Merge "Migrate StrictJarVerifier and ShortcutPackageInfo to java.util.Base64"... (589ff839) · Commits · e / os / android_frameworks_base

core/java/android/util/jar/StrictJarVerifier.java

+14 −8

Original line number	Diff line number	Diff line
		@@ -17,7 +17,7 @@

		package android.util.jar;

		import java.io.ByteArrayInputStream;
		import android.util.apk.ApkSignatureSchemeV2Verifier;
		import java.io.IOException;
		import java.io.OutputStream;
		import java.nio.charset.StandardCharsets;
		@@ -33,13 +33,9 @@ import java.util.Iterator;
		import java.util.List;
		import java.util.Locale;
		import java.util.Map;
		import java.util.Set;
		import java.util.StringTokenizer;
		import java.util.jar.Attributes;
		import java.util.jar.JarFile;
		import android.util.ArraySet;
		import android.util.apk.ApkSignatureSchemeV2Verifier;
		import libcore.io.Base64;
		import sun.security.jca.Providers;
		import sun.security.pkcs.PKCS7;
		import sun.security.pkcs.SignerInfo;
		@@ -139,7 +135,7 @@ class StrictJarVerifier {
		*/
		void verify() {
		byte[] d = digest.digest();
		if (!MessageDigest.isEqual(d, Base64.decode(hash))) {
		if (!verifyMessageDigest(d, hash)) {
		throw invalidDigest(JarFile.MANIFEST_NAME, name, name);
		}
		verifiedEntries.put(name, certChains);
		@@ -490,12 +486,22 @@ class StrictJarVerifier {
		md.update(data, start, end - start);
		}
		byte[] b = md.digest();
		byte[] hashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
		return MessageDigest.isEqual(b, Base64.decode(hashBytes));
		byte[] encodedHashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
		return verifyMessageDigest(b, encodedHashBytes);
		}
		return ignorable;
		}

		private static boolean verifyMessageDigest(byte[] expected, byte[] encodedActual) {
		byte[] actual;
		try {
		actual = java.util.Base64.getDecoder().decode(encodedActual);
		} catch (IllegalArgumentException e) {
		return false;
		}
		return MessageDigest.isEqual(expected, actual);
		}

		/**
		* Returns all of the {@link java.security.cert.Certificate} chains that
		* were used to verify the signature on the JAR entry called

services/core/java/com/android/server/pm/ShortcutPackageInfo.java

+6 −3

Original line number	Diff line number	Diff line
		@@ -23,7 +23,6 @@ import android.util.Slog;
		import com.android.internal.annotations.VisibleForTesting;
		import com.android.server.backup.BackupUtils;

		import libcore.io.Base64;
		import libcore.util.HexEncoding;

		import org.xmlpull.v1.XmlPullParser;
		@@ -33,6 +32,7 @@ import org.xmlpull.v1.XmlSerializer;
		import java.io.IOException;
		import java.io.PrintWriter;
		import java.util.ArrayList;
		import java.util.Base64;

		/**
		* Package information used by {@link android.content.pm.ShortcutManager} for backup / restore.
		@@ -161,7 +161,8 @@ class ShortcutPackageInfo {

		for (int i = 0; i < mSigHashes.size(); i++) {
		out.startTag(null, TAG_SIGNATURE);
		ShortcutService.writeAttr(out, ATTR_SIGNATURE_HASH, Base64.encode(mSigHashes.get(i)));
		final String encoded = Base64.getEncoder().encodeToString(mSigHashes.get(i));
		ShortcutService.writeAttr(out, ATTR_SIGNATURE_HASH, encoded);
		out.endTag(null, TAG_SIGNATURE);
		}
		out.endTag(null, TAG_ROOT);
		@@ -196,7 +197,9 @@ class ShortcutPackageInfo {
		case TAG_SIGNATURE: {
		final String hash = ShortcutService.parseStringAttribute(
		parser, ATTR_SIGNATURE_HASH);
		hashes.add(Base64.decode(hash.getBytes()));
		// Throws IllegalArgumentException if hash is invalid base64 data
		final byte[] decoded = Base64.getDecoder().decode(hash);
		hashes.add(decoded);
		continue;
		}
		}