Loading services/core/java/com/android/server/BinaryTransparencyService.java +29 −5 Original line number Diff line number Diff line Loading @@ -574,9 +574,10 @@ public class BinaryTransparencyService extends SystemService { pw.println("ERROR: Package's signingInfo is null."); return; } // TODO(b/261501773): Handle printing of lineage of rotated keys. pw.println("--- Package Signer Info ---"); pw.println("Has multiple signers: " + signerInfo.hasMultipleSigners()); pw.println("Signing key has been rotated: " + signerInfo.hasPastSigningCertificates()); Signature[] packageSigners = signerInfo.getApkContentsSigners(); for (Signature packageSigner : packageSigners) { byte[] packageSignerDigestBytes = Loading @@ -590,8 +591,31 @@ public class BinaryTransparencyService extends SystemService { } catch (CertificateException e) { Slog.e(TAG, "Failed to obtain public key of signer for cert with hash: " + packageSignerDigestHextring); e.printStackTrace(); + packageSignerDigestHextring, e); } } if (!signerInfo.hasMultipleSigners() && signerInfo.hasPastSigningCertificates()) { pw.println("== Signing Cert Lineage (Excluding The Most Recent) =="); pw.println("(Certs are sorted in the order of rotation, beginning with the " + "original signing cert)"); Signature[] signingCertHistory = signerInfo.getSigningCertificateHistory(); for (int i = 0; i < (signingCertHistory.length - 1); i++) { Signature signature = signingCertHistory[i]; byte[] signatureDigestBytes = PackageUtils.computeSha256DigestBytes( signature.toByteArray()); String certHashHexString = HexEncoding.encodeToString( signatureDigestBytes, false); pw.println(" ++ Signer cert #" + (i + 1) + " ++"); pw.println(" Cert SHA256-digest: " + certHashHexString); try { PublicKey publicKey = signature.getPublicKey(); pw.println(" Signing key algorithm: " + publicKey.getAlgorithm()); } catch (CertificateException e) { Slog.e(TAG, "Failed to obtain public key of signer for cert " + "with hash: " + certHashHexString, e); } } } Loading Loading
services/core/java/com/android/server/BinaryTransparencyService.java +29 −5 Original line number Diff line number Diff line Loading @@ -574,9 +574,10 @@ public class BinaryTransparencyService extends SystemService { pw.println("ERROR: Package's signingInfo is null."); return; } // TODO(b/261501773): Handle printing of lineage of rotated keys. pw.println("--- Package Signer Info ---"); pw.println("Has multiple signers: " + signerInfo.hasMultipleSigners()); pw.println("Signing key has been rotated: " + signerInfo.hasPastSigningCertificates()); Signature[] packageSigners = signerInfo.getApkContentsSigners(); for (Signature packageSigner : packageSigners) { byte[] packageSignerDigestBytes = Loading @@ -590,8 +591,31 @@ public class BinaryTransparencyService extends SystemService { } catch (CertificateException e) { Slog.e(TAG, "Failed to obtain public key of signer for cert with hash: " + packageSignerDigestHextring); e.printStackTrace(); + packageSignerDigestHextring, e); } } if (!signerInfo.hasMultipleSigners() && signerInfo.hasPastSigningCertificates()) { pw.println("== Signing Cert Lineage (Excluding The Most Recent) =="); pw.println("(Certs are sorted in the order of rotation, beginning with the " + "original signing cert)"); Signature[] signingCertHistory = signerInfo.getSigningCertificateHistory(); for (int i = 0; i < (signingCertHistory.length - 1); i++) { Signature signature = signingCertHistory[i]; byte[] signatureDigestBytes = PackageUtils.computeSha256DigestBytes( signature.toByteArray()); String certHashHexString = HexEncoding.encodeToString( signatureDigestBytes, false); pw.println(" ++ Signer cert #" + (i + 1) + " ++"); pw.println(" Cert SHA256-digest: " + certHashHexString); try { PublicKey publicKey = signature.getPublicKey(); pw.println(" Signing key algorithm: " + publicKey.getAlgorithm()); } catch (CertificateException e) { Slog.e(TAG, "Failed to obtain public key of signer for cert " + "with hash: " + certHashHexString, e); } } } Loading
