fix: prevent crash from unwrapping

Cap-go · Oct 31, 2023 · 1ee3aee · 1ee3aee
1 parent 18c91a3
commit 1ee3aee
Show file tree

Hide file tree

Showing 5 changed files with 66 additions and 19 deletions.
diff --git a/.swiftlint.yml b/.swiftlint.yml
@@ -0,0 +1,21 @@
+excluded:
+  - node_modules
+  - ios/Pods
+
+opt_in_rules:
+  - implicitly_unwrapped_optional
+  - file_name_no_space
+  - force_unwrapping
+  - function_default_parameter_at_end
+  - lower_acl_than_parent
+  - modifier_order
+  - overridden_super_call
+  - unowned_variable_capture
+  - unused_import
+
+line_length:
+  warning: 150
+  ignores_function_declarations: true
+  ignores_comments: true
+  ignores_interpolated_strings: true
+  ignores_urls: true
diff --git a/ios/Plugin/CapacitorUpdater.swift b/ios/Plugin/CapacitorUpdater.swift
@@ -17,11 +17,6 @@ extension URL {
         return FileManager().fileExists(atPath: self.path)
     }
 }
-extension Date {
-    func adding(minutes: Int) -> Date {
-        return Calendar.current.date(byAdding: .minute, value: minutes, to: self)!
-    }
-}
 struct SetChannelDec: Decodable {
     let status: String?
     let error: String?
@@ -363,11 +358,24 @@ extension CustomError: LocalizedError {
                 print("cannot decode sessionKey", sessionKey)
                 throw CustomError.cannotDecode
             }
-            let sessionKeyDataEncrypted: Data = Data(base64Encoded: sessionKeyArray[1])!
-            let sessionKeyDataDecrypted: Data = rsaPrivateKey.decrypt(data: sessionKeyDataEncrypted)!
-            let aesPrivateKey: AES128Key = AES128Key(iv: ivData, aes128Key: sessionKeyDataDecrypted)
-            let encryptedData: Data = try Data(contentsOf: filePath)
-            let decryptedData: Data = aesPrivateKey.decrypt(data: encryptedData)!
+
+            guard let sessionKeyDataEncrypted = Data(base64Encoded: sessionKeyArray[1]) else {
+                throw NSError(domain: "Invalid session key data", code: 1, userInfo: nil)
+            }
+
+            guard let sessionKeyDataDecrypted = try? rsaPrivateKey.decrypt(data: sessionKeyDataEncrypted) else {
+                throw NSError(domain: "Failed to decrypt session key data", code: 2, userInfo: nil)
+            }
+
+            let aesPrivateKey = AES128Key(iv: ivData, aes128Key: sessionKeyDataDecrypted)
+
+            guard let encryptedData = try? Data(contentsOf: filePath) else {
+                throw NSError(domain: "Failed to read encrypted data", code: 3, userInfo: nil)
+            }
+
+            guard let decryptedData = try? aesPrivateKey.decrypt(data: encryptedData) else {
+                throw NSError(domain: "Failed to decrypt data", code: 4, userInfo: nil)
+            }
 
             try decryptedData.write(to: filePath)
         } catch {

diff --git a/ios/Plugin/CapacitorUpdaterPlugin.swift b/ios/Plugin/CapacitorUpdaterPlugin.swift
@@ -40,10 +40,15 @@ public class CapacitorUpdaterPlugin: CAPPlugin {
     override public func load() {
         self.semaphoreUp()
         print("\(self.implementation.TAG) init for device \(self.implementation.deviceID)")
+        guard let versionName = getConfig().getString("version", Bundle.main.versionName) else {
+            print("\(self.implementation.TAG) Cannot get version name")
+            // crash the app
+            fatalError("Cannot get version name")
+        }
         do {
-            currentVersionNative = try Version(getConfig().getString("version", Bundle.main.versionName ?? "0.0.0")!)
+            currentVersionNative = try Version(versionName)
         } catch {
-            print("\(self.implementation.TAG) Cannot get version native \(currentVersionNative)")
+            print("\(self.implementation.TAG) Cannot parse versionName \(versionName)")
         }
         print("\(self.implementation.TAG) version native \(self.currentVersionNative.description)")
         implementation.versionBuild = getConfig().getString("version", Bundle.main.versionName)!
@@ -581,13 +586,16 @@ public class CapacitorUpdaterPlugin: CAPPlugin {
 
     func backgroundDownload() {
         let messageUpdate = self.directUpdate ? "Update will occur now." : "Update will occur next time app moves to background."
+        guard let url = URL(string: self.updateUrl) else {
+            print("\(self.implementation.TAG) Error no url or wrong format")
+            return
+        }
         DispatchQueue.global(qos: .background).async {
             self.backgroundTaskID = UIApplication.shared.beginBackgroundTask(withName: "Finish Download Tasks") {
                 // End the task if time expires.
                 self.endBackGroundTask()
             }
             print("\(self.implementation.TAG) Check for update via \(self.updateUrl)")
-            let url = URL(string: self.updateUrl)!
             let res = self.implementation.getLatest(url: url)
             let current = self.implementation.getCurrentBundle()
 
@@ -706,7 +714,9 @@ public class CapacitorUpdaterPlugin: CAPPlugin {
     }
 
     @objc private func fromJsonArr(json: String) -> [NSObject] {
-        let jsonData = json.data(using: .utf8)!
+        guard let jsonData = json.data(using: .utf8) else {
+            return []
+        }
         let object = try? JSONSerialization.jsonObject(
             with: jsonData,
             options: .mutableContainers
@@ -734,8 +744,11 @@ public class CapacitorUpdaterPlugin: CAPPlugin {
         if periodCheckDelay == 0 || !self._isAutoUpdateEnabled() {
             return
         }
+        guard let url = URL(string: self.updateUrl) else {
+            print("\(self.implementation.TAG) Error no url or wrong format")
+            return
+        }
         let timer = Timer.scheduledTimer(withTimeInterval: TimeInterval(periodCheckDelay), repeats: true) { _ in
-            let url = URL(string: self.updateUrl)!
             let res = self.implementation.getLatest(url: url)
             let current = self.implementation.getCurrentBundle()
 

diff --git a/ios/Plugin/CryptoCipher.swift b/ios/Plugin/CryptoCipher.swift
@@ -199,10 +199,16 @@ public struct RSAPrivateKey {
         privKey = privKey.replacingOccurrences(of: "-----END RSA PRIVATE KEY-----", with: "")
         privKey = privKey.replacingOccurrences(of: "\\n+", with: "", options: .regularExpression)
         privKey = privKey.trimmingCharacters(in: .whitespacesAndNewlines)
-        let rsaPrivateKeyData: Data = Data(base64Encoded: privKey)!
-        if let privateKey: SecKey = .loadPrivateFromData(rsaPrivateKeyData) {
+        do {
+            guard let rsaPrivateKeyData: Data  = Data(base64Encoded: privKey) else {
+                throw CustomError.cannotDecode
+            }
+            guard let privateKey: SecKey = .loadPrivateFromData(rsaPrivateKeyData) else {
+                throw CustomError.cannotDecode
+            }
             return RSAPrivateKey(privateKey: privateKey)
-        } else {
+        } catch {
+            print("Error load RSA: \(error)")
             return nil
         }
     }

diff --git a/package.json b/package.json
@@ -78,7 +78,6 @@
     "@capacitor/core": "^5.0.0"
   },
   "prettier": "@ionic/prettier-config",
-  "swiftlint": "@ionic/swiftlint-config",
   "eslintConfig": {
     "extends": "@ionic/eslint-config/recommended"
   },