Merge "Fix fsverity root hash format"

        calculateFsveritySignatureInternal(apk, signatureInfo, null, null, header, extensions);

        calculateFsveritySignatureInternal(apk, signatureInfo, null, null, header, extensions);

        MessageDigest md = MessageDigest.getInstance(JCA_DIGEST_ALGORITHM);

        MessageDigest md = MessageDigest.getInstance(JCA_DIGEST_ALGORITHM);

        md.update(DEFAULT_SALT);

        md.update(header);

        md.update(verityBlock);

        md.update(extensions);

        md.update(apkDigest);

        md.update(apkDigest);

        return md.digest();

        return md.digest();

    }

    }

    /**

     * Internal method to generate various parts of FSVerity constructs, including the header,

     * extensions, Merkle tree, and the tree's root hash.  The output buffer is flipped to the

     * generated data size and is readey for consuming.

     */

    private static void calculateFsveritySignatureInternal(

    private static void calculateFsveritySignatureInternal(

            RandomAccessFile apk, SignatureInfo signatureInfo, ByteBuffer treeOutput,

            RandomAccessFile apk, SignatureInfo signatureInfo, ByteBuffer treeOutput,

            ByteBuffer rootHashOutput, ByteBuffer headerOutput, ByteBuffer extensionsOutput)

            ByteBuffer rootHashOutput, ByteBuffer headerOutput, ByteBuffer extensionsOutput)

            throws IOException, NoSuchAlgorithmException, DigestException {

            throws IOException, NoSuchAlgorithmException, DigestException {

        assertSigningBlockAlignedAndHasFullPages(signatureInfo);

        assertSigningBlockAlignedAndHasFullPages(signatureInfo);

        long signingBlockSize =

        long signingBlockSize =

                signatureInfo.centralDirOffset - signatureInfo.apkSigningBlockOffset;

                signatureInfo.centralDirOffset - signatureInfo.apkSigningBlockOffset;

        long dataSize = apk.length() - signingBlockSize - ZIP_EOCD_CENTRAL_DIR_OFFSET_FIELD_SIZE;

        long dataSize = apk.length() - signingBlockSize - ZIP_EOCD_CENTRAL_DIR_OFFSET_FIELD_SIZE;

                    levelOffset, treeOutput);

                    levelOffset, treeOutput);

            if (rootHashOutput != null) {

            if (rootHashOutput != null) {

                rootHashOutput.put(apkRootHash);

                rootHashOutput.put(apkRootHash);

                rootHashOutput.flip();

            }

            }

        }

        }

        buffer.put((byte) 0);               // auth block offset, disabled here

        buffer.put((byte) 0);               // auth block offset, disabled here

        buffer.put((byte) 2);               // extension count

        buffer.put((byte) 2);               // extension count

        buffer.put(salt);                   // salt (8 bytes)

        buffer.put(salt);                   // salt (8 bytes)

        // skip(buffer, 22);                // reserved

        skip(buffer, 22);                   // reserved

        buffer.rewind();

        buffer.flip();

        return buffer;

        return buffer;

    }

    }

            buffer.put((byte) ZIP_EOCD_CENTRAL_DIR_OFFSET_FIELD_SIZE);  // length

            buffer.put((byte) ZIP_EOCD_CENTRAL_DIR_OFFSET_FIELD_SIZE);  // length

            skip(buffer, 7);                                            // reserved

            skip(buffer, 7);                                            // reserved

            buffer.putInt(Math.toIntExact(signingBlockOffset));         // databytes

            buffer.putInt(Math.toIntExact(signingBlockOffset));         // databytes

            skip(buffer, kPadding);                                     // padding

            // There are extra kPadding bytes of 0s here, included in the total size field of the

            // extension header. The output ByteBuffer is assumed to be initialized to 0.

        }

        }

        buffer.rewind();

        buffer.flip();

        return buffer;

        return buffer;

    }

    }