electron-incremental-update 0.5.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/{chunk-SSJ6PDMK.mjs → chunk-OBERMV66.mjs} +6 -7
  2. package/dist/index.cjs +5 -6
  3. package/dist/index.mjs +2 -2
  4. package/dist/vite.cjs +7 -10
  5. package/dist/vite.mjs +4 -6
  6. package/package.json +1 -1
package/dist/{chunk-SSJ6PDMK.mjs → chunk-OBERMV66.mjs} RENAMED
@@ -31,22 +31,21 @@ function decrypt(encryptedText, key, iv) {
31
31
  decrypted += decipher.final("utf8");
32
32
  return decrypted;
33
33
  }
34
- function generateKey(buffer, str, length) {
35
- str += createHash("md5").update(buffer.map((v, i) => i & length / 4 && v)).digest("hex");
36
- const hash = createHash("SHA256").update(str).digest("binary");
34
+ function generateKey(data, length) {
35
+ const hash = createHash("SHA256").update(data).digest("binary");
37
36
  return Buffer2.from(hash).subarray(0, length);
38
37
  }
39
- function signature(buffer, privateKey, publicKey, name) {
38
+ function signature(buffer, privateKey, publicKey) {
40
39
  const sig = createSign("RSA-SHA256").update(buffer).sign({
41
40
  key: privateKey,
42
41
  padding: constants.RSA_PKCS1_PADDING,
43
42
  saltLength: constants.RSA_PSS_SALTLEN_DIGEST
44
43
  }, "base64");
45
- return encrypt(sig, generateKey(buffer, publicKey, 32), generateKey(buffer, name, 16));
44
+ return encrypt(sig, generateKey(publicKey, 32), generateKey(buffer, 16));
46
45
  }
47
- function verify(buffer, signature2, publicKey, name) {
46
+ function verify(buffer, signature2, publicKey) {
48
47
  try {
49
- const sig = decrypt(signature2, generateKey(buffer, publicKey, 32), generateKey(buffer, name, 16));
48
+ const sig = decrypt(signature2, generateKey(publicKey, 32), generateKey(buffer, 16));
50
49
  return createVerify("RSA-SHA256").update(buffer).verify(publicKey, sig, "base64");
51
50
  } catch (error) {
52
51
  return false;
package/dist/index.cjs CHANGED
@@ -61,14 +61,13 @@ function decrypt(encryptedText, key, iv) {
61
61
  decrypted += decipher.final("utf8");
62
62
  return decrypted;
63
63
  }
64
- function generateKey(buffer, str, length) {
65
- str += (0, import_node_crypto.createHash)("md5").update(buffer.map((v, i) => i & length / 4 && v)).digest("hex");
66
- const hash = (0, import_node_crypto.createHash)("SHA256").update(str).digest("binary");
64
+ function generateKey(data, length) {
65
+ const hash = (0, import_node_crypto.createHash)("SHA256").update(data).digest("binary");
67
66
  return import_node_buffer.Buffer.from(hash).subarray(0, length);
68
67
  }
69
- function verify(buffer, signature, publicKey, name) {
68
+ function verify(buffer, signature, publicKey) {
70
69
  try {
71
- const sig = decrypt(signature, generateKey(buffer, publicKey, 32), generateKey(buffer, name, 16));
70
+ const sig = decrypt(signature, generateKey(publicKey, 32), generateKey(buffer, 16));
72
71
  return (0, import_node_crypto.createVerify)("RSA-SHA256").update(buffer).verify(publicKey, sig, "base64");
73
72
  } catch (error) {
74
73
  return false;
@@ -315,7 +314,7 @@ function createUpdater({
315
314
  src = await download(_url, "buffer");
316
315
  }
317
316
  log("verify start");
318
- if (!verify(src, signature, SIGNATURE_PUB, productName)) {
317
+ if (!verify(src, signature, SIGNATURE_PUB)) {
319
318
  log("verify failed");
320
319
  throw new Error("invalid signature");
321
320
  }
package/dist/index.mjs CHANGED
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  __require,
3
3
  verify
4
- } from "./chunk-SSJ6PDMK.mjs";
4
+ } from "./chunk-OBERMV66.mjs";
5
5
 
6
6
  // src/index.ts
7
7
  import { resolve } from "node:path";
@@ -254,7 +254,7 @@ function createUpdater({
254
254
  src = await download(_url, "buffer");
255
255
  }
256
256
  log("verify start");
257
- if (!verify(src, signature, SIGNATURE_PUB, productName)) {
257
+ if (!verify(src, signature, SIGNATURE_PUB)) {
258
258
  log("verify failed");
259
259
  throw new Error("invalid signature");
260
260
  }
package/dist/vite.cjs CHANGED
@@ -59,18 +59,17 @@ function encrypt(plainText, key, iv) {
59
59
  encrypted += cipher.final(aesEncode);
60
60
  return encrypted;
61
61
  }
62
- function generateKey(buffer, str, length) {
63
- str += (0, import_node_crypto.createHash)("md5").update(buffer.map((v, i) => i & length / 4 && v)).digest("hex");
64
- const hash = (0, import_node_crypto.createHash)("SHA256").update(str).digest("binary");
62
+ function generateKey(data, length) {
63
+ const hash = (0, import_node_crypto.createHash)("SHA256").update(data).digest("binary");
65
64
  return import_node_buffer.Buffer.from(hash).subarray(0, length);
66
65
  }
67
- function signature(buffer, privateKey, publicKey, name) {
66
+ function signature(buffer, privateKey, publicKey) {
68
67
  const sig = (0, import_node_crypto.createSign)("RSA-SHA256").update(buffer).sign({
69
68
  key: privateKey,
70
69
  padding: import_node_crypto.constants.RSA_PKCS1_PADDING,
71
70
  saltLength: import_node_crypto.constants.RSA_PSS_SALTLEN_DIGEST
72
71
  }, "base64");
73
- return encrypt(sig, generateKey(buffer, publicKey, 32), generateKey(buffer, name, 16));
72
+ return encrypt(sig, generateKey(publicKey, 32), generateKey(buffer, 16));
74
73
  }
75
74
 
