@capgo/capacitor-updater 8.0.1 → 8.2.0

package/android/src/main/java/ee/forgr/capacitor_updater/{CryptoCipherV2.java → CryptoCipher.java}

@@ -12,7 +12,6 @@ package ee.forgr.capacitor_updater;
  * references: http://stackoverflow.com/questions/12471999/rsa-encryption-decryption-in-android
  */
 import android.util.Base64;
-import android.util.Log;
 import java.io.BufferedInputStream;
 import java.io.DataInputStream;
 import java.io.File;
@@ -36,7 +35,13 @@ import javax.crypto.SecretKey;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
-public class CryptoCipherV2 {
+public class CryptoCipher {
+
+    private static Logger logger;
+
+    public static void setLogger(Logger loggerInstance) {
+        logger = loggerInstance;
+    }
 
     public static byte[] decryptRSA(byte[] source, PublicKey publicKey)
         throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
@@ -135,11 +140,11 @@ public class CryptoCipherV2 {
 
     public static void decryptFile(final File file, final String publicKey, final String ivSessionKey) throws IOException {
         if (publicKey.isEmpty() || ivSessionKey == null || ivSessionKey.isEmpty() || ivSessionKey.split(":").length != 2) {
-            Log.i(CapacitorUpdater.TAG, "Cannot found public key or sessionKey");
+            logger.info("Encryption not set, no public key or session, ignored");
             return;
         }
         if (!publicKey.startsWith("-----BEGIN RSA PUBLIC KEY-----")) {
-            Log.e(CapacitorUpdater.TAG, "The public key is not a valid RSA Public key");
+            logger.error("The public key is not a valid RSA Public key");
             return;
         }
 
@@ -148,10 +153,10 @@ public class CryptoCipherV2 {
             String sessionKeyB64 = ivSessionKey.split(":")[1];
             byte[] iv = Base64.decode(ivB64.getBytes(), Base64.DEFAULT);
             byte[] sessionKey = Base64.decode(sessionKeyB64.getBytes(), Base64.DEFAULT);
-            PublicKey pKey = CryptoCipherV2.stringToPublicKey(publicKey);
-            byte[] decryptedSessionKey = CryptoCipherV2.decryptRSA(sessionKey, pKey);
+            PublicKey pKey = CryptoCipher.stringToPublicKey(publicKey);
+            byte[] decryptedSessionKey = CryptoCipher.decryptRSA(sessionKey, pKey);
 
-            SecretKey sKey = CryptoCipherV2.byteToSessionKey(decryptedSessionKey);
+            SecretKey sKey = CryptoCipher.byteToSessionKey(decryptedSessionKey);
             byte[] content = new byte[(int) file.length()];
 
             try (
@@ -161,52 +166,133 @@ public class CryptoCipherV2 {
             ) {
                 dis.readFully(content);
                 dis.close();
-                byte[] decrypted = CryptoCipherV2.decryptAES(content, sKey, iv);
+                byte[] decrypted = CryptoCipher.decryptAES(content, sKey, iv);
                 // write the decrypted string to the file
                 try (final FileOutputStream fos = new FileOutputStream(file.getAbsolutePath())) {
                     fos.write(decrypted);
                 }
             }
         } catch (GeneralSecurityException e) {
-            Log.i(CapacitorUpdater.TAG, "decryptFile fail");
+            logger.info("decryptFile fail");
             e.printStackTrace();
             throw new IOException("GeneralSecurityException");
         }
     }
 
