Add revoke cert option

2026-03-02 06:26:16 +01:00 · 2025-11-06 19:51:51 -05:00
parent f6f9a6958f
commit 6c9511e2f9
4 changed files with 44 additions and 2 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1152,7 +1152,7 @@ checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf"

 [[package]]
 name = "isideload"
-version = "0.1.14"
+version = "0.1.15"
 dependencies = [
 "hex",
 "idevice",
--- a/isideload/Cargo.toml
+++ b/isideload/Cargo.toml
@@ -3,7 +3,7 @@ name = "isideload"
 description = "Sideload iOS/iPadOS applications"
 license = "MPL-2.0"
 authors = ["Nicholas Sharp <nab@nabdev.me>"]
-version = "0.1.14"
+version = "0.1.15"
 edition = "2024"
 repository = "https://github.com/nab138/isideload"
 documentation = "https://docs.rs/isideload"
--- a/isideload/src/lib.rs
+++ b/isideload/src/lib.rs
@@ -61,6 +61,8 @@ pub struct SideloadConfiguration {
    pub logger: Box<dyn SideloadLogger>,
    /// Directory used to store intermediate artifacts (profiles, certs, etc.). This directory will not be cleared at the end.
    pub store_dir: std::path::PathBuf,
+    /// Whether or not to revoke the certificate immediately after installation
+    pub revoke_cert: bool,
 }

 impl Default for SideloadConfiguration {
@@ -75,6 +77,7 @@ impl SideloadConfiguration {
            machine_name: "isideload".to_string(),
            logger: Box::new(DefaultLogger),
            store_dir: std::env::current_dir().unwrap(),
+            revoke_cert: false,
        }
    }

@@ -92,4 +95,9 @@ impl SideloadConfiguration {
        self.store_dir = store_dir;
        self
    }
+
+    pub fn set_revoke_cert(mut self, revoke_cert: bool) -> Self {
+        self.revoke_cert = revoke_cert;
+        self
+    }
 }
--- a/isideload/src/sideload.rs
+++ b/isideload/src/sideload.rs
@@ -384,6 +384,40 @@ pub async fn sideload_app(
        return error_and_return(&logger, e);
    }

+    if config.revoke_cert {
+        if let Some(cert) = cert.certificate {
+            dev_session
+                .revoke_development_cert(
+                    DeveloperDeviceType::Ios,
+                    &team,
+                    cert.serial_number()
+                        .to_bn()
+                        .map_err(|e| {
+                            Error::Certificate(format!(
+                                "Failed to convert serial number to bn: {}",
+                                e
+                            ))
+                        })?
+                        .to_hex_str()
+                        .map_err(|e| {
+                            Error::Certificate(format!(
+                                "Failed to convert serial number to hex string: {}",
+                                e
+                            ))
+                        })?
+                        .to_string()
+                        .as_str(),
+                )
+                .await?;
+            logger.log("Certificate revoked");
+        } else {
+            return error_and_return(
+                &logger,
+                Error::Certificate("No certificate to revoke".to_string()),
+            );
+        }
+    }
+
    Ok(())
 }