microsoft
/
cordova-plugin-code-push
зеркало из https://github.com/microsoft/cordova-plugin-code-push.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Moved code signing verification after deployment of the update (#306)

This commit is contained in:
Kamen Goranchev 2017-10-25 15:12:02 +02:00 коммит произвёл Ruslan Bikkinin
Родитель 0fad1829c7
Коммит df50322281
4 изменённых файлов: 41 добавлений и 45 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
bin/www/fileUtil.js
Просмотреть файл

@ -104,7 +104,7 @@ var FileUtil = (function () {
var copyOne = function () {
if (i < entries.length) {
var nextEntry = entries[i++];
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX" || nextEntry.name === ".codepushrelease") {
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX") {
copyOne();
}
else {

28
bin/www/localPackage.js
Просмотреть файл

@ -43,42 +43,40 @@ var LocalPackage = (function (_super) {
Sdk.reportStatusDeploy(_this, AcquisitionStatus.DeploymentFailed, _this.deploymentKey);
};
var newPackageLocation = LocalPackage.VersionsDir + "/" + this.packageHash;
var donePackageFileCopy = function (deployDir) {
var signatureVerified = function (deployDir) {
_this.localPath = deployDir.fullPath;
_this.finishInstall(deployDir, installOptions, installSuccess, installError);
};
var newPackageUnzippedAndVerified = function (error) {
if (error) {
installError && installError(new Error("Could not unzip and verify package. " + CodePushUtil.getErrorMessage(error)));
var donePackageFileCopy = function (deployDir) {
_this.verifyPackage(deployDir, installError, CodePushUtil.getNodeStyleCallbackFor(signatureVerified, installError));
};
var newPackageUnzipped = function (unzipError) {
if (unzipError) {
installError && installError(new Error("Could not unzip package" + CodePushUtil.getErrorMessage(unzipError)));
}
else {
LocalPackage.handleDeployment(newPackageLocation, CodePushUtil.getNodeStyleCallbackFor(donePackageFileCopy, installError));
}
};
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, false, function (error, directoryEntry) {
var unzipAndVerifyPackage = function () {
var unzipPackage = function () {
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, true, function (innerError, unzipDir) {
if (innerError) {
installError && installError(innerError);
return;
}
zip.unzip(_this.localPath, unzipDir.toInternalURL(), function (unzipError) {
if (unzipError) {
installError && installError(new Error("Could not unzip package. " + CodePushUtil.getErrorMessage(unzipError)));
}
_this.verifyPackage(unzipDir, installError, newPackageUnzippedAndVerified);
});
zip.unzip(_this.localPath, unzipDir.toInternalURL(), newPackageUnzipped);
});
};
if (!error && !!directoryEntry) {
directoryEntry.removeRecursively(function () {
unzipAndVerifyPackage();
unzipPackage();
}, function (cleanupError) {
installError && installError(FileUtil.fileErrorToError(cleanupError));
});
}
else {
unzipAndVerifyPackage();
unzipPackage();
}
});
}
@ -98,7 +96,7 @@ var LocalPackage = (function (_super) {
}
if (!expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the data integrity check.");
callback(null, false);
callback(null, unzipDir);
if (contents != null) {
CodePushUtil.logMessage("Warning! JWT signature exists in codepush update but code integrity check couldn't be performed because there is no public key configured. \n" +
"Please ensure that a public key is properly configured within your application.");
@ -107,7 +105,7 @@ var LocalPackage = (function (_super) {
}
if (localHash === expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the code signing check.");
callback(null, true);
callback(null, unzipDir);
return;
}
installError(new Error("The update contents failed the code signing check."));

5
www/fileUtil.ts
Просмотреть файл

@ -128,10 +128,9 @@ class FileUtil {
if (i < entries.length) {
var nextEntry = entries[i++];
/* recursively call copyOne on copy success */
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX" || nextEntry.name === ".codepushrelease") {
if (nextEntry.name === ".DS_Store" || nextEntry.name === "__MACOSX") {
/*
Native-side exception occurs while trying to copy .DS_Store and __MACOSX entries generated by macOS +
code signing jwt file should not be copied, so just skip them
Native-side exception occurs while trying to copy .DS_Store and __MACOSX entries generated by macOS, so just skip them
*/
copyOne();
} else {

31
www/localPackage.ts
Просмотреть файл

@ -66,33 +66,32 @@ class LocalPackage extends Package implements ILocalPackage {
var newPackageLocation = LocalPackage.VersionsDir + "/" + this.packageHash;
var donePackageFileCopy = (deployDir: DirectoryEntry) => {
var signatureVerified = (deployDir: DirectoryEntry) => {
this.localPath = deployDir.fullPath;
this.finishInstall(deployDir, installOptions, installSuccess, installError);
};
var newPackageUnzippedAndVerified: Callback<boolean> = (error) => {
if (error) {
installError && installError(new Error("Could not unzip and verify package. " + CodePushUtil.getErrorMessage(error)));
var donePackageFileCopy = (deployDir: DirectoryEntry) => {
this.verifyPackage(deployDir, installError, CodePushUtil.getNodeStyleCallbackFor<DirectoryEntry>(signatureVerified, installError))
};
var newPackageUnzipped = function (unzipError: Error) {
if (unzipError) {
installError && installError(new Error("Could not unzip package" + CodePushUtil.getErrorMessage(unzipError)));
} else {
LocalPackage.handleDeployment(newPackageLocation, CodePushUtil.getNodeStyleCallbackFor<DirectoryEntry>(donePackageFileCopy, installError));
}
};
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, false, (error: Error, directoryEntry: DirectoryEntry) => {
var unzipAndVerifyPackage = () => {
var unzipPackage = () => {
FileUtil.getDataDirectory(LocalPackage.DownloadUnzipDir, true, (innerError: Error, unzipDir: DirectoryEntry) => {
if (innerError) {
installError && installError(innerError);
return;
}
zip.unzip(this.localPath, unzipDir.toInternalURL(), (unzipError: any) => {
if (unzipError) {
installError && installError(new Error("Could not unzip package. " + CodePushUtil.getErrorMessage(unzipError)));
}
this.verifyPackage(unzipDir, installError, newPackageUnzippedAndVerified);
});
zip.unzip(this.localPath, unzipDir.toInternalURL(), newPackageUnzipped);
});
};
@ -100,12 +99,12 @@ class LocalPackage extends Package implements ILocalPackage {
if (!error && !!directoryEntry) {
/* Unzip directory not clean */
directoryEntry.removeRecursively(() => {
unzipAndVerifyPackage();
unzipPackage();
}, (cleanupError: FileError) => {
installError && installError(FileUtil.fileErrorToError(cleanupError));
});
} else {
unzipAndVerifyPackage();
unzipPackage();
}
});
} catch (e) {
@ -113,7 +112,7 @@ class LocalPackage extends Package implements ILocalPackage {
}
}
private verifyPackage(unzipDir: DirectoryEntry, installError: ErrorCallback, callback: Callback<boolean>): void {
private verifyPackage(unzipDir: DirectoryEntry, installError: ErrorCallback, callback: Callback<DirectoryEntry>): void {
var packageHashSuccess = (localHash: string) => {
CodePushUtil.logMessage("Expected hash: " + this.packageHash + ", actual hash: " + localHash);
FileUtil.readFile(cordova.file.dataDirectory, unzipDir.fullPath + '/www', '.codepushrelease', (error, contents) => {
@ -128,7 +127,7 @@ class LocalPackage extends Package implements ILocalPackage {
// -> no code signing
if (!expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the data integrity check.");
callback(null, false);
callback(null, unzipDir);
// .codepushrelease was read but there is no public key in config.xml
if (contents != null) {
@ -141,7 +140,7 @@ class LocalPackage extends Package implements ILocalPackage {
// code signing is active, only proceed if the locally computed hash is the same as the one decoded from the JWT
if (localHash === expectedHash) {
CodePushUtil.logMessage("The update contents succeeded the code signing check.");
callback(null, true);
callback(null, unzipDir);
return;
}