+    private static byte[] hexStringToByteArray(String s) {
+        int len = s.length();
+        byte[] data = new byte[len / 2];
+        for (int i = 0; i < len; i += 2) {
+            data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
+        }
+        return data;
+    }
+
     public static String decryptChecksum(String checksum, String publicKey) throws IOException {
         if (publicKey.isEmpty()) {
-            Log.e(CapacitorUpdater.TAG, "The public key is empty");
+            logger.error("No encryption set (public key) ignored");
             return checksum;
         }
         try {
-            byte[] checksumBytes = Base64.decode(checksum, Base64.DEFAULT);
-            PublicKey pKey = CryptoCipherV2.stringToPublicKey(publicKey);
-            byte[] decryptedChecksum = CryptoCipherV2.decryptRSA(checksumBytes, pKey);
-            // return Base64.encodeToString(decryptedChecksum, Base64.DEFAULT);
-            String result = Base64.encodeToString(decryptedChecksum, Base64.DEFAULT);
-            return result.replaceAll("\\s", ""); // Remove all whitespace, including newlines
+            // TODO: remove this in a month or two
+            // Determine if input is hex or base64 encoded
+            // Hex strings only contain 0-9 and a-f, while base64 contains other characters
+            byte[] checksumBytes;
+            String detectedFormat;
+            if (checksum.matches("^[0-9a-fA-F]+$")) {
+                // Hex encoded (new format from CLI for plugin versions >= 5.30.0, 6.30.0, 7.30.0)
+                checksumBytes = hexStringToByteArray(checksum);
+                detectedFormat = "hex";
+            } else {
+                // TODO: remove backwards compatibility
+                // Base64 encoded (old format for backwards compatibility)
+                checksumBytes = Base64.decode(checksum, Base64.DEFAULT);
+                detectedFormat = "base64";
+            }
+            logger.debug(
+                "Received encrypted checksum format: " +
+                    detectedFormat +
+                    " (length: " +
+                    checksum.length() +
+                    " chars, " +
+                    checksumBytes.length +
+                    " bytes)"
+            );
+            PublicKey pKey = CryptoCipher.stringToPublicKey(publicKey);
+            byte[] decryptedChecksum = CryptoCipher.decryptRSA(checksumBytes, pKey);
+            // Return as hex string to match calcChecksum output format
+            StringBuilder hexString = new StringBuilder();
+            for (byte b : decryptedChecksum) {
+                String hex = Integer.toHexString(0xff & b);
+                if (hex.length() == 1) hexString.append('0');
+                hexString.append(hex);
+            }
+            String result = hexString.toString();
+
+            // Detect checksum algorithm based on length
+            String detectedAlgorithm;
+            if (decryptedChecksum.length == 32) {
+                detectedAlgorithm = "SHA-256";
+            } else if (decryptedChecksum.length == 4) {
+                detectedAlgorithm = "CRC32 (deprecated)";
+                logger.error(
+                    "CRC32 checksum detected. This algorithm is deprecated and no longer supported. Please update your CLI to use SHA-256 checksums."
+                );
+            } else {
+                detectedAlgorithm = "unknown (" + decryptedChecksum.length + " bytes)";
+                logger.error(
+                    "Unknown checksum algorithm detected with " + decryptedChecksum.length + " bytes. Expected SHA-256 (32 bytes)."
+                );
+            }
+            logger.debug(
+                "Decrypted checksum: " +
+                    detectedAlgorithm +
+                    " hex format (length: " +
+                    result.length() +
+                    " chars, " +
+                    decryptedChecksum.length +
+                    " bytes)"
+            );
+            return result;
         } catch (GeneralSecurityException e) {
-            Log.e(CapacitorUpdater.TAG, "decryptChecksum fail: " + e.getMessage());
+            logger.error("decryptChecksum fail: " + e.getMessage());
             throw new IOException("Decryption failed: " + e.getMessage());
         }
     }
 