76
75
  // src/build-plugins/asar.ts
@@ -115,12 +114,11 @@ async function generateVersion({
115
114
  versionPath,
116
115
  privateKey,
117
116
  publicKey,
118
- productName,
119
117
  version
120
118
  }) {
121
119
  const buffer = await (0, import_promises.readFile)(`${asarOutputPath}.gz`);
122
120
  await (0, import_promises.writeFile)(versionPath, JSON.stringify({
123
- signature: signature(buffer, privateKey, publicKey, productName),
121
+ signature: signature(buffer, privateKey, publicKey),
124
122
  version,
125
123
  size: buffer.length
126
124
  }, null, 2));
@@ -147,7 +145,7 @@ async function buildEntry({
147
145
  var import_node_fs2 = require("fs");
148
146
  var import_node_path = require("path");
149
147
  var import_node_os = require("os");
150
- function generateKey2(privateKeyPath, publicKeyPath, length) {
148
+ function generateKeyFile(privateKeyPath, publicKeyPath, length) {
151
149
  const ret = generateRSA(length);
152
150
  (0, import_node_fs2.writeFileSync)(privateKeyPath, ret.privateKey);
153
151
  (0, import_node_fs2.writeFileSync)(publicKeyPath, ret.publicKey);
@@ -188,7 +186,7 @@ function getKeys({
188
186
  !(0, import_node_fs2.existsSync)(keysDir) && (0, import_node_fs2.mkdirSync)(keysDir);
189
187
  let privateKey, publicKey;
190
188
  if (!(0, import_node_fs2.existsSync)(privateKeyPath)) {
191
- const keys = generateKey2(privateKeyPath, publicKeyPath, keyLength);
189
+ const keys = generateKeyFile(privateKeyPath, publicKeyPath, keyLength);
192
190
  privateKey = keys.privateKey;
193
191
  publicKey = keys.publicKey;
194
192
  } else {
@@ -243,7 +241,6 @@ function parseOptions(options) {
243
241
  asarOutputPath,
244
242
  privateKey,
245
243
  publicKey,
246
- productName,
247
244
  versionPath
248
245
  };
249
246
  }
package/dist/vite.mjs CHANGED
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  generateRSA,
3
3
  signature
4
- } from "./chunk-SSJ6PDMK.mjs";
4
+ } from "./chunk-OBERMV66.mjs";
5
5
 
6
6
  // src/vite.ts
7
7
  import { createLogger } from "vite";
@@ -51,12 +51,11 @@ async function generateVersion({
51
51
  versionPath,
52
52
  privateKey,
53
53
  publicKey,
54
- productName,
55
54
  version
56
55
  }) {
57
56
  const buffer = await readFile(`${asarOutputPath}.gz`);
58
57
  await writeFile(versionPath, JSON.stringify({
59
- signature: signature(buffer, privateKey, publicKey, productName),
58
+ signature: signature(buffer, privateKey, publicKey),
60
59
  version,
61
60
  size: buffer.length
62
61
  }, null, 2));
@@ -83,7 +82,7 @@ async function buildEntry({
83
82
  import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
84
83
  import { dirname } from "node:path";
85
84
  import { EOL } from "node:os";
86
- function generateKey(privateKeyPath, publicKeyPath, length) {
85
+ function generateKeyFile(privateKeyPath, publicKeyPath, length) {
87
86
  const ret = generateRSA(length);
88
87
  writeFileSync(privateKeyPath, ret.privateKey);
89
88
  writeFileSync(publicKeyPath, ret.publicKey);
@@ -124,7 +123,7 @@ function getKeys({
124
123
  !existsSync(keysDir) && mkdirSync(keysDir);
125
124
  let privateKey, publicKey;
126
125
  if (!existsSync(privateKeyPath)) {
127
- const keys = generateKey(privateKeyPath, publicKeyPath, keyLength);
126
+ const keys = generateKeyFile(privateKeyPath, publicKeyPath, keyLength);
128
127
  privateKey = keys.privateKey;
129
128
  publicKey = keys.publicKey;
130
129
  } else {
@@ -179,7 +178,6 @@ function parseOptions(options) {
179
178
  asarOutputPath,
180
179
  privateKey,
181
180
  publicKey,
182
- productName,
183
181
  versionPath
184
182
  };
185
183
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "electron-incremental-update",
3
- "version": "0.5.0",
3
+ "version": "0.5.1",
4
4
  "description": "electron incremental update tools, powered by vite",
5
5
  "scripts": {
6
6
  "build": "tsup",