node-apk
Advanced tools
Comparing version 1.0.0-beta.0 to 1.0.0-beta.2
@@ -10,3 +10,4 @@ "use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
var yauzl_promise_1 = __importDefault(require("yauzl-promise")); | ||
var fs_1 = __importDefault(require("fs")); | ||
var jszip_1 = __importDefault(require("jszip")); | ||
var binaryXml_1 = __importDefault(require("./binaryXml")); | ||
@@ -18,14 +19,7 @@ var certificate_1 = __importDefault(require("./certificate")); | ||
this.path = path; | ||
this.promise = yauzl_promise_1.default.open(path); | ||
} | ||
Apk.prototype.lookupEntry = function (key) { | ||
var _this = this; | ||
return new Promise(function (resolve, reject) { | ||
var found; | ||
_this.promise.then(function (zip) { return zip.walkEntries(function (entry) { | ||
if (entry.fileName === key) { | ||
found = entry; | ||
} | ||
}); }).then(function () { return found !== undefined ? resolve(found) : reject("Entry not found: " + key); }); | ||
}); | ||
return this.bufferize(fs_1.default.createReadStream(this.path)) | ||
.then(function (buffer) { return jszip_1.default.loadAsync(buffer); }) | ||
.then(function (zip) { return zip.files[key].nodeStream(); }); | ||
}; | ||
@@ -35,3 +29,2 @@ Apk.prototype.getCertificateInfo = function () { | ||
return this.lookupEntry("META-INF/CERT.RSA") | ||
.then(function (entry) { return entry.openReadStream(); }) | ||
.then(function (stream) { return _this.bufferize(stream); }) | ||
@@ -43,3 +36,2 @@ .then(function (buffer) { return certificate_1.default.parse(buffer); }); | ||
return this.lookupEntry("AndroidManifest.xml") | ||
.then(function (entry) { return entry.openReadStream(); }) | ||
.then(function (stream) { return _this.bufferize(stream); }) | ||
@@ -49,3 +41,3 @@ .then(function (buffer) { return new binaryXml_1.default(new source_1.default(buffer)); }); | ||
Apk.prototype.close = function () { | ||
return this.promise.then(function (zip) { return zip.close(); }); | ||
return undefined; | ||
}; | ||
@@ -52,0 +44,0 @@ Apk.prototype.bufferize = function (stream) { |
@@ -23,4 +23,4 @@ "use strict"; | ||
var asn = node_forge_1.default.asn1.fromDer(node_forge_1.default.util.createBuffer(buffer)); | ||
var pkcs7 = node_forge_1.default.pkcs7.messageFromAsn1(asn); | ||
return pkcs7.certificates | ||
return node_forge_1.default.pkcs7.messageFromAsn1(asn) | ||
.certificates | ||
.map(function (certificate) { return new Certificate(certificate); }); | ||
@@ -27,0 +27,0 @@ }; |
@@ -6,3 +6,4 @@ /*Copyright (c) 2019 XdevL. All rights reserved. | ||
import NodeZip from "yauzl-promise"; | ||
import NodeFs from "fs"; | ||
import NodeZip from "jszip"; | ||
import BinaryXml from "./binaryXml"; | ||
@@ -14,16 +15,11 @@ import Certificate from "./certificate"; | ||
private path: string; | ||
private promise: Promise<NodeZip.ZipFile>; | ||
constructor(path: string) { | ||
this.path = path; | ||
this.promise = NodeZip.open(path); | ||
} | ||
public lookupEntry(key: string): Promise<NodeZip.Entry> { | ||
return new Promise((resolve, reject) => { | ||
let found: NodeZip.Entry; | ||
this.promise.then((zip) => zip.walkEntries((entry) => { | ||
if (entry.fileName === key) {found = entry; } | ||
