microsoft
/
cordova-plugin-code-push
зеркало из https://github.com/microsoft/cordova-plugin-code-push.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Moved code signing verification after deployment of the update (#306)

This commit is contained in:
Kamen Goranchev 2017-10-25 15:12:02 +02:00 коммит произвёл Ruslan Bikkinin
Родитель 0fad1829c7
Коммит df50322281
4 изменённых файлов: 41 добавлений и 45 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
bin/www/fileUtil.js
Просмотреть файл

@ -104,7 +104,7 @@ var FileUtil = (function () {
var copyOne = function () {
if (i < entries.length) {
var nextEntry = entries[i++];
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX" || nextEntry.name === ".codepushrelease") {
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX") {
copyOne();
}
else {

40
bin/www/localPackage.js
Просмотреть файл

@ -1,10 +1,10 @@
/********************************************************************************************
THIS FILE HAS BEEN COMPILED FROM TYPESCRIPT SOURCES.
PLEASE DO NOT MODIFY THIS FILE DIRECTLY AS YOU WILL LOSE YOUR CHANGES WHEN RECOMPILING.
INSTEAD, EDIT THE TYPESCRIPT SOURCES UNDER THE WWW FOLDER, AND THEN RUN GULP.
FOR MORE INFORMATION, PLEASE SEE CONTRIBUTING.md.
*********************************************************************************************/
/********************************************************************************************
THIS FILE HAS BEEN COMPILED FROM TYPESCRIPT SOURCES.
PLEASE DO NOT MODIFY THIS FILE DIRECTLY AS YOU WILL LOSE YOUR CHANGES WHEN RECOMPILING.
INSTEAD, EDIT THE TYPESCRIPT SOURCES UNDER THE WWW FOLDER, AND THEN RUN GULP.
FOR MORE INFORMATION, PLEASE SEE CONTRIBUTING.md.
*********************************************************************************************/
"use strict";
@ -43,42 +43,40 @@ var LocalPackage = (function (_super) {
Sdk.reportStatusDeploy(_this, AcquisitionStatus.DeploymentFailed, _this.deploymentKey);
};
var newPackageLocation = LocalPackage.VersionsDir + "/" + this.packageHash;
var donePackageFileCopy = function (deployDir) {
var signatureVerified = function (deployDir) {
_this.localPath = deployDir.fullPath;
_this.finishInstall(deployDir, installOptions, installSuccess, installError);
};
var newPackageUnzippedAndVerified = function (error) {
if (error) {
installError && installError(new Error("Could not unzip and verify package. " + CodePushUtil.getErrorMessage(error)));
var donePackageFileCopy = function (deployDir) {
_this.verifyPackage(deployDir, installError, CodePushUtil.getNodeStyleCallbackFor(signatureVerified, installError));
};
var newPackageUnzipped = function (unzipError) {
if (unzipError) {
installError && installError(new Error("Could not unzip package" + CodePushUtil.getErrorMessage(unzipError)));
}
else {
LocalPackage.handleDeployment(newPackageLocation, CodePushUtil.getNodeStyleCallbackFor(donePackageFileCopy, installError));
}
};
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, false, function (error, directoryEntry) {
var unzipAndVerifyPackage = function () {
var unzipPackage = function () {
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, true, function (innerError, unzipDir) {
if (innerError) {
installError && installError(innerError);
return;
}
zip.unzip(_this.localPath, unzipDir.toInternalURL(), function (unzipError) {
if (unzipError) {
installError && installError(new Error("Could not unzip package. " + CodePushUtil.getErrorMessage(unzipError)));
}
_this.verifyPackage(unzipDir, installError, newPackageUnzippedAndVerified);
});
zip.unzip(_this.localPath, unzipDir.toInternalURL(), newPackageUnzipped);
});
};
if (!error && !!directoryEntry) {
directoryEntry.removeRecursively(function () {
unzipAndVerifyPackage();
unzipPackage();
}, function (cleanupError) {
installError && installError(FileUtil.fileErrorToError(cleanupError));
});
}
else {
unzipAndVerifyPackage();
unzipPackage();
}
});
}
@ -98,7 +96,7 @@ var LocalPackage = (function (_super) {
}
if (!expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the data integrity check.");
callback(null, false);
callback(null, unzipDir);
if (contents != null) {
CodePushUtil.logMessage("Warning! JWT signature exists in codepush update but code integrity check couldn't be performed because there is no public key configured. \n" +
"Please ensure that a public key is properly configured within your application.");
@ -107,7 +105,7 @@ var LocalPackage = (function (_super) {
}
if (localHash === expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the code signing check.");
callback(null, true);
callback(null, unzipDir);
return;
}
installError(new Error("The update contents failed the code signing check."));

