native-update/dist/esm/security/crypto.js

Foundation package for building a comprehensive update system for Capacitor apps. Provides architecture and interfaces but requires backend implementation.

/**
 * Cryptographic utilities for bundle verification
 */
export class CryptoUtils {
    /**
     * Calculate SHA-256 checksum of data
     */
    static async calculateChecksum(data) {
        const encoder = new TextEncoder();
        const dataBuffer = typeof data === 'string' ? encoder.encode(data) : data;
        const hashBuffer = await crypto.subtle.digest('SHA-256', dataBuffer);
        const hashArray = Array.from(new Uint8Array(hashBuffer));
        return hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
    }
    /**
     * Verify signature using public key
     */
    static async verifySignature(data, signature, publicKey) {
        try {
            // Convert base64 strings to ArrayBuffer
            const signatureBuffer = this.base64ToArrayBuffer(signature);
            const publicKeyBuffer = this.base64ToArrayBuffer(publicKey);
            // Import public key
            const key = await crypto.subtle.importKey('spki', publicKeyBuffer, {
                name: 'RSA-PSS',
                hash: 'SHA-256',
            }, false, ['verify']);
            // Prepare data
            const encoder = new TextEncoder();
            const dataBuffer = typeof data === 'string' ? encoder.encode(data) : data;
            // Verify signature
            return await crypto.subtle.verify({
                name: 'RSA-PSS',
                saltLength: 32,
            }, key, signatureBuffer, dataBuffer);
        }
        catch (error) {
            console.error('Signature verification failed:', error);
            return false;
        }
    }
    /**
     * Convert base64 string to ArrayBuffer
     */
    static base64ToArrayBuffer(base64) {
        const binaryString = atob(base64);
        const bytes = new Uint8Array(binaryString.length);
        for (let i = 0; i < binaryString.length; i++) {
            bytes[i] = binaryString.charCodeAt(i);
        }
        return bytes.buffer;
    }
    /**
     * Generate a random nonce
     */
    static generateNonce(length = 16) {
        const array = new Uint8Array(length);
        crypto.getRandomValues(array);
        return Array.from(array, (byte) => byte.toString(16).padStart(2, '0')).join('');
    }
    /**
     * Validate checksum format
     */
    static isValidChecksum(checksum, algorithm = 'SHA-256') {
        const expectedLength = algorithm === 'SHA-256' ? 64 : 128;
        const hexPattern = /^[a-f0-9]+$/i;
        return checksum.length === expectedLength && hexPattern.test(checksum);
    }
}
//# sourceMappingURL=crypto.js.map