Loading core/java/android/util/PackageUtils.java +27 −14 Original line number Diff line number Diff line Loading @@ -184,24 +184,15 @@ public final class PackageUtils { } /** * @see #computeSha256DigestForLargeFile(String, byte[], String) */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer) { return computeSha256DigestForLargeFile(filePath, fileBuffer, null); } /** * Computes the SHA256 digest of large files. This is typically useful for large APEXs. * Computes the SHA256 digest of a large file. * @param filePath The path to which the file's content is to be hashed. * @param fileBuffer A buffer to read file's content into memory. It is strongly recommended to * make use of the {@link #createLargeFileBuffer()} method to create this * buffer. * @param separator Separator between each pair of characters, such as colon, or null to omit. * @return The SHA256 digest or null if an error occurs. * @return The byte array of SHA256 digest or null if an error occurs. */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer, @Nullable String separator) { public static @Nullable byte[] computeSha256DigestForLargeFileAsBytes(@NonNull String filePath, @NonNull byte[] fileBuffer) { MessageDigest messageDigest; try { messageDigest = MessageDigest.getInstance("SHA256"); Loading @@ -221,8 +212,30 @@ public final class PackageUtils { return null; } byte[] resultBytes = messageDigest.digest(); return messageDigest.digest(); } /** * @see #computeSha256DigestForLargeFile(String, byte[], String) */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer) { return computeSha256DigestForLargeFile(filePath, fileBuffer, null); } /** * Computes the SHA256 digest of a large file. * @param filePath The path to which the file's content is to be hashed. * @param fileBuffer A buffer to read file's content into memory. It is strongly recommended to * make use of the {@link #createLargeFileBuffer()} method to create this * buffer. * @param separator Separator between each pair of characters, such as colon, or null to omit. * @see #computeSha256DigestForLargeFile(String, byte[]) * @return The encoded string of SHA256 digest or null if an error occurs. */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer, @Nullable String separator) { byte[] resultBytes = computeSha256DigestForLargeFileAsBytes(filePath, fileBuffer); if (separator == null) { return HexEncoding.encodeToString(resultBytes, false); } Loading services/core/java/com/android/server/BinaryTransparencyService.java +18 −18 Original line number Diff line number Diff line Loading @@ -263,13 +263,12 @@ public class BinaryTransparencyService extends SystemService { Map<Integer, byte[]> contentDigests = computeApkContentDigest(apkPath); if (contentDigests == null) { Slog.d(TAG, "Failed to compute content digest for " + apkPath); return new Checksum(0, new byte[] { -1 }); } } else { // in this iteration, we'll be supporting only 2 types of digests: // CHUNKED_SHA256 and CHUNKED_SHA512. // And only one of them will be available per package. if (contentDigests.containsKey(ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA256)) { if (contentDigests.containsKey( ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA256)) { return new Checksum( Checksum.TYPE_PARTIAL_MERKLE_ROOT_1M_SHA256, contentDigests.get(ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA256)); Loading @@ -278,12 +277,13 @@ public class BinaryTransparencyService extends SystemService { return new Checksum( Checksum.TYPE_PARTIAL_MERKLE_ROOT_1M_SHA512, contentDigests.get(ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA512)); } else { // TODO(b/259423111): considering putting the raw values for the algorithm & digest // into the bundle to track potential other digest algorithms that may be in use return new Checksum(0, new byte[] { -1 }); } } // When something went wrong, fall back to simple sha256. byte[] digest = PackageUtils.computeSha256DigestForLargeFileAsBytes(apkPath, PackageUtils.createLargeFileBuffer()); return new Checksum(Checksum.TYPE_WHOLE_SHA256, digest); } /** Loading Loading
core/java/android/util/PackageUtils.java +27 −14 Original line number Diff line number Diff line Loading @@ -184,24 +184,15 @@ public final class PackageUtils { } /** * @see #computeSha256DigestForLargeFile(String, byte[], String) */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer) { return computeSha256DigestForLargeFile(filePath, fileBuffer, null); } /** * Computes the SHA256 digest of large files. This is typically useful for large APEXs. * Computes the SHA256 digest of a large file. * @param filePath The path to which the file's content is to be hashed. * @param fileBuffer A buffer to read file's content into memory. It is strongly recommended to * make use of the {@link #createLargeFileBuffer()} method to create this * buffer. * @param separator Separator between each pair of characters, such as colon, or null to omit. * @return The SHA256 digest or null if an error occurs. * @return The byte array of SHA256 digest or null if an error occurs. */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer, @Nullable String separator) { public static @Nullable byte[] computeSha256DigestForLargeFileAsBytes(@NonNull String filePath, @NonNull byte[] fileBuffer) { MessageDigest messageDigest; try { messageDigest = MessageDigest.getInstance("SHA256"); Loading @@ -221,8 +212,30 @@ public final class PackageUtils { return null; } byte[] resultBytes = messageDigest.digest(); return messageDigest.digest(); } /** * @see #computeSha256DigestForLargeFile(String, byte[], String) */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer) { return computeSha256DigestForLargeFile(filePath, fileBuffer, null); } /** * Computes the SHA256 digest of a large file. * @param filePath The path to which the file's content is to be hashed. * @param fileBuffer A buffer to read file's content into memory. It is strongly recommended to * make use of the {@link #createLargeFileBuffer()} method to create this * buffer. * @param separator Separator between each pair of characters, such as colon, or null to omit. * @see #computeSha256DigestForLargeFile(String, byte[]) * @return The encoded string of SHA256 digest or null if an error occurs. */ public static @Nullable String computeSha256DigestForLargeFile(@NonNull String filePath, @NonNull byte[] fileBuffer, @Nullable String separator) { byte[] resultBytes = computeSha256DigestForLargeFileAsBytes(filePath, fileBuffer); if (separator == null) { return HexEncoding.encodeToString(resultBytes, false); } Loading
services/core/java/com/android/server/BinaryTransparencyService.java +18 −18 Original line number Diff line number Diff line Loading @@ -263,13 +263,12 @@ public class BinaryTransparencyService extends SystemService { Map<Integer, byte[]> contentDigests = computeApkContentDigest(apkPath); if (contentDigests == null) { Slog.d(TAG, "Failed to compute content digest for " + apkPath); return new Checksum(0, new byte[] { -1 }); } } else { // in this iteration, we'll be supporting only 2 types of digests: // CHUNKED_SHA256 and CHUNKED_SHA512. // And only one of them will be available per package. if (contentDigests.containsKey(ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA256)) { if (contentDigests.containsKey( ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA256)) { return new Checksum( Checksum.TYPE_PARTIAL_MERKLE_ROOT_1M_SHA256, contentDigests.get(ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA256)); Loading @@ -278,12 +277,13 @@ public class BinaryTransparencyService extends SystemService { return new Checksum( Checksum.TYPE_PARTIAL_MERKLE_ROOT_1M_SHA512, contentDigests.get(ApkSigningBlockUtils.CONTENT_DIGEST_CHUNKED_SHA512)); } else { // TODO(b/259423111): considering putting the raw values for the algorithm & digest // into the bundle to track potential other digest algorithms that may be in use return new Checksum(0, new byte[] { -1 }); } } // When something went wrong, fall back to simple sha256. byte[] digest = PackageUtils.computeSha256DigestForLargeFileAsBytes(apkPath, PackageUtils.createLargeFileBuffer()); return new Checksum(Checksum.TYPE_WHOLE_SHA256, digest); } /** Loading