})).then(() => found !== undefined ? resolve(found) : reject("Entry not found: " + key)); | ||
}); | ||
public lookupEntry(key: string): Promise<NodeJS.ReadableStream> { | ||
return this.bufferize(NodeFs.createReadStream(this.path)) | ||
.then((buffer) => NodeZip.loadAsync(buffer)) | ||
.then((zip) => zip.files[key].nodeStream()); | ||
} | ||
@@ -33,3 +29,2 @@ | ||
return this.lookupEntry("META-INF/CERT.RSA") | ||
.then((entry) => entry.openReadStream()) | ||
.then((stream) => this.bufferize(stream)) | ||
@@ -41,3 +36,2 @@ .then((buffer) => Certificate.parse(buffer)); | ||
return this.lookupEntry("AndroidManifest.xml") | ||
.then((entry) => entry.openReadStream()) | ||
.then((stream) => this.bufferize(stream)) | ||
@@ -48,3 +42,3 @@ .then((buffer) => new BinaryXml(new Source(buffer))); | ||
public close() { | ||
return this.promise.then((zip) => zip.close()); | ||
return undefined; | ||
} | ||
@@ -51,0 +45,0 @@ |
@@ -13,5 +13,5 @@ /*Copyright (c) 2019 XdevL. All rights reserved. | ||
const asn = NodeForge.asn1.fromDer(NodeForge.util.createBuffer(buffer)); | ||
const pkcs7 = NodeForge.pkcs7.messageFromAsn1(asn); | ||
return (pkcs7.certificates as NodeForge.pki.Certificate[]) | ||
.map((certificate) => new Certificate(certificate)); | ||
return ((NodeForge.pkcs7 as any).messageFromAsn1(asn) | ||
.certificates as NodeForge.pki.Certificate[]) | ||
.map((certificate) => new Certificate(certificate)); | ||
} | ||
@@ -18,0 +18,0 @@ |
{ | ||
"name": "node-apk", | ||
"version": "1.0.0-beta.0", | ||
"version": "1.0.0-beta.2", | ||
"description": "A library to parse Android application manifest and signature", | ||
@@ -28,5 +28,5 @@ "main": "dist/index.js", | ||
"devDependencies": { | ||
"@types/jszip": "^3.1.5", | ||
"@types/node": "^11.11.4", | ||
"@types/node-forge": "^0.8.0", | ||
"@types/yauzl-promise": "^2.1.0", | ||
"tslint": "^5.14.0", | ||
@@ -36,5 +36,5 @@ "typescript": "^3.3.4000" | ||
"dependencies": { | ||
"node-forge": "^0.8.2", | ||
"yauzl-promise": "^2.1.3" | ||
"jszip": "^3.2.1", | ||
"node-forge": "^0.8.2" | ||
} | ||
} |
@@ -6,10 +6,2 @@ /*Copyright (c) 2019 XdevL. All rights reserved. | ||
/// <reference types="node-forge" /> | ||
declare module "node-forge" { | ||
namespace pkcs7 { | ||
function messageFromAsn1(asn: asn1.Asn1): any; | ||
} | ||
} | ||
declare module "node-apk" { | ||
@@ -16,0 +8,0 @@ |
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
31196
630
1
+ Addedjszip@^3.2.1
+ Addedcore-util-is@1.0.3(transitive)
+ Addedimmediate@3.0.6(transitive)
+ Addedinherits@2.0.4(transitive)
+ Addedisarray@1.0.0(transitive)
+ Addedjszip@3.10.1(transitive)
+ Addedlie@3.3.0(transitive)
+ Addedpako@1.0.11(transitive)
+ Addedprocess-nextick-args@2.0.1(transitive)
+ Addedreadable-stream@2.3.8(transitive)
+ Addedsafe-buffer@5.1.2(transitive)
+ Addedsetimmediate@1.0.5(transitive)
+ Addedstring_decoder@1.1.1(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
- Removedyauzl-promise@^2.1.3
- Removedbuffer-crc32@0.2.13(transitive)
- Removedevents-intercept@2.0.0(transitive)
- Removedfd-slicer@1.1.0(transitive)
- Removedpend@1.2.0(transitive)
- Removedyauzl@2.10.0(transitive)
- Removedyauzl-clone@1.0.4(transitive)
- Removedyauzl-promise@2.1.3(transitive)