#!/bin/bash
KEYCHAIN_DUMPER_FOLDER=/usr/local/bin
if [ ! -d "$KEYCHAIN_DUMPER_FOLDER" ]; then
	mkdir "$KEYCHAIN_DUMPER_FOLDER"
fi

ENTITLEMENT_PATH=$KEYCHAIN_DUMPER_FOLDER/ent.xml
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" >> $ENTITLEMENT_PATH
echo "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" >> $ENTITLEMENT_PATH
echo "<plist version=\"1.0\">" >> $ENTITLEMENT_PATH
echo "  <dict>" >> $ENTITLEMENT_PATH
echo "    <key>keychain-access-groups</key>" >> $ENTITLEMENT_PATH
echo "    <array>" >> $ENTITLEMENT_PATH

for d in /var/mobile/Containers/Shared/AppGroup/* ; do  
	cd $d ; 
	echo "        <string>$(plutil -MCMMetadataIdentifier .com.apple.mobile_container_manager.metadata.plist)</string>" >> $ENTITLEMENT_PATH ; 
	cd .. ; 
done

# amend app specific application-identifier
for d in /private/var/containers/Bundle/Application/* ; do
	cd $d/*.app/ ;
	executableName=`plutil -CFBundleExecutable Info.plist` ;
	checkingPath=`pwd` ;
	echo "Checking... $checkingPath" ;
	# extract current MachO entitlement to file
	ldid -e "${executableName}" >> ent.xml ;
	applicationIdentifier=$(plutil -application-identifier ent.xml) ;

	echo "        <string>$applicationIdentifier</string>" >> $ENTITLEMENT_PATH;

	# clean up
	rm ent.xml ;
	cd ../../ ;
done

echo "    </array>">> $ENTITLEMENT_PATH
echo "    <key>platform-application</key> <true/>">> $ENTITLEMENT_PATH
echo "    <key>com.apple.private.security.no-container</key>  <true/>">> $ENTITLEMENT_PATH
echo "	  <key>run-unsigned-code</key>  <true/>" >> $ENTITLEMENT_PATH ;
echo "  </dict>">> $ENTITLEMENT_PATH
echo "</plist>">> $ENTITLEMENT_PATH

cd $KEYCHAIN_DUMPER_FOLDER
ldid -Sent.xml keychaineditor
rm ent.xml
echo "KeychainEditor successfully patched!"


