Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 589ff839 authored by Tobias Thierer's avatar Tobias Thierer Committed by android-build-merger
Browse files

Merge "Migrate StrictJarVerifier and ShortcutPackageInfo to java.util.Base64"...

Merge "Migrate StrictJarVerifier and ShortcutPackageInfo to java.util.Base64" am: 1e498a96 am: 6e2d3fa8
am: 386ba42e

Change-Id: I0b0e8139cc084fbdf9918dd700d9be337e0c47df
parents a0f3e642 386ba42e
Loading
Loading
Loading
Loading
+14 −8
Original line number Diff line number Diff line
@@ -17,7 +17,7 @@

package android.util.jar;

import java.io.ByteArrayInputStream;
import android.util.apk.ApkSignatureSchemeV2Verifier;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
@@ -33,13 +33,9 @@ import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.jar.Attributes;
import java.util.jar.JarFile;
import android.util.ArraySet;
import android.util.apk.ApkSignatureSchemeV2Verifier;
import libcore.io.Base64;
import sun.security.jca.Providers;
import sun.security.pkcs.PKCS7;
import sun.security.pkcs.SignerInfo;
@@ -139,7 +135,7 @@ class StrictJarVerifier {
         */
        void verify() {
            byte[] d = digest.digest();
            if (!MessageDigest.isEqual(d, Base64.decode(hash))) {
            if (!verifyMessageDigest(d, hash)) {
                throw invalidDigest(JarFile.MANIFEST_NAME, name, name);
            }
            verifiedEntries.put(name, certChains);
@@ -490,12 +486,22 @@ class StrictJarVerifier {
                md.update(data, start, end - start);
            }
            byte[] b = md.digest();
            byte[] hashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
            return MessageDigest.isEqual(b, Base64.decode(hashBytes));
            byte[] encodedHashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
            return verifyMessageDigest(b, encodedHashBytes);
        }
        return ignorable;
    }

    private static boolean verifyMessageDigest(byte[] expected, byte[] encodedActual) {
        byte[] actual;
        try {
            actual = java.util.Base64.getDecoder().decode(encodedActual);
        } catch (IllegalArgumentException e) {
            return false;
        }
        return MessageDigest.isEqual(expected, actual);
    }

    /**
     * Returns all of the {@link java.security.cert.Certificate} chains that
     * were used to verify the signature on the JAR entry called
+6 −3
Original line number Diff line number Diff line
@@ -23,7 +23,6 @@ import android.util.Slog;
import com.android.internal.annotations.VisibleForTesting;
import com.android.server.backup.BackupUtils;

import libcore.io.Base64;
import libcore.util.HexEncoding;

import org.xmlpull.v1.XmlPullParser;
@@ -33,6 +32,7 @@ import org.xmlpull.v1.XmlSerializer;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Base64;

/**
 * Package information used by {@link android.content.pm.ShortcutManager} for backup / restore.
@@ -161,7 +161,8 @@ class ShortcutPackageInfo {

        for (int i = 0; i < mSigHashes.size(); i++) {
            out.startTag(null, TAG_SIGNATURE);
            ShortcutService.writeAttr(out, ATTR_SIGNATURE_HASH, Base64.encode(mSigHashes.get(i)));
            final String encoded = Base64.getEncoder().encodeToString(mSigHashes.get(i));
            ShortcutService.writeAttr(out, ATTR_SIGNATURE_HASH, encoded);
            out.endTag(null, TAG_SIGNATURE);
        }
        out.endTag(null, TAG_ROOT);
@@ -196,7 +197,9 @@ class ShortcutPackageInfo {
                    case TAG_SIGNATURE: {
                        final String hash = ShortcutService.parseStringAttribute(
                                parser, ATTR_SIGNATURE_HASH);
                        hashes.add(Base64.decode(hash.getBytes()));
                        // Throws IllegalArgumentException if hash is invalid base64 data
                        final byte[] decoded = Base64.getDecoder().decode(hash);
                        hashes.add(decoded);
                        continue;
                    }
                }