Detect provisioning profile mismatches

[jwheare]

trafficstars

Raised in https://github.com/electron-userland/electron-builder/issues/1967#issuecomment-333639366

It would be great if the provisioning profile provided could be compared with the certificate during code signing and return an error if they're different.

In the profile, there's a DeveloperCertificates key which contains a list of base64 encoded certificates. You could extract the hash from that and compare it with the signing identity cert.

Similarly, you could compare the ProvisionedDevices UUID with the host system. It can be looked up with system_profiler -xml SPHardwareDataType in the platform_UUID key, but there may be an easier way.