13
www/fileUtil.ts
Просмотреть файл

@ -72,7 +72,7 @@ class FileUtil {
callback(null, exists);
});
}
/**
* Gets a DirectoryEntry based on a path.
*/
@ -128,10 +128,9 @@ class FileUtil {
if (i < entries.length) {
var nextEntry = entries[i++];
/* recursively call copyOne on copy success */
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX" || nextEntry.name === ".codepushrelease") {
/*
Native-side exception occurs while trying to copy .DS_Store and __MACOSX entries generated by macOS +
code signing jwt file should not be copied, so just skip them
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX") {
/*
Native-side exception occurs while trying to copy .DS_Store and __MACOSX entries generated by macOS, so just skip them
*/
copyOne();
} else {
@ -192,7 +191,7 @@ class FileUtil {
}
/**
* Recursively deletes the contents of a directory.
* Recursively deletes the contents of a directory.
*/
public static deleteDirectory(dirLocation: string, deleteDirCallback: Callback<void>) {
FileUtil.getDataDirectory(dirLocation, false, (oldDirError: Error, dirToDelete: DirectoryEntry) => {
@ -330,4 +329,4 @@ class FileUtil {
}
}
export = FileUtil;
export = FileUtil;

31
www/localPackage.ts
Просмотреть файл

@ -66,33 +66,32 @@ class LocalPackage extends Package implements ILocalPackage {
var newPackageLocation = LocalPackage.VersionsDir + "/" + this.packageHash;
var donePackageFileCopy = (deployDir: DirectoryEntry) => {
var signatureVerified = (deployDir: DirectoryEntry) => {
this.localPath = deployDir.fullPath;
this.finishInstall(deployDir, installOptions, installSuccess, installError);
};
var newPackageUnzippedAndVerified: Callback<boolean> = (error) => {
if (error) {
installError && installError(new Error("Could not unzip and verify package. " + CodePushUtil.getErrorMessage(error)));
var donePackageFileCopy = (deployDir: DirectoryEntry) => {
this.verifyPackage(deployDir, installError, CodePushUtil.getNodeStyleCallbackFor<DirectoryEntry>(signatureVerified, installError))
};
var newPackageUnzipped = function (unzipError: Error) {
if (unzipError) {
installError && installError(new Error("Could not unzip package" + CodePushUtil.getErrorMessage(unzipError)));
} else {
LocalPackage.handleDeployment(newPackageLocation, CodePushUtil.getNodeStyleCallbackFor<DirectoryEntry>(donePackageFileCopy, installError));
}
};
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, false, (error: Error, directoryEntry: DirectoryEntry) => {
var unzipAndVerifyPackage = () => {
var unzipPackage = () => {
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, true, (innerError: Error, unzipDir: DirectoryEntry) => {
if (innerError) {
installError && installError(innerError);
return;
}
zip.unzip(this.localPath, unzipDir.toInternalURL(), (unzipError: any) => {
if (unzipError) {
installError && installError(new Error("Could not unzip package. " + CodePushUtil.getErrorMessage(unzipError)));
}
this.verifyPackage(unzipDir, installError, newPackageUnzippedAndVerified);
});
zip.unzip(this.localPath, unzipDir.toInternalURL(), newPackageUnzipped);
});
};
@ -100,12 +99,12 @@ class LocalPackage extends Package implements ILocalPackage {
if (!error && !!directoryEntry) {
/* Unzip directory not clean */
directoryEntry.removeRecursively(() => {
unzipAndVerifyPackage();
unzipPackage();
}, (cleanupError: FileError) => {
installError && installError(FileUtil.fileErrorToError(cleanupError));
});
} else {
unzipAndVerifyPackage();
unzipPackage();
}
});
} catch (e) {
@ -113,7 +112,7 @@ class LocalPackage extends Package implements ILocalPackage {
}
}
private verifyPackage(unzipDir: DirectoryEntry, installError: ErrorCallback, callback: Callback<boolean>): void {
private verifyPackage(unzipDir: DirectoryEntry, installError: ErrorCallback, callback: Callback<DirectoryEntry>): void {
var packageHashSuccess = (localHash: string) => {
CodePushUtil.logMessage("Expected hash: " + this.packageHash + ", actual hash: " + localHash);
FileUtil.readFile(cordova.file.dataDirectory, unzipDir.fullPath + '/www', '.codepushrelease', (error, contents) => {
@ -128,7 +127,7 @@ class LocalPackage extends Package implements ILocalPackage {
// -> no code signing
if (!expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the data integrity check.");
callback(null, false);
callback(null, unzipDir);
// .codepushrelease was read but there is no public key in config.xml
if (contents != null) {
@ -141,7 +140,7 @@ class LocalPackage extends Package implements ILocalPackage {
// code signing is active, only proceed if the locally computed hash is the same as the one decoded from the JWT
if (localHash === expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the code signing check.");
callback(null, true);
callback(null, unzipDir);
return;
}