-    public static String decryptChecksum(String checksum, String publicKey, String version) throws IOException {
-        if (publicKey.isEmpty()) {
-            Log.e(CapacitorUpdater.TAG, "The public key is empty");
-            return checksum;
+    /**
+     * Detect checksum algorithm based on hex string length.
+     * SHA-256 = 64 hex chars (32 bytes)
+     * CRC32 = 8 hex chars (4 bytes)
+     */
+    public static String detectChecksumAlgorithm(String hexChecksum) {
+        if (hexChecksum == null || hexChecksum.isEmpty()) {
+            return "empty";
         }
-        try {
-            byte[] checksumBytes = Base64.decode(checksum, Base64.DEFAULT);
-            PublicKey pKey = CryptoCipherV2.stringToPublicKey(publicKey);
-            byte[] decryptedChecksum = CryptoCipherV2.decryptRSA(checksumBytes, pKey);
-            // return Base64.encodeToString(decryptedChecksum, Base64.DEFAULT);
-            String result = Base64.encodeToString(decryptedChecksum, Base64.DEFAULT);
-            return result.replaceAll("\\s", ""); // Remove all whitespace, including newlines
-        } catch (GeneralSecurityException e) {
-            Log.e(CapacitorUpdater.TAG, "decryptChecksum fail: " + e.getMessage());
-            throw new IOException("Decryption failed: " + e.getMessage());
+        int len = hexChecksum.length();
+        if (len == 64) {
+            return "SHA-256";
+        } else if (len == 8) {
+            return "CRC32 (deprecated)";
+        } else {
+            return "unknown (" + len + " hex chars)";
+        }
+    }
+
+    /**
+     * Log checksum info and warn if deprecated algorithm detected.
+     */
+    public static void logChecksumInfo(String label, String hexChecksum) {
+        String algorithm = detectChecksumAlgorithm(hexChecksum);
+        logger.debug(label + ": " + algorithm + " hex format (length: " + hexChecksum.length() + " chars)");
+        if (algorithm.contains("CRC32")) {
+            logger.error(
+                "CRC32 checksum detected. This algorithm is deprecated and no longer supported. Please update your CLI to use SHA-256 checksums."
+            );
+        } else if (algorithm.contains("unknown")) {
+            logger.error(
+                "Unknown checksum algorithm detected. Expected SHA-256 (64 hex chars) but got " + hexChecksum.length() + " chars."
+            );
         }
     }
 
@@ -216,7 +302,7 @@ public class CryptoCipherV2 {
         try {
             digest = MessageDigest.getInstance("SHA-256");
         } catch (java.security.NoSuchAlgorithmException e) {
-            System.err.println(CapacitorUpdater.TAG + " SHA-256 algorithm not available");
+            logger.error("SHA-256 algorithm not available");
             return "";
         }
 
@@ -235,7 +321,7 @@ public class CryptoCipherV2 {
             }
             return hexString.toString();
         } catch (IOException e) {
-            System.err.println(CapacitorUpdater.TAG + " Cannot calc checksum v2: " + file.getPath() + " " + e.getMessage());
+            logger.error("Cannot calc checksum v2: " + file.getPath() + " " + e.getMessage());
             return "";
         }
     }
@@ -273,4 +359,23 @@ public class CryptoCipherV2 {
 
         throw new IllegalArgumentException("size too large, only up to 64KiB length encoding supported: " + size);
     }
+
+    /**
+     * Get first 4 characters of the public key for identification.
+     * Returns 4-character string or empty string if key is invalid/empty.
+     */
+    public static String calcKeyId(String publicKey) {
+        if (publicKey == null || publicKey.isEmpty()) {
+            return "";
+        }
+
+        // Remove PEM headers and whitespace to get the raw key data
+        String cleanedKey = publicKey
+            .replaceAll("\\s+", "")
+            .replace("-----BEGINRSAPUBLICKEY-----", "")
+            .replace("-----ENDRSAPUBLICKEY-----", "");
+
+        // Return first 4 characters of the base64-encoded key
+        return cleanedKey.length() >= 4 ? cleanedKey.substring(0, 4) : cleanedKey;
+    }
 }

package/android/src/main/java/ee/forgr/capacitor_updater/DelayCondition.java

@@ -7,15 +7,12 @@
 package ee.forgr.capacitor_updater;
 
 import androidx.annotation.NonNull;
-import com.google.gson.annotations.SerializedName;
 import java.util.Objects;
 
 public class DelayCondition {
 
-    @SerializedName("kind")
     private DelayUntilNext kind;
 
-    @SerializedName("value")
     private String value;
 
