npm - @revopush/react-native-code-push - Versions diffs - 1.5.0 → 2.5.0-rc.1 - Mend

@revopush/react-native-code-push 1.5.0 → 2.5.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/android/src/main/java/com/microsoft/codepush/react/CodePushUpdateManager.java CHANGED Viewed

@@ -1,8 +1,21 @@
 package com.microsoft.codepush.react;
-import android.os.Build;
+import static com.microsoft.codepush.react.CodePushConstants.ASSET_DOWNLOAD_URL_KEY;
+import static com.microsoft.codepush.react.CodePushConstants.BUNDLE_DIFF_DOWNLOAD_URL_KEY;
+import static com.microsoft.codepush.react.CodePushConstants.BUNDLE_DOWNLOAD_URL_KEY;
+import static com.microsoft.codepush.react.CodePushConstants.CODE_PUSH_ASSET_HASH;
+import static com.microsoft.codepush.react.CodePushConstants.CODE_PUSH_BUNDLE_HASH;
+import static com.microsoft.codepush.react.CodePushConstants.CODE_PUSH_PACKAGE_HASH;
+import static com.microsoft.codepush.react.CodePushConstants.DOWNLOAD_URL_KEY;
+import static com.microsoft.codepush.react.CodePushConstants.PACKAGE_HASH_KEY;
+import static com.microsoft.codepush.react.CodePushUtils.appendPathComponent;
+import android.content.Context;
 import org.json.JSONObject;
+import org.revopush.ota.model.CodePushContext;
+import org.revopush.ota.BundleManager;
+import org.revopush.ota.model.UpdatePackage;
 import java.io.BufferedInputStream;
 import java.io.BufferedOutputStream;
@@ -12,24 +25,22 @@ import java.io.IOException;
 import java.net.HttpURLConnection;
 import java.net.MalformedURLException;
 import java.net.URL;
-import java.nio.ByteBuffer;
-import javax.net.ssl.HttpsURLConnection;
 public class CodePushUpdateManager {
     private String mDocumentsDirectory;
-    public CodePushUpdateManager(String documentsDirectory) {
-        mDocumentsDirectory = documentsDirectory;
-    }
-    private String getDownloadFilePath() {
-        return CodePushUtils.appendPathComponent(getCodePushPath(), CodePushConstants.DOWNLOAD_FILE_NAME);
+    private BundleManager bundleManager;
+    public CodePushUpdateManager(Context context, boolean isDebugMode) {
+        this.mDocumentsDirectory = context.getFilesDir().getAbsolutePath();
+        this.bundleManager = new BundleManager(
+                context.getApplicationContext(),
+                getCodePushPath(),
+                getUnzippedFolderPath());
     }
     private String getUnzippedFolderPath() {
-        return CodePushUtils.appendPathComponent(getCodePushPath(), CodePushConstants.UNZIPPED_FOLDER_NAME);
+        return appendPathComponent(getCodePushPath(), CodePushConstants.UNZIPPED_FOLDER_NAME);
     }
     private String getDocumentsDirectory() {
@@ -37,16 +48,16 @@ public class CodePushUpdateManager {
     }
     private String getCodePushPath() {
-        String codePushPath = CodePushUtils.appendPathComponent(getDocumentsDirectory(), CodePushConstants.CODE_PUSH_FOLDER_PREFIX);
+        String codePushPath = appendPathComponent(getDocumentsDirectory(), CodePushConstants.CODE_PUSH_FOLDER_PREFIX);
         if (CodePush.isUsingTestConfiguration()) {
-            codePushPath = CodePushUtils.appendPathComponent(codePushPath, "TestPackages");
+            codePushPath = appendPathComponent(codePushPath, "TestPackages");
         }
         return codePushPath;
     }
     private String getStatusFilePath() {
-        return CodePushUtils.appendPathComponent(getCodePushPath(), CodePushConstants.STATUS_FILE);
+        return appendPathComponent(getCodePushPath(), CodePushConstants.STATUS_FILE);
     }
     public JSONObject getCurrentPackageInfo() {
@@ -95,14 +106,14 @@ public class CodePushUpdateManager {
         String relativeBundlePath = currentPackage.optString(CodePushConstants.RELATIVE_BUNDLE_PATH_KEY, null);
         if (relativeBundlePath == null) {
