Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Support multi apk stamp verification" into rvc-dev

Browse Source
This commit is contained in:
Khaled Abdelmohsen
2020-03-14 07:23:34 +00:00
committed by Android (Google) Code Review
parent 41b448e39b f6b1e8c3f6
commit 2c89227525
3 changed files with 83 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
core/java/android/util/apk/SourceStampVerifier.java
View File

@@ -43,6 +43,7 @@ import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
@@ -78,6 +79,24 @@ public abstract class SourceStampVerifier {
/** Hidden constructor to prevent instantiation. */
private SourceStampVerifier() {}
/** Verifies SourceStamp present in a list of APKs. */
public static SourceStampVerificationResult verify(List<String> apkFiles) {
Certificate stampCertificate = null;
for (String apkFile : apkFiles) {
SourceStampVerificationResult sourceStampVerificationResult = verify(apkFile);
if (!sourceStampVerificationResult.isPresent()
|| !sourceStampVerificationResult.isVerified()) {
return sourceStampVerificationResult;
}
if (stampCertificate != null
&& !stampCertificate.equals(sourceStampVerificationResult.getCertificate())) {
return SourceStampVerificationResult.notVerified();
}
stampCertificate = sourceStampVerificationResult.getCertificate();
}
return SourceStampVerificationResult.verified(stampCertificate);
}
/** Verifies SourceStamp present in the provided APK. */
public static SourceStampVerificationResult verify(String apkFile) {
try (RandomAccessFile apk = new RandomAccessFile(apkFile, "r")) {