Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
e
os
App Lounge
Commits
7c1193a5
Commit
7c1193a5
authored
Mar 23, 2021
by
narinder Rana
Browse files
Merge branch 'issue_1892' into 'master'
handle exception issue_1892 See merge request e/apps/apps!57
parents
ed6b5066
47045398
Pipeline
#107368
passed with stage
in 4 minutes and 34 seconds
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
app/src/main/java/foundation/e/apps/application/model/IntegrityVerificationTask.kt
View file @
7c1193a5
...
...
@@ -19,6 +19,10 @@ package foundation.e.apps.application.model
import
android.content.Context
import
android.os.AsyncTask
import
android.os.Handler
import
android.os.Looper
import
android.widget.Toast
import
foundation.e.apps.R
import
foundation.e.apps.application.model.data.FullData
import
foundation.e.apps.utils.Constants
import
org.bouncycastle.jce.provider.BouncyCastleProvider
...
...
@@ -53,6 +57,7 @@ class IntegrityVerificationTask(
}
else
{
Security
.
addProvider
(
BouncyCastleProvider
())
verifyAPKSignature
(
context
[
0
],
BufferedInputStream
(
FileInputStream
(
applicationInfo
.
getApkFile
(
context
[
0
],
fullData
.
basicData
).
absolutePath
)),
...
...
@@ -88,44 +93,56 @@ class IntegrityVerificationTask(
}
private
fun
verifyAPKSignature
(
context
:
Context
,
apkInputStream
:
BufferedInputStream
,
apkSignatureInputStream
:
InputStream
,
publicKeyInputStream
:
InputStream
):
Boolean
{
try
{
var
jcaPGPObjectFactory
=
JcaPGPObjectFactory
(
PGPUtil
.
getDecoderStream
(
apkSignatureInputStream
))
val
pgpSignatureList
:
PGPSignatureList
var
jcaPGPObjectFactory
=
JcaPGPObjectFactory
(
PGPUtil
.
getDecoderStream
(
apkSignatureInputStream
))
val
pgpSignatureList
:
PGPSignatureList
val
pgpObject
=
jcaPGPObjectFactory
.
nextObject
()
if
(
pgpObject
is
PGPCompressedData
)
{
jcaPGPObjectFactory
=
JcaPGPObjectFactory
(
pgpObject
.
dataStream
)
pgpSignatureList
=
jcaPGPObjectFactory
.
nextObject
()
as
PGPSignatureList
}
else
{
pgpSignatureList
=
pgpObject
as
PGPSignatureList
}
val
pgpObject
=
jcaPGPObjectFactory
.
nextObject
()
if
(
pgpObject
is
PGPCompressedData
)
{
jcaPGPObjectFactory
=
JcaPGPObjectFactory
(
pgpObject
.
dataStream
)
pgpSignatureList
=
jcaPGPObjectFactory
.
nextObject
()
as
PGPSignatureList
}
else
{
pgpSignatureList
=
pgpObject
as
PGPSignatureList
}
val
pgpPublicKeyRingCollection
=
PGPPublicKeyRingCollection
(
PGPUtil
.
getDecoderStream
(
publicKeyInputStream
),
JcaKeyFingerprintCalculator
())
val
pgpPublicKeyRingCollection
=
PGPPublicKeyRingCollection
(
PGPUtil
.
getDecoderStream
(
publicKeyInputStream
),
JcaKeyFingerprintCalculator
())
val
signature
=
pgpSignatureList
.
get
(
0
)
val
key
=
pgpPublicKeyRingCollection
.
getPublicKey
(
signature
.
keyID
)
val
signature
=
pgpSignatureList
.
get
(
0
)
val
key
=
pgpPublicKeyRingCollection
.
getPublicKey
(
signature
.
keyID
)
signature
.
init
(
BcPGPContentVerifierBuilderProvider
(),
key
)
signature
.
init
(
BcPGPContentVerifierBuilderProvider
(),
key
)
val
buff
=
ByteArray
(
1024
)
var
read
=
apkInputStream
.
read
(
buff
)
while
(
read
!=
-
1
)
{
signature
.
update
(
buff
,
0
,
read
)
read
=
apkInputStream
.
read
(
buff
)
}
val
buff
=
ByteArray
(
1024
)
var
read
=
apkInputStream
.
read
(
buff
)
while
(
read
!=
-
1
)
{
signature
.
update
(
buff
,
0
,
read
)
read
=
apkInputStream
.
read
(
buff
)
}
apkInputStream
.
close
()
apkSignatureInputStream
.
close
()
publicKeyInputStream
.
close
()
return
signature
.
verify
()
}
catch
(
e
:
Exception
)
{
e
.
printStackTrace
()
apkInputStream
.
close
()
apkSignatureInputStream
.
close
()
publicKeyInputStream
.
close
()
Handler
(
Looper
.
getMainLooper
()).
post
{
val
toast
=
Toast
.
makeText
(
context
,
context
.
resources
.
getString
(
R
.
string
.
Signature_verification_failed
),
Toast
.
LENGTH_LONG
)
toast
.
show
()
}
}
return
signature
.
verify
()
return
false
;
}
}
...
...
app/src/main/res/values/strings.xml
View file @
7c1193a5
...
...
@@ -184,4 +184,9 @@
<string
name=
"microg_not_installed"
>
Not Installed
</string>
<string
name=
"microg_installed"
>
Installed
</string>
<string
name=
"Signature_verification_failed"
>
Signature verification failed, aborting install
</string>
</resources>
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment