Implement code signing for client android SDK #966
Conversation
…tern Add constructor with additional option PublicKeyFilePath
Add `com.auth0:java-jwt:3.2.0` to deps Adapt changes from code-signing branch Fix errors appeared due to jwt library update.
Replace publicKey by publicKeyResourceDescriptor in CodePush constructor Downgrade jwt library to 2.2.2 due to issue with base64 decoding
ruslan-bikkinin
requested review from
max-mironov,
patniko and
sergey-akhalkov
|
@ruslan-bikkinin, |
|
Description updated with more detailed information about feature usage. |
|
Awesome to finally see progress in this! |
There was a problem hiding this comment.
In general looks good to me, I believe we can postpone merging this (although it shouldn't break the existing code-base) unless the relevant code-push-service and code-push-cli changes would be published.
Also we should think about how we can improve code-push initialization with new code-signing feature via react-native link command (and this probably should be merged together with current PR).
| private Context mContext; | ||
| private final boolean mIsDebugMode; | ||
|
|
||
| private String mPublicKey; |
There was a problem hiding this comment.
Does it make sense to mark this var as Static also in accordance with how you e.g. add this to mServerUrl?
There was a problem hiding this comment.
@max-mironov it is not so critical, but, yeah, i can do it
| try { | ||
| mPublicKey = mContext.getString(publicKeyResourceDescriptor); | ||
| } catch (Resources.NotFoundException e) { | ||
| throw new CodePushUnknownException( |
There was a problem hiding this comment.
I see that we have several places where we throw an UnknownException but why don't we add a more meaningful name to the exception class e.g. something like CodePushInvalidPublicKeyException?
The key point here from my side here - is this a really Unknown exception or do we know what kind of exception it is?
There was a problem hiding this comment.
@max-mironov good idea, thanks, i'll try to do it
|
|
||
| if (isDiffUpdate) { | ||
| CodePushUpdateUtils.verifyHashForDiffUpdate(newUpdateFolderPath, newUpdateHash); | ||
| CodePushUtils.log("Applying diff update."); |
There was a problem hiding this comment.
Don't think if we ever need this if block here due to we can move this log statement (and this is the only thing that this block is doing now) to Line 255 right after new if (isDiffUpdate) block begins.
There was a problem hiding this comment.
@max-mironov no, we can't, because logging should be executed anyway regardless signature verification enabled or not.
There was a problem hiding this comment.
Gotcha! May be we can also state what kind of update is applying currently with
isDiffUpdate ? CodePushUtils.log("Applying diff update.") : CodePushUtils.log("Applying full update.") but that is completely up to you.
There was a problem hiding this comment.
@max-mironov, good proposition, i think i'll do it your way ☝️
Replace CodePushUnknownException catch with CodePushInvalidPublicKeyException in certain places Make mPublicKey static Add additional log for applying updates
Add additional checking for potential problems with code-signing integration Fix Public Key parsing from strings.xml
5 participants
Basic support for bundle's signature verification for android applications has been implemented.
By default, feature is disabled, so no need for clients not interested in code signing to worry about changing code-push sdk initialization code after update.
To use this feature, developers need to use brand new CodePushBuilder or advanced constructor with parameter
publicKeyResourceDescriptorspecified. Public key must be assisted instring.xml, so it can be available viaR.stringreference.Initialization examples:
CodePushBuilder