-            return CodePushUtils.appendPathComponent(packageFolder, bundleFileName);
+            return appendPathComponent(packageFolder, bundleFileName);
         } else {
-            return CodePushUtils.appendPathComponent(packageFolder, relativeBundlePath);
+            return appendPathComponent(packageFolder, relativeBundlePath);
         }
     }
     public String getPackageFolderPath(String packageHash) {
-        return CodePushUtils.appendPathComponent(getCodePushPath(), packageHash);
+        return appendPathComponent(getCodePushPath(), packageHash);
     }
     public String getCurrentPackageHash() {
@@ -135,7 +146,7 @@ public class CodePushUpdateManager {
     public JSONObject getPackage(String packageHash) {
         String folderPath = getPackageFolderPath(packageHash);
-        String packageFilePath = CodePushUtils.appendPathComponent(folderPath, CodePushConstants.PACKAGE_FILE_NAME);
+        String packageFilePath = appendPathComponent(folderPath, CodePushConstants.PACKAGE_FILE_NAME);
         try {
             return CodePushUtils.getJsonObjectFromFile(packageFilePath);
         } catch (IOException e) {
@@ -143,172 +154,35 @@ public class CodePushUpdateManager {
         }
     }
-    public void downloadPackage(JSONObject updatePackage, String expectedBundleFileName,
-                                DownloadProgressCallback progressCallback,
-                                String stringPublicKey) throws IOException {
-        String newUpdateHash = updatePackage.optString(CodePushConstants.PACKAGE_HASH_KEY, null);
-        String newUpdateFolderPath = getPackageFolderPath(newUpdateHash);
-        String newUpdateMetadataPath = CodePushUtils.appendPathComponent(newUpdateFolderPath, CodePushConstants.PACKAGE_FILE_NAME);
-        if (FileUtils.fileAtPathExists(newUpdateFolderPath)) {
-            // This removes any stale data in newPackageFolderPath that could have been left
-            // uncleared due to a crash or error during the download or install process.
-            FileUtils.deleteDirectoryAtPath(newUpdateFolderPath);
-        }
-        String downloadUrlString = updatePackage.optString(CodePushConstants.DOWNLOAD_URL_KEY, null);
-        HttpURLConnection connection = null;
-        BufferedInputStream bin = null;
-        FileOutputStream fos = null;
-        BufferedOutputStream bout = null;
-        File downloadFile = null;
-        boolean isZip = false;
-        // Download the file while checking if it is a zip and notifying client of progress.
-        try {
-            URL downloadUrl = new URL(downloadUrlString);
-            connection = (HttpURLConnection) (downloadUrl.openConnection());
-            if (android.os.Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP &&
-                downloadUrl.toString().startsWith("https")) {
-                try {
-                    ((HttpsURLConnection)connection).setSSLSocketFactory(new TLSSocketFactory());
-                } catch (Exception e) {
-                    throw new CodePushUnknownException("Error set SSLSocketFactory. ", e);
-                }
-            }
-            connection.setRequestProperty("Accept-Encoding", "identity");
-            bin = new BufferedInputStream(connection.getInputStream());
-            long totalBytes = connection.getContentLength();
-            long receivedBytes = 0;
-            File downloadFolder = new File(getCodePushPath());
-            downloadFolder.mkdirs();
-            downloadFile = new File(downloadFolder, CodePushConstants.DOWNLOAD_FILE_NAME);
-            fos = new FileOutputStream(downloadFile);
-            bout = new BufferedOutputStream(fos, CodePushConstants.DOWNLOAD_BUFFER_SIZE);
-            byte[] data = new byte[CodePushConstants.DOWNLOAD_BUFFER_SIZE];
-            byte[] header = new byte[4];
