_IN=2 # 2 months
	REMINDER_TIME=$[ $REMIND_IN * 30 * 24 * 60 * 60 ]
	LAST_CHECK=$(head -n 1 $PROJECT_CACHE)
	CERT_WARNING=""

	# Temp dir for converted certs
	mkdir $TEMP_DIR

	# 3 Check validity
	for cert in $(find "$CERTIFICATES" -name '*.der')
	do
	# 4 Convert to .pem for validity date check
	CERT_NAME=$(basename -- $cert)
	TEMP_CERT="$TEMP_DIR/$CERT_NAME.pem"
	openssl x509 -inform der -in $cert -out $TEMP_CERT
	# 5
	if openssl x509 -checkend $REMINDER_TIME -noout -in $TEMP_CERT; then
	echo "Certificate $CERT_NAME is still valid"
	else
	EXPIRY_DATE=($(openssl x509 -enddate -noout -in $TEMP_CERT\|cut -d= -f 2))
	FORMATTED_EXPIRY="${EXPIRY_DATE[0]} ${EXPIRY_DATE[1]}"
	CERT_WARNING+="$CERT_NAME on $FORMATTED_EXPIRY\n"
	echo "Certificate $CERT_NAME will expire."
	fi
	done

	# 6 Alert user

	if [[ ! -z "$CERT_WARNING" ]] && ([ -s $LAST_CHECK ] \|\| [ $LAST_CHECK -lt $TODAY ]); then

	CERTIFICATE_WARNING="The following certificates expire in $REMIND_IN month(s):\n\n$CERT_WARNING\n\nThe dates can be off by one day so make sure to check the dates by opening the certificates before notifying the client."
	OSASCRIPT_MESSAGE=$(printf 'tell app "Xcode" to display dialog "%s" with title "Certificates validity" with icon caution buttons {"OK"} default button "OK"' "$CERTIFICATE_WARNING")
	osascript -e "$OSASCRIPT_MESSAGE"

	echo $TODAY > $PROJECT_CACHE
	fi

	rm -rf $TEMP_DIR