Examples with ContentDigestAlgorithm com.android.apksig.internal.apk.ContentDigestAlgorithm used on opensource projects

Search in sources :

Example 11 with ContentDigestAlgorithm

use of com.android.apksig.internal.apk.ContentDigestAlgorithm in project apksig by venshine.

the class ApkVerifier method getApkContentDigests.

/**
 * Obtains the APK content digest(s) and adds them to the provided {@code
 * sigSchemeApkContentDigests}, returning an {@code ApkSigningBlockUtils.Result} that can be
 * merged with a {@code Result} to notify the client of any errors.
 *
 * <p>Note, this method currently only supports signature scheme V2 and V3; to obtain the
 * content digests for V1 signatures use {@link
 * #getApkContentDigestFromV1SigningScheme(List, DataSource, ApkUtils.ZipSections)}. If a
 * signature scheme version other than V2 or V3 is provided a {@code null} value will be
 * returned.
 */
private ApkSigningBlockUtils.Result getApkContentDigests(DataSource apk, ApkUtils.ZipSections zipSections, Set<Integer> foundApkSigSchemeIds, Map<Integer, String> supportedSchemeNames, Map<Integer, Map<ContentDigestAlgorithm, byte[]>> sigSchemeApkContentDigests, int apkSigSchemeVersion, int minSdkVersion) throws IOException, NoSuchAlgorithmException {
    if (!(apkSigSchemeVersion == VERSION_APK_SIGNATURE_SCHEME_V2 || apkSigSchemeVersion == VERSION_APK_SIGNATURE_SCHEME_V3)) {
        return null;
    }
    ApkSigningBlockUtils.Result result = new ApkSigningBlockUtils.Result(apkSigSchemeVersion);
    SignatureInfo signatureInfo;
    try {
        int sigSchemeBlockId = apkSigSchemeVersion == VERSION_APK_SIGNATURE_SCHEME_V3 ? V3SchemeConstants.APK_SIGNATURE_SCHEME_V3_BLOCK_ID : V2SchemeConstants.APK_SIGNATURE_SCHEME_V2_BLOCK_ID;
        signatureInfo = ApkSigningBlockUtils.findSignature(apk, zipSections, sigSchemeBlockId, result);
    } catch (ApkSigningBlockUtils.SignatureNotFoundException e) {
        return null;
    }
    foundApkSigSchemeIds.add(apkSigSchemeVersion);
    Set<ContentDigestAlgorithm> contentDigestsToVerify = new HashSet<>(1);
    if (apkSigSchemeVersion == VERSION_APK_SIGNATURE_SCHEME_V2) {
        V2SchemeVerifier.parseSigners(signatureInfo.signatureBlock, contentDigestsToVerify, supportedSchemeNames, foundApkSigSchemeIds, minSdkVersion, mMaxSdkVersion, result);
    } else {
        V3SchemeVerifier.parseSigners(signatureInfo.signatureBlock, contentDigestsToVerify, result);
    }
    Map<ContentDigestAlgorithm, byte[]> apkContentDigests = new EnumMap<>(ContentDigestAlgorithm.class);
    for (ApkSigningBlockUtils.Result.SignerInfo signerInfo : result.signers) {
        for (ApkSigningBlockUtils.Result.SignerInfo.ContentDigest contentDigest : signerInfo.contentDigests) {
            SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.findById(contentDigest.getSignatureAlgorithmId());
            if (signatureAlgorithm == null) {
                continue;
            }
            apkContentDigests.put(signatureAlgorithm.getContentDigestAlgorithm(), contentDigest.getValue());
        }
    }
    sigSchemeApkContentDigests.put(apkSigSchemeVersion, apkContentDigests);
    return result;
}
Also used : SignatureAlgorithm(com.android.apksig.internal.apk.SignatureAlgorithm) ApkSigningBlockUtils(com.android.apksig.internal.apk.ApkSigningBlockUtils) ApkSigResult(com.android.apksig.internal.apk.ApkSigResult) SignatureInfo(com.android.apksig.internal.apk.SignatureInfo) ApkSignerInfo(com.android.apksig.internal.apk.ApkSignerInfo) ContentDigestAlgorithm(com.android.apksig.internal.apk.ContentDigestAlgorithm) EnumMap(java.util.EnumMap) HashSet(java.util.HashSet)

Example 12 with ContentDigestAlgorithm

use of com.android.apksig.internal.apk.ContentDigestAlgorithm in project apksig by venshine.

the class V3SchemeSigner method generateSignerBlock.

private static byte[] generateSignerBlock(SignerConfig signerConfig, Map<ContentDigestAlgorithm, byte[]> contentDigests) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
    if (signerConfig.certificates.isEmpty()) {
        throw new SignatureException("No certificates configured for signer");
    }
    PublicKey publicKey = signerConfig.certificates.get(0).getPublicKey();
    byte[] encodedPublicKey = encodePublicKey(publicKey);
    V3SignatureSchemeBlock.SignedData signedData = new V3SignatureSchemeBlock.SignedData();
    try {
        signedData.certificates = encodeCertificates(signerConfig.certificates);
    } catch (CertificateEncodingException e) {
        throw new SignatureException("Failed to encode certificates", e);
    }
    List<Pair<Integer, byte[]>> digests = new ArrayList<>(signerConfig.signatureAlgorithms.size());
    for (SignatureAlgorithm signatureAlgorithm : signerConfig.signatureAlgorithms) {
        ContentDigestAlgorithm contentDigestAlgorithm = signatureAlgorithm.getContentDigestAlgorithm();
        byte[] contentDigest = contentDigests.get(contentDigestAlgorithm);
        if (contentDigest == null) {
            throw new RuntimeException(contentDigestAlgorithm + " content digest for " + signatureAlgorithm + " not computed");
        }
        digests.add(Pair.of(signatureAlgorithm.getId(), contentDigest));
    }
    signedData.digests = digests;
    signedData.minSdkVersion = signerConfig.minSdkVersion;
    signedData.maxSdkVersion = signerConfig.maxSdkVersion;
    signedData.additionalAttributes = generateAdditionalAttributes(signerConfig);
    V3SignatureSchemeBlock.Signer signer = new V3SignatureSchemeBlock.Signer();
    signer.signedData = encodeSignedData(signedData);
    signer.minSdkVersion = signerConfig.minSdkVersion;
    signer.maxSdkVersion = signerConfig.maxSdkVersion;
    signer.publicKey = encodedPublicKey;
    signer.signatures = ApkSigningBlockUtils.generateSignaturesOverData(signerConfig, signer.signedData);
    return encodeSigner(signer);
}
Also used : PublicKey(java.security.PublicKey) ApkSigningBlockUtils.encodePublicKey(com.android.apksig.internal.apk.ApkSigningBlockUtils.encodePublicKey) ArrayList(java.util.ArrayList) CertificateEncodingException(java.security.cert.CertificateEncodingException) SignatureAlgorithm(com.android.apksig.internal.apk.SignatureAlgorithm) SignatureException(java.security.SignatureException) ContentDigestAlgorithm(com.android.apksig.internal.apk.ContentDigestAlgorithm) Pair(com.android