-            int numBytesRead = 0;
-            while ((numBytesRead = bin.read(data, 0, CodePushConstants.DOWNLOAD_BUFFER_SIZE)) >= 0) {
-                if (receivedBytes < 4) {
-                    for (int i = 0; i < numBytesRead; i++) {
-                        int headerOffset = (int) (receivedBytes) + i;
-                        if (headerOffset >= 4) {
-                            break;
-                        }
-                        header[headerOffset] = data[i];
-                    }
-                }
-                receivedBytes += numBytesRead;
-                bout.write(data, 0, numBytesRead);
-                progressCallback.call(new DownloadProgress(totalBytes, receivedBytes));
-            }
+    public void downloadPackage(JSONObject updatePackage, String expectedBundleFileName, DownloadProgressCallback progressCallback, String stringPublicKey) throws IOException {
+        UpdatePackage updatePack = fromJson(updatePackage);
-            if (totalBytes != receivedBytes) {
-                throw new CodePushUnknownException("Received " + receivedBytes + " bytes, expected " + totalBytes);
-            }
+        String newUpdateFolderPath = getPackageFolderPath(updatePack.getNewUpdateHash());
+        CodePushContext codePushContext = new CodePushContext(
+                newUpdateFolderPath, // new update
+                getCurrentPackageFolderPath(), // curr package
+                expectedBundleFileName, // exp bundle filename
+                stringPublicKey, // pub key
+                updatePack.getNewUpdateHash(), // new update hash
+                getCurrentPackage() // current package
+        );
-            isZip = ByteBuffer.wrap(header).getInt() == 0x504b0304;
-        } catch (MalformedURLException e) {
-            throw new CodePushMalformedDataException(downloadUrlString, e);
-        } finally {
-            try {
-                if (bout != null) bout.close();
-                if (fos != null) fos.close();
-                if (bin != null) bin.close();
-                if (connection != null) connection.disconnect();
-            } catch (IOException e) {
-                throw new CodePushUnknownException("Error closing IO resources.", e);
-            }
-        }
-        if (isZip) {
-            // Unzip the downloaded file and then delete the zip
-            String unzippedFolderPath = getUnzippedFolderPath();
-            FileUtils.unzipFile(downloadFile, unzippedFolderPath);
-            FileUtils.deleteFileOrFolderSilently(downloadFile);
-            // Merge contents with current update based on the manifest
-            String diffManifestFilePath = CodePushUtils.appendPathComponent(unzippedFolderPath,
-                    CodePushConstants.DIFF_MANIFEST_FILE_NAME);
-            boolean isDiffUpdate = FileUtils.fileAtPathExists(diffManifestFilePath);
-            if (isDiffUpdate) {
-                String currentPackageFolderPath = getCurrentPackageFolderPath();
-                CodePushUpdateUtils.copyNecessaryFilesFromCurrentPackage(diffManifestFilePath, currentPackageFolderPath, newUpdateFolderPath);
-                File diffManifestFile = new File(diffManifestFilePath);
-                diffManifestFile.delete();
-            }
+        bundleManager.downloadPackage(updatePack, codePushContext, (total, received) -> {
+            progressCallback.call(new DownloadProgress(total, received));
+            return null;
+        });
-            FileUtils.copyDirectoryContents(unzippedFolderPath, newUpdateFolderPath);
-            FileUtils.deleteFileAtPathSilently(unzippedFolderPath);
-            // For zip updates, we need to find the relative path to the jsBundle and save it in the
-            // metadata so that we can find and run it easily the next time.