     public DelayCondition(DelayUntilNext kind, String value) {

package/android/src/main/java/ee/forgr/capacitor_updater/DelayUpdateUtils.java

@@ -0,0 +1,260 @@
+package ee.forgr.capacitor_updater;
+
+import android.content.SharedPreferences;
+import io.github.g00fy2.versioncompare.Version;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Date;
+import org.json.JSONArray;
+import org.json.JSONException;
+import org.json.JSONObject;
+
+public class DelayUpdateUtils {
+
+    private final Logger logger;
+
+    public static final String DELAY_CONDITION_PREFERENCES = "DELAY_CONDITION_PREFERENCES_CAPGO";
+    public static final String BACKGROUND_TIMESTAMP_KEY = "BACKGROUND_TIMESTAMP_KEY_CAPGO";
+
+    private final SharedPreferences prefs;
+    private final SharedPreferences.Editor editor;
+    private final Version currentVersionNative;
+
+    public DelayUpdateUtils(SharedPreferences prefs, SharedPreferences.Editor editor, Version currentVersionNative, Logger logger) {
+        this.prefs = prefs;
+        this.editor = editor;
+        this.currentVersionNative = currentVersionNative;
+        this.logger = logger;
+    }
+
+    public enum CancelDelaySource {
+        KILLED,
+        BACKGROUND,
+        FOREGROUND
+    }
+
+    public void checkCancelDelay(CancelDelaySource source) {
+        String delayUpdatePreferences = prefs.getString(DELAY_CONDITION_PREFERENCES, "[]");
+        ArrayList<DelayCondition> delayConditionList = parseDelayConditions(delayUpdatePreferences);
+        ArrayList<DelayCondition> delayConditionListToKeep = new ArrayList<>(delayConditionList.size());
+        int index = 0;
+
+        for (DelayCondition condition : delayConditionList) {
+            DelayUntilNext kind = condition.getKind();
+            String value = condition.getValue();
+            switch (kind) {
+                case DelayUntilNext.background:
+                    if (source == CancelDelaySource.FOREGROUND) {
+                        long backgroundedAt = getBackgroundTimestamp();
+                        long now = System.currentTimeMillis();
+                        long delta = Math.max(0, now - backgroundedAt);
+                        long longValue = 0L;
+                        try {
+                            longValue = Long.parseLong(value);
+                        } catch (NumberFormatException e) {
+                            logger.error(
+                                "Background condition (value: " +
+                                    value +
+                                    ") had an invalid value at index " +
+                                    index +
+                                    ". We will likely remove it."
+                            );
+                        }
+
+                        if (delta > longValue) {
+                            logger.info(
+                                "Background condition (value: " +
+                                    value +
+                                    ") deleted at index " +
+                                    index +
+                                    ". Delta: " +
+                                    delta +
+                                    ", longValue: " +
+                                    longValue
+                            );
+                        }
+                    } else {
+                        delayConditionListToKeep.add(condition);
+                        logger.info(
+                            "Background delay (value: " +
+                                value +
+                                ") condition kept at index " +
+                                index +
+                                " (source: " +
+                                source.toString() +
+                                ")"
+                        );
+                    }
+                    break;
+                case DelayUntilNext.kill:
+                    if (source == CancelDelaySource.KILLED) {
+                        logger.info("Kill delay (value: " + value + ") condition removed at index " + index + " after app kill");
+                    } else {
+                        delayConditionListToKeep.add(condition);
+                        logger.info(
+                            "Kill delay (value: " + value + ") condition kept at index " + index + " (source: " + source.toString() + ")"
+                        );
+                    }
+                    break;
+                case DelayUntilNext.date:
+                    if (!"".equals(value)) {
+                        try {
+                            final SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS");
+                            Date date = sdf.parse(value);
+                            assert date != null;
+                            if (new Date().compareTo(date) > 0) {
+                                logger.info("Date delay (value: " + value + ") condition removed due to expired date at index " + index);
+                            } else {
+                                delayConditionListToKeep.add(condition);
+                                logger.info("Date delay (value: " + value + ") condition kept at index " + index);
+                            }
+                        } catch (final Exception e) {
+                            logger.error(
+                                "Date delay (value: " +
+                                    value +
+                                    ") condition removed due to parsing issue at index " +
+                                    index +
+                                    " " +
+                                    e.getMessage()
+                            );
+                        }
+                    } else {
