New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@expo/code-signing-certificates

Package Overview
Dependencies
Maintainers
20
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@expo/code-signing-certificates - npm Package Compare versions

Comparing version

0.0.3
to
0.0.4

2

build/__tests__/main-test.js

@@ -219,3 +219,3 @@ "use strict";

const certificate = (0, main_1.convertCertificatePEMToCertificate)(certificatePEM);
const signature = (0, main_1.signStringRSASHA256AndVerify)(privateKey, certificate, 'hello');
const signature = (0, main_1.signStringRSASHA256AndVerify)(privateKey, certificate, 'hello', 'utf8');
expect(signature).toMatchSnapshot();

@@ -222,0 +222,0 @@ });

4

build/main.d.ts

@@ -1,2 +0,2 @@

import { pki as PKI } from 'node-forge';
import { Encoding, pki as PKI } from 'node-forge';
/**

@@ -110,3 +110,3 @@ * Custom X.509 extension that stores information about the Expo project that a code signing certificate is valid for.

*/
export declare function signStringRSASHA256AndVerify(privateKey: PKI.rsa.PrivateKey, certificate: PKI.Certificate, stringToSign: string): string;
export declare function signStringRSASHA256AndVerify(privateKey: PKI.rsa.PrivateKey, certificate: PKI.Certificate, stringToSign: string, encoding: Encoding): string;
/**

@@ -113,0 +113,0 @@ * Generate a self-signed CSR for a given key pair. Most commonly used with {@link generateDevelopmentCertificateFromCSR}.

4

build/main.js

@@ -200,4 +200,4 @@ "use strict";

*/
function signStringRSASHA256AndVerify(privateKey, certificate, stringToSign) {
const digest = node_forge_1.md.sha256.create().update(stringToSign);
function signStringRSASHA256AndVerify(privateKey, certificate, stringToSign, encoding) {
const digest = node_forge_1.md.sha256.create().update(stringToSign, encoding);
const digestSignature = privateKey.sign(digest);

@@ -204,0 +204,0 @@ const isValidSignature = certificate.publicKey.verify(digest.digest().getBytes(), digestSignature);

5

package.json
{
"name": "@expo/code-signing-certificates",
"version": "0.0.3",
"version": "0.0.4",
"description": "A library for working with expo-updates code signing certificates",

@@ -17,3 +17,4 @@ "main": "build/main.js",

"oidgen": "ts-node -r tsconfig-paths/register --project tsconfig.scripts.json ./scripts/oidgen/oidgen.ts",
"sign-manifest-for-testing": "ts-node -r tsconfig-paths/register --project tsconfig.scripts.json ./scripts/signManifestForTesting.ts"
"sign-manifest-for-testing": "ts-node -r tsconfig-paths/register --project tsconfig.scripts.json ./scripts/signManifestForTesting.ts",
"sanity-check-signature": "ts-node -r tsconfig-paths/register --project tsconfig.scripts.json ./scripts/sanityCheckSignature.ts"
},

@@ -20,0 +21,0 @@ "repository": {

7

README.md

@@ -9,1 +9,8 @@ # @expo/code-signing-certificates

[![NPM](https://img.shields.io/npm/l/@expo/code-signing-certificates)](https://www.npmjs.com/package/@expo/code-signing-certificates)
# Running Scripts
Choose script you want to run from scripts directory and look up the corresponding yarn script in package.json.
1. `yarn`
1. `yarn <yarn-script-name>`
build/__tests__/main-test.js.map

Sorry, the diff of this file is not supported yet

build/main.js.map

Sorry, the diff of this file is not supported yet