-            String relativeBundlePath = CodePushUpdateUtils.findJSBundleInUpdateContents(newUpdateFolderPath, expectedBundleFileName);
-            if (relativeBundlePath == null) {
-                throw new CodePushInvalidUpdateException("Update is invalid - A JS bundle file named \"" + expectedBundleFileName + "\" could not be found within the downloaded contents. Please check that you are releasing your CodePush updates using the exact same JS bundle file name that was shipped with your app's binary.");
-            } else {
-                if (FileUtils.fileAtPathExists(newUpdateMetadataPath)) {
-                    File metadataFileFromOldUpdate = new File(newUpdateMetadataPath);
-                    metadataFileFromOldUpdate.delete();
-                }
-                if (isDiffUpdate) {
-                    CodePushUtils.log("Applying diff update.");
-                } else {
-                    CodePushUtils.log("Applying full update.");
-                }
-                boolean isSignatureVerificationEnabled = (stringPublicKey != null);
-                String signaturePath = CodePushUpdateUtils.getSignatureFilePath(newUpdateFolderPath);
-                boolean isSignatureAppearedInBundle = FileUtils.fileAtPathExists(signaturePath);
-                if (isSignatureVerificationEnabled) {
-                    if (isSignatureAppearedInBundle) {
-                        CodePushUpdateUtils.verifyFolderHash(newUpdateFolderPath, newUpdateHash);
-                        CodePushUpdateUtils.verifyUpdateSignature(newUpdateFolderPath, newUpdateHash, stringPublicKey);
-                    } else {
-                        throw new CodePushInvalidUpdateException(
-                                "Error! Public key was provided but there is no JWT signature within app bundle to verify. " +
-                                "Possible reasons, why that might happen: \n" +
-                                "1. You've been released CodePush bundle update using version of CodePush CLI that is not support code signing.\n" +
-                                "2. You've been released CodePush bundle update without providing --privateKeyPath option."
-                        );
-                    }
-                } else {
-                    if (isSignatureAppearedInBundle) {
-                        CodePushUtils.log(
-                                "Warning! JWT signature exists in codepush update but code integrity check couldn't be performed because there is no public key configured. " +
-                                "Please ensure that public key is properly configured within your application."
-                        );
-                        CodePushUpdateUtils.verifyFolderHash(newUpdateFolderPath, newUpdateHash);
-                    } else {
-                        if (isDiffUpdate) {
-                            CodePushUpdateUtils.verifyFolderHash(newUpdateFolderPath, newUpdateHash);
-                        }
-                    }
-                }
-                CodePushUtils.setJSONValueForKey(updatePackage, CodePushConstants.RELATIVE_BUNDLE_PATH_KEY, relativeBundlePath);
-            }
-        } else {
-            // File is a jsbundle, move it to a folder with the packageHash as its name
-            FileUtils.moveFile(downloadFile, newUpdateFolderPath, expectedBundleFileName);
-        }
+        CodePushUtils.setJSONValueForKey(updatePackage, CodePushConstants.RELATIVE_BUNDLE_PATH_KEY, CodePushUpdateUtils.findJSBundleInUpdateContents(newUpdateFolderPath, expectedBundleFileName));
         // Save metadata to the folder.
+        String newUpdateMetadataPath = appendPathComponent(newUpdateFolderPath, CodePushConstants.PACKAGE_FILE_NAME);
+        FileUtils.deleteFileAtPathSilently(newUpdateMetadataPath); // delete metadata from previous update if exists
         CodePushUtils.writeJsonToFile(updatePackage, newUpdateMetadataPath);
     }
     public void installPackage(JSONObject updatePackage, boolean removePendingUpdate) {
-        String packageHash = updatePackage.optString(CodePushConstants.PACKAGE_HASH_KEY, null);
+        String packageHash = updatePackage.optString(PACKAGE_HASH_KEY, null);
         JSONObject info = getCurrentPackageInfo();
         String currentPackageHash = info.optString(CodePushConstants.CURRENT_PACKAGE_KEY, null);
@@ -380,4 +254,22 @@ public class CodePushUpdateManager {
     public void clearUpdates() {