+                        logger.debug("Date delay (value: " + value + ") condition removed due to empty value at index " + index);
+                    }
+                    break;
+                case DelayUntilNext.nativeVersion:
+                    if (!"".equals(value)) {
+                        try {
+                            final Version versionLimit = new Version(value);
+                            if (this.currentVersionNative.isAtLeast(versionLimit)) {
+                                logger.info(
+                                    "Native version delay (value: " + value + ") condition removed due to above limit at index " + index
+                                );
+                            } else {
+                                delayConditionListToKeep.add(condition);
+                                logger.info("Native version delay (value: " + value + ") condition kept at index " + index);
+                            }
+                        } catch (final Exception e) {
+                            logger.error(
+                                "Native version delay (value: " +
+                                    value +
+                                    ") condition removed due to parsing issue at index " +
+                                    index +
+                                    " " +
+                                    e.getMessage()
+                            );
+                        }
+                    } else {
+                        logger.debug("Native version delay (value: " + value + ") condition removed due to empty value at index " + index);
+                    }
+                    break;
+            }
+            index++;
+        }
+
+        if (delayConditionListToKeep.isEmpty()) {
+            this.cancelDelay("checkCancelDelay");
+        } else {
+            this.setMultiDelay(convertDelayConditionsToJson(delayConditionListToKeep));
+        }
+    }
+
+    public ArrayList<DelayCondition> parseDelayConditions(String json) {
+        ArrayList<DelayCondition> conditions = new ArrayList<>();
+        if (json == null || json.isEmpty()) {
+            return conditions;
+        }
+        try {
+            JSONArray array = new JSONArray(json);
+            for (int i = 0; i < array.length(); i++) {
+                JSONObject item = array.optJSONObject(i);
+                if (item == null) {
+                    continue;
+                }
+                String kindValue = item.optString("kind", "");
+                String value = item.optString("value", "");
+                if (kindValue.isEmpty()) {
+                    logger.warn("Delay condition missing kind at index " + i);
+                    continue;
+                }
+                try {
+                    DelayUntilNext kind = DelayUntilNext.valueOf(kindValue);
+                    conditions.add(new DelayCondition(kind, value));
+                } catch (IllegalArgumentException e) {
+                    logger.warn("Unknown delay condition kind '" + kindValue + "' at index " + i);
+                }
+            }
+        } catch (JSONException e) {
+            logger.error("Failed to parse delay conditions: " + e.getMessage());
+        }
+        return conditions;
+    }
+
+    private String convertDelayConditionsToJson(ArrayList<DelayCondition> conditions) {
+        JSONArray array = new JSONArray();
+        for (DelayCondition condition : conditions) {
+            try {
+                JSONObject obj = new JSONObject();
+                obj.put("kind", condition.getKind().name());
+                obj.put("value", condition.getValue());
+                array.put(obj);
+            } catch (JSONException e) {
+                logger.error("Failed to serialize delay condition: " + e.getMessage());
+            }
+        }
+        return array.toString();
+    }
+
+    public Boolean setMultiDelay(String delayConditions) {
+        try {
+            this.editor.putString(DELAY_CONDITION_PREFERENCES, delayConditions);
+            this.editor.commit();
+            logger.info("Delay update saved");
+            return true;
+        } catch (final Exception e) {
+            logger.error("Failed to delay update, [Error calling '_setMultiDelay()'] " + e.getMessage());
+            return false;
+        }
+    }
+
+    public void setBackgroundTimestamp(long backgroundTimestamp) {
+        try {
+            this.editor.putLong(BACKGROUND_TIMESTAMP_KEY, backgroundTimestamp);
+            this.editor.commit();
+            logger.info("Background timestamp set");
+        } catch (final Exception e) {
+            logger.error("Failed to delay update, [Error calling '_setBackgroundTimestamp()'] " + e.getMessage());
+        }
+    }
+
+    public void unsetBackgroundTimestamp() {
+        try {
+            this.editor.remove(BACKGROUND_TIMESTAMP_KEY);
+            this.editor.commit();
+            logger.info("Background timestamp unset");
+        } catch (final Exception e) {
+            logger.error("Failed to delay update, [Error calling '_unsetBackgroundTimestamp()'] " + e.getMessage());
+        }
+    }
+
+    private long getBackgroundTimestamp() {
+        try {
+            return this.prefs.getLong(BACKGROUND_TIMESTAMP_KEY, 0);
+        } catch (final Exception e) {
+            logger.error("Failed to delay update, [Error calling '_getBackgroundTimestamp()'] " + e.getMessage());
+            return 0;
+        }
+    }
+
+    public boolean cancelDelay(String source) {
+        try {
+            this.editor.remove(DELAY_CONDITION_PREFERENCES);
+            this.editor.commit();
+            logger.info("All delays canceled from " + source);
+            return true;
+        } catch (final Exception e) {
+            logger.error("Failed to cancel update delay " + e.getMessage());
+            return false;
+        }
+    }
+}