Class: IOSConfig::Profile

Inherits:

Object

• Object
• IOSConfig::Profile

Defined in:

lib/ios_config/profile.rb

Instance Attribute Summary

• #allow_removal ⇒ Object

  if profile can be deleted by device user.

• #client_certs ⇒ Object

  if profile can be deleted by device user.

• #description ⇒ Object

  if profile can be deleted by device user.

• #display_name ⇒ Object

  if profile can be deleted by device user.

• #identifier ⇒ Object

  if profile can be deleted by device user.

• #organization ⇒ Object

  if profile can be deleted by device user.

• #payloads ⇒ Object

  if profile can be deleted by device user.

• #type ⇒ Object

  if profile can be deleted by device user.

• #uuid ⇒ Object

  if profile can be deleted by device user.

• #version ⇒ Object

  if profile can be deleted by device user.

Instance Method Summary

• #initialize(options = {}) ⇒ Profile constructor

  A new instance of Profile.

• #signed(mdm_cert, mdm_intermediate_cert, mdm_private_key) ⇒ Object
• #unsigned(format = :binary) ⇒ Object

Constructor Details

#initialize(options = {}) ⇒ Profile

Returns a new instance of Profile.

# File 'lib/ios_config/profile.rb', line 19

def initialize(options = {})
  options.each { |k,v| self.send("#{k}=", v) }

  @allow_removal  = true if @allow_removal.nil?
  @type           ||= 'Configuration'
  @version        ||= 1
  @payloads       ||= []
end

Instance Attribute Details

#allow_removal ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def allow_removal
  @allow_removal
end

#client_certs ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def client_certs
  @client_certs
end

#description ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def description
  @description
end

#display_name ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def display_name
  @display_name
end

#identifier ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def identifier
  @identifier
end

#organization ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def organization
  @organization
end

#payloads ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def payloads
  @payloads
end

#type ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def type
  @type
end

#uuid ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def uuid
  @uuid
end

#version ⇒ Object

if profile can be deleted by device user. defaults to true

# File 'lib/ios_config/profile.rb', line 8

def version
  @version
end

Instance Method Details

#signed(mdm_cert, mdm_intermediate_cert, mdm_private_key) ⇒ Object

# File 'lib/ios_config/profile.rb', line 28

def signed(mdm_cert, mdm_intermediate_cert, mdm_private_key)
  certificate   = OpenSSL::X509::Certificate.new(File.read(mdm_cert))
  intermediate  = OpenSSL::X509::Certificate.new(File.read(mdm_intermediate_cert))
  private_key   = OpenSSL::PKey::RSA.new(File.read(mdm_private_key))

  signed_profile = OpenSSL::PKCS7.sign(certificate, private_key, unsigned, [intermediate], OpenSSL::PKCS7::BINARY)
  signed_profile.to_der
end

#unsigned(format = :binary) ⇒ Object

# File 'lib/ios_config/profile.rb', line 37

def unsigned(format = :binary)
  raise_if_blank [:version, :uuid, :type, :identifier, :display_name]

  profile = {
    'PayloadDisplayName'        => @display_name,
    'PayloadVersion'            => @version,
    'PayloadUUID'               => @uuid,
    'PayloadIdentifier'         => @identifier,
    'PayloadType'               => @type,
    'PayloadRemovalDisallowed'  => !@allow_removal
  }
  profile['PayloadOrganization']  = @organization if @organization
  profile['PayloadDescription']   = @description  if @description

  if @client_certs.nil?
    profile['PayloadContent'] = @payloads
  else
    encrypted_payload_content = OpenSSL::PKCS7.encrypt( @client_certs,
                                                        @payloads.to_plist,
                                                        OpenSSL::Cipher::Cipher::new("des-ede3-cbc"),
                                                        OpenSSL::PKCS7::BINARY)

    profile['EncryptedPayloadContent'] = StringIO.new encrypted_payload_content.to_der
  end

  case format
  when :binary
    profile.to_plist
  when :xml
    Plist::Emit.dump(profile)
  else
    raise ArgumentError, 'unknown format'
  end

end