         FileUtils.deleteDirectoryAtPath(getCodePushPath());
     }
+    private static UpdatePackage fromJson(JSONObject jsonObject) {
+        String downloadUrl = jsonObject.optString(DOWNLOAD_URL_KEY, null);
+        String assetDownloadUrl = jsonObject.optString(ASSET_DOWNLOAD_URL_KEY, null);
+        String bundleDownloadUrl = jsonObject.optString(BUNDLE_DOWNLOAD_URL_KEY, null);
+        String bundleDiffDownloadUrl = jsonObject.optString(BUNDLE_DIFF_DOWNLOAD_URL_KEY, null);
+        String packageHash = jsonObject.optString(CODE_PUSH_PACKAGE_HASH, null);
+        String bundleHash = jsonObject.optString(CODE_PUSH_BUNDLE_HASH, null);
+        String assetHash = jsonObject.optString(CODE_PUSH_ASSET_HASH, null);
+        String newUpdateHash = jsonObject.optString(PACKAGE_HASH_KEY, null);
+        return new UpdatePackage(
+                downloadUrl,
+                assetDownloadUrl,
+                bundleDownloadUrl,
+                bundleDiffDownloadUrl,
+                packageHash, bundleHash, assetHash,
+                newUpdateHash);
+    }
 }

package/android/src/main/java/com/microsoft/codepush/react/CodePushUpdateUtils.java CHANGED Viewed

@@ -1,133 +1,27 @@
 package com.microsoft.codepush.react;
-import android.content.Context;
-import android.util.Base64;
-import com.nimbusds.jose.JWSVerifier;
-import com.nimbusds.jose.crypto.RSASSAVerifier;
-import com.nimbusds.jwt.SignedJWT;
 import java.security.interfaces.*;
-import org.json.JSONArray;
-import org.json.JSONException;
-import org.json.JSONObject;
-import java.io.ByteArrayInputStream;
 import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.DigestInputStream;
-import java.security.KeyFactory;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.PublicKey;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Map;
 public class CodePushUpdateUtils {
-    public static final String NEW_LINE = System.getProperty("line.separator");
-    // Note: The hashing logic here must mirror the hashing logic in other native SDK's, as well as in the
-    // CLI. Ensure that any changes here are propagated to these other locations.
-    public static boolean isHashIgnored(String relativeFilePath) {
-        final String __MACOSX = "__MACOSX/";
-        final String DS_STORE = ".DS_Store";
-        final String CODEPUSH_METADATA = ".codepushrelease";
-        return relativeFilePath.startsWith(__MACOSX)
-                || relativeFilePath.equals(DS_STORE)
-                || relativeFilePath.endsWith("/" + DS_STORE)
-                || relativeFilePath.equals(CODEPUSH_METADATA)
-                || relativeFilePath.endsWith("/" + CODEPUSH_METADATA);
-    }
-    private static void addContentsOfFolderToManifest(String folderPath, String pathPrefix, ArrayList<String> manifest) {
-        File folder = new File(folderPath);
-        File[] folderFiles = folder.listFiles();
-        for (File file : folderFiles) {
-            String fileName = file.getName();
-            String fullFilePath = file.getAbsolutePath();
-            String relativePath = (pathPrefix.isEmpty() ? "" : (pathPrefix + "/")) + fileName;
-            if (CodePushUpdateUtils.isHashIgnored(relativePath)) {
-                continue;
-            }
-            if (file.isDirectory()) {
-                addContentsOfFolderToManifest(fullFilePath, relativePath, manifest);
-            } else {
-                try {
-                    manifest.add(relativePath + ":" + computeHash(new FileInputStream(file)));
-                } catch (FileNotFoundException e) {
-                    // Should not happen.
-                    throw new CodePushUnknownException("Unable to compute hash of update contents.", e);
-                }
-            }
-        }
-    }
+    public static String findJSBundleInUpdateContents(String folderPath, String expectedFileName) {
+        String result = doFindJSBundleInUpdateContents(folderPath, expectedFileName);
-    private static String computeHash(InputStream dataStream) {
-        MessageDigest messageDigest = null;
-        DigestInputStream digestInputStream = null;
-        try {
-            messageDigest = MessageDigest.getInstance("SHA-256");
-            digestInputStream = new DigestInputStream(dataStream, messageDigest);
-            byte[] byteBuffer = new byte[1024 * 8];
-            while (digestInputStream.read(byteBuffer) != -1) ;
-        } catch (NoSuchAlgorithmException | IOException e) {
-            // Should not happen.
