Loading core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java +10 −0 Original line number Diff line number Diff line Loading @@ -75,6 +75,11 @@ public class ApkSignatureSchemeV2Verifier { private static final int APK_SIGNATURE_SCHEME_V2_BLOCK_ID = 0x7109871a; /** * The maximum number of signers supported by the v2 APK signature scheme. */ private static final int MAX_V2_SIGNERS = 10; /** * Returns {@code true} if the provided APK contains an APK Signature Scheme V2 signature. * Loading Loading @@ -183,6 +188,11 @@ public class ApkSignatureSchemeV2Verifier { } while (signers.hasRemaining()) { signerCount++; if (signerCount > MAX_V2_SIGNERS) { throw new SecurityException( "APK Signature Scheme v2 only supports a maximum of " + MAX_V2_SIGNERS + " signers"); } try { ByteBuffer signer = getLengthPrefixedSlice(signers); X509Certificate[] certs = verifySigner(signer, contentDigests, certFactory); Loading core/java/android/util/jar/StrictJarVerifier.java +11 −0 Original line number Diff line number Diff line Loading @@ -78,6 +78,11 @@ class StrictJarVerifier { "SHA1", }; /** * The maximum number of signers supported by the JAR signature scheme. */ private static final int MAX_JAR_SIGNERS = 10; private final String jarName; private final StrictJarManifest manifest; private final HashMap<String, byte[]> metaEntries; Loading Loading @@ -293,10 +298,16 @@ class StrictJarVerifier { return false; } int signerCount = 0; Iterator<String> it = metaEntries.keySet().iterator(); while (it.hasNext()) { String key = it.next(); if (key.endsWith(".DSA") || key.endsWith(".RSA") || key.endsWith(".EC")) { if (++signerCount > MAX_JAR_SIGNERS) { throw new SecurityException( "APK Signature Scheme v1 only supports a maximum of " + MAX_JAR_SIGNERS + " signers"); } verifyCertificate(key); it.remove(); } Loading Loading
core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java +10 −0 Original line number Diff line number Diff line Loading @@ -75,6 +75,11 @@ public class ApkSignatureSchemeV2Verifier { private static final int APK_SIGNATURE_SCHEME_V2_BLOCK_ID = 0x7109871a; /** * The maximum number of signers supported by the v2 APK signature scheme. */ private static final int MAX_V2_SIGNERS = 10; /** * Returns {@code true} if the provided APK contains an APK Signature Scheme V2 signature. * Loading Loading @@ -183,6 +188,11 @@ public class ApkSignatureSchemeV2Verifier { } while (signers.hasRemaining()) { signerCount++; if (signerCount > MAX_V2_SIGNERS) { throw new SecurityException( "APK Signature Scheme v2 only supports a maximum of " + MAX_V2_SIGNERS + " signers"); } try { ByteBuffer signer = getLengthPrefixedSlice(signers); X509Certificate[] certs = verifySigner(signer, contentDigests, certFactory); Loading
core/java/android/util/jar/StrictJarVerifier.java +11 −0 Original line number Diff line number Diff line Loading @@ -78,6 +78,11 @@ class StrictJarVerifier { "SHA1", }; /** * The maximum number of signers supported by the JAR signature scheme. */ private static final int MAX_JAR_SIGNERS = 10; private final String jarName; private final StrictJarManifest manifest; private final HashMap<String, byte[]> metaEntries; Loading Loading @@ -293,10 +298,16 @@ class StrictJarVerifier { return false; } int signerCount = 0; Iterator<String> it = metaEntries.keySet().iterator(); while (it.hasNext()) { String key = it.next(); if (key.endsWith(".DSA") || key.endsWith(".RSA") || key.endsWith(".EC")) { if (++signerCount > MAX_JAR_SIGNERS) { throw new SecurityException( "APK Signature Scheme v1 only supports a maximum of " + MAX_JAR_SIGNERS + " signers"); } verifyCertificate(key); it.remove(); } Loading
