luckman212 · October 17, 2024 12:49 · luckman212 · Oct 17, 2024
diff --git a/devteamid.sh b/devteamid.sh
 #!/usr/bin/env bash

 CODESIGN_CN_STRING='Developer ID Application'
 #CODESIGN_CN_STRING='Apple Development'

 #requires openssl@3 from Homebrew
 _openssl=$(brew --prefix openssl 2>/dev/null)/bin/openssl
 [[ -x $_openssl ]] || { echo "missing openssl, try \`brew install openssl\`"; exit 1; }

 #find development cert
 csids=$(security find-identity -v -p codesigning | grep -E '[A-F0-9]{40}')
 [[ -n $csids ]] || { echo 1>&2 "could not find codesigning identity"; exit 1; }
 read -r sha1 cn _ < <(sed -En "s/^.*([A-F0-9]{40}).*$CODESIGN_CN_STRING.*\((.*)\).*$/\1 \2/p" <<<"$csids")
 [[ -n $cn && -n $sha1 ]] || { echo 1>&2 "could not find valid development cert"; exit 1; }

 #make temp dir
 outdir=$(mktemp -d /private/tmp/teamid.XXXXXX)
 [[ -n $outdir ]] || { echo "error creating temp dir"; exit 1; }

 #export cert
 if ! security find-certificate -a -c "$cn" -Z -p >"${outdir}/${cn}.pem"; then
  echo "error exporting cert from Keychain"
  exit 1
 fi

 #check for hash match
 certhash=$(awk -v h="$sha1" '$0 ~ "^SHA-1 hash: " h {print $NF; exit}' "${outdir}/${cn}.pem")
 [[ $certhash == "$sha1" ]] || { echo "hash mismatch! ($certhash vs $sha1)"; exit 1; }

 #output DEVELOPMENT_TEAM
 $_openssl x509 -in "${outdir}/${cn}.pem" -subject -noout |
 sed -En 's/.*OU ?= ?([^,]+),.*$/\1/p'

 #cleanup
 rm -r "${outdir:?}"
	#!/usr/bin/env bash

	CODESIGN_CN_STRING='Developer ID Application'
	#CODESIGN_CN_STRING='Apple Development'

	#requires openssl@3 from Homebrew
	_openssl=$(brew --prefix openssl 2>/dev/null)/bin/openssl
	[[ -x $_openssl ]] \|\| { echo "missing openssl, try \`brew install openssl\`"; exit 1; }

	#find development cert
	csids=$(security find-identity -v -p codesigning \| grep -E '[A-F0-9]{40}')
	[[ -n $csids ]] \|\| { echo 1>&2 "could not find codesigning identity"; exit 1; }
	read -r sha1 cn _ < <(sed -En "s/^.([A-F0-9]{40}).$CODESIGN_CN_STRING.\((.)\).*$/\1 \2/p" <<<"$csids")
	[[ -n $cn && -n $sha1 ]] \|\| { echo 1>&2 "could not find valid development cert"; exit 1; }

	#make temp dir
	outdir=$(mktemp -d /private/tmp/teamid.XXXXXX)
	[[ -n $outdir ]] \|\| { echo "error creating temp dir"; exit 1; }

	#export cert
	if ! security find-certificate -a -c "$cn" -Z -p >"${outdir}/${cn}.pem"; then
	echo "error exporting cert from Keychain"
	exit 1
	fi

	#check for hash match
	certhash=$(awk -v h="$sha1" '$0 ~ "^SHA-1 hash: " h {print $NF; exit}' "${outdir}/${cn}.pem")
	[[ $certhash == "$sha1" ]] \|\| { echo "hash mismatch! ($certhash vs $sha1)"; exit 1; }

	#output DEVELOPMENT_TEAM
	$_openssl x509 -in "${outdir}/${cn}.pem" -subject -noout \|
	sed -En 's/.OU ?= ?([^,]+),.$/\1/p'

	#cleanup
	rm -r "${outdir:?}"