-            throw new CodePushUnknownException("Unable to compute hash of update contents.", e);
-        } finally {
-            try {
-                if (digestInputStream != null) {
-                    digestInputStream.close();
-                }
-                if (dataStream != null) {
-                    dataStream.close();
-                }
-            } catch (IOException e) {
-                e.printStackTrace();
-            }
+        if (result == null) {
+            throw new CodePushInvalidUpdateException("Update is invalid - A JS bundle file named \"" + expectedFileName + "\" could not be found within the downloaded contents. Please check that you are releasing your CodePush updates using the exact same JS bundle file name that was shipped with your app's binary.");
         }
-        byte[] hash = messageDigest.digest();
-        return String.format("%064x", new java.math.BigInteger(1, hash));
-    }
-    public static void copyNecessaryFilesFromCurrentPackage(String diffManifestFilePath, String currentPackageFolderPath, String newPackageFolderPath) throws IOException {
-        if (currentPackageFolderPath == null || !new File(currentPackageFolderPath).exists()) {
-            CodePushUtils.log("Unable to copy files from current package during diff update, because currentPackageFolderPath is invalid.");
-            return;
-        }
-        FileUtils.copyDirectoryContents(currentPackageFolderPath, newPackageFolderPath);
-        JSONObject diffManifest = CodePushUtils.getJsonObjectFromFile(diffManifestFilePath);
-        try {
-            JSONArray deletedFiles = diffManifest.getJSONArray("deletedFiles");
-            for (int i = 0; i < deletedFiles.length(); i++) {
-                String fileNameToDelete = deletedFiles.getString(i);
-                File fileToDelete = new File(newPackageFolderPath, fileNameToDelete);
-                if (fileToDelete.exists()) {
-                    fileToDelete.delete();
-                }
-            }
-        } catch (JSONException e) {
-            throw new CodePushUnknownException("Unable to copy files from current package during diff update", e);
-        }
+        return result;
     }
-    public static String findJSBundleInUpdateContents(String folderPath, String expectedFileName) {
+    private static String doFindJSBundleInUpdateContents(String folderPath, String expectedFileName) {
         File folder = new File(folderPath);
         File[] folderFiles = folder.listFiles();
         for (File file : folderFiles) {
             String fullFilePath = CodePushUtils.appendPathComponent(folderPath, file.getName());
             if (file.isDirectory()) {
-                String mainBundlePathInSubFolder = findJSBundleInUpdateContents(fullFilePath, expectedFileName);
+                String mainBundlePathInSubFolder = doFindJSBundleInUpdateContents(fullFilePath, expectedFileName);
                 if (mainBundlePathInSubFolder != null) {
                     return CodePushUtils.appendPathComponent(file.getName(), mainBundlePathInSubFolder);
                 }
@@ -141,135 +35,4 @@ public class CodePushUpdateUtils {
         return null;
     }
-    public static String getHashForBinaryContents(Context context, boolean isDebugMode) {
-        try {
-            return CodePushUtils.getStringFromInputStream(context.getAssets().open(CodePushConstants.CODE_PUSH_HASH_FILE_NAME));
-        } catch (IOException e) {
-            try {
-                return CodePushUtils.getStringFromInputStream(context.getAssets().open(CodePushConstants.CODE_PUSH_OLD_HASH_FILE_NAME));
-            } catch (IOException ex) {
-                if (!isDebugMode) {
-                    // Only print this message in "Release" mode. In "Debug", we may not have the
-                    // hash if the build skips bundling the files.
-                    CodePushUtils.log("Unable to get the hash of the binary's bundled resources - \"codepush.gradle\" may have not been added to the build definition.");
-                }
-            }
-            return null;
-        }
-    }
-    // Hashing algorithm:
-    // 1. Recursively generate a sorted array of format <relativeFilePath>: <sha256FileHash>
-    // 2. JSON stringify the array
-    // 3. SHA256-hash the result
-    public static void verifyFolderHash(String folderPath, String expectedHash) {
-        CodePushUtils.log("Verifying hash for folder path: " + folderPath);
-        ArrayList<String> updateContentsManifest = new ArrayList<>();
-        addContentsOfFolderToManifest(folderPath, "", updateContentsManifest);
-        //sort manifest strings to make sure, that they are completely equal with manifest strings has been generated in cli!
-        Collections.sort(updateContentsManifest);
-        JSONArray updateContentsJSONArray = new JSONArray();
-        for (String manifestEntry : updateContentsManifest) {
-            updateContentsJSONArray.put(manifestEntry);
-        }
-        // The JSON serialization turns path separators into "\/", e.g. "CodePush\/assets\/image.png"
-        String updateContentsManifestString = updateContentsJSONArray.toString().replace("\\/", "/");
-        CodePushUtils.log("Manifest string: " + updateContentsManifestString);
-        String updateContentsManifestHash = computeHash(new ByteArrayInputStream(updateContentsManifestString.getBytes()));
-        CodePushUtils.log("Expected hash: " + expectedHash + ", actual hash: " + updateContentsManifestHash);
-        if (!expectedHash.equals(updateContentsManifestHash)) {
-            throw new CodePushInvalidUpdateException("The update contents failed the data integrity check.");
-        }
-        CodePushUtils.log("The update contents succeeded the data integrity check.");
-    }
-    public static Map<String, Object> verifyAndDecodeJWT(String jwt, PublicKey publicKey) {
-        try {
-            SignedJWT signedJWT = SignedJWT.parse(jwt);
-            JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) publicKey);
-            if (signedJWT.verify(verifier)) {
-                Map<String, Object> claims = signedJWT.getJWTClaimsSet().getClaims();
-                CodePushUtils.log("JWT verification succeeded, payload content: " + claims.toString());
-                return claims;
-            }
-            return null;
-        } catch (Exception ex) {
-            CodePushUtils.log(ex.getMessage());
-            CodePushUtils.log(ex.getStackTrace().toString());
-            return null;
-        }
-    }
-    public static PublicKey parsePublicKey(String stringPublicKey) {
-        try {
-            //remove unnecessary "begin/end public key" entries from string
-            stringPublicKey = stringPublicKey
-                    .replace("-----BEGIN PUBLIC KEY-----", "")
-                    .replace("-----END PUBLIC KEY-----", "")
-                    .replace(NEW_LINE, "");
-            byte[] byteKey = Base64.decode(stringPublicKey.getBytes(), Base64.DEFAULT);
-            X509EncodedKeySpec X509Key = new X509EncodedKeySpec(byteKey);
-            KeyFactory kf = KeyFactory.getInstance("RSA");
-            return kf.generatePublic(X509Key);
-        } catch (Exception e) {
-            CodePushUtils.log(e.getMessage());
-            CodePushUtils.log(e.getStackTrace().toString());
-            return null;
-        }
-    }
-    public static String getSignatureFilePath(String updateFolderPath) {
-        return CodePushUtils.appendPathComponent(
-                CodePushUtils.appendPathComponent(updateFolderPath, CodePushConstants.CODE_PUSH_FOLDER_PREFIX),
-                CodePushConstants.BUNDLE_JWT_FILE
-        );
-    }
-    public static String getSignature(String folderPath) {
-        final String signatureFilePath = getSignatureFilePath(folderPath);
-        try {
-            return FileUtils.readFileToString(signatureFilePath);
-        } catch (IOException e) {
-            CodePushUtils.log(e.getMessage());
-            CodePushUtils.log(e.getStackTrace().toString());
-            return null;
-        }
-    }
-    public static void verifyUpdateSignature(String folderPath, String packageHash, String stringPublicKey) throws CodePushInvalidUpdateException {
-        CodePushUtils.log("Verifying signature for folder path: " + folderPath);
-        final PublicKey publicKey = parsePublicKey(stringPublicKey);
-        if (publicKey == null) {
-            throw new CodePushInvalidUpdateException("The update could not be verified because no public key was found.");
-        }
-        final String signature = getSignature(folderPath);
-        if (signature == null) {
-            throw new CodePushInvalidUpdateException("The update could not be verified because no signature was found.");
-        }
-        final Map<String, Object> claims = verifyAndDecodeJWT(signature, publicKey);
-        if (claims == null) {
-            throw new CodePushInvalidUpdateException("The update could not be verified because it was not signed by a trusted party.");
-        }
-        final String contentHash = (String) claims.get("contentHash");
-        if (contentHash == null) {
-            throw new CodePushInvalidUpdateException("The update could not be verified because the signature did not specify a content hash.");
-        }
-        if (!contentHash.equals(packageHash)) {
-            throw new CodePushInvalidUpdateException("The update contents failed the code signing check.");
-        }
-        CodePushUtils.log("The update contents succeeded the code signing check.");
-    }
 }