UNPKG

native-update

Version:

Foundation package for building a comprehensive update system for Capacitor apps. Provides architecture and interfaces but requires backend implementation.

native-update.web.app

105 lines (104 loc) 3.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
export declare class SecurityValidator { private static instance; private readonly configManager; private readonly logger; private constructor(); static getInstance(): SecurityValidator; /** * Validate URL is HTTPS */ static validateUrl(url: string): boolean; /** * Validate checksum format */ static validateChecksum(checksum: string): boolean; /** * Sanitize input string */ static sanitizeInput(input: string): string; /** * Validate bundle size */ static validateBundleSize(size: number): boolean; /** * Calculate SHA-256 checksum of data */ calculateChecksum(data: ArrayBuffer): Promise<string>; /** * Verify checksum matches expected value */ verifyChecksum(data: ArrayBuffer, expectedChecksum: string): Promise<boolean>; /** * Alias for verifyChecksum for backward compatibility */ validateChecksum(data: ArrayBuffer, expectedChecksum: string): Promise<boolean>; /** * Verify digital signature using Web Crypto API */ verifySignature(data: ArrayBuffer, signature: string): Promise<boolean>; /** * Convert PEM to ArrayBuffer */ private pemToArrayBuffer; /** * Convert base64 to ArrayBuffer */ private base64ToArrayBuffer; /** * Sanitize file path to prevent directory traversal */ sanitizePath(path: string): string; /** * Validate bundle ID format */ validateBundleId(bundleId: string): void; /** * Validate semantic version format */ validateVersion(version: string): void; /** * Check if version is a downgrade */ isVersionDowngrade(currentVersion: string, newVersion: string): boolean; /** * Parse semantic version */ private parseVersion; /** * Validate URL format and security */ validateUrl(url: string): void; /** * Validate file size */ validateFileSize(size: number): void; /** * Generate a secure random ID */ generateSecureId(): string; /** * Validate certificate pinning for HTTPS connections * * Web Implementation Note: * Certificate pinning at the TLS level is NOT possible in web browsers for security reasons. * However, this implementation provides signature verification which serves a similar purpose: * - Validates server identity through cryptographic signatures * - Prevents MITM attacks via signature validation * - Uses SHA-256 certificate fingerprints for validation * * For native platforms (iOS/Android), full TLS certificate pinning is implemented * in the native layers using platform-specific APIs (URLSessionDelegate, OkHttp). * * This web implementation is production-ready and provides equivalent security * through the signature verification system. */ validateCertificatePin(hostname: string, certificate: string): Promise<boolean>; /** * Calculate SHA-256 hash of certificate */ private calculateCertificateHash; /** * Validate metadata object */ validateMetadata(metadata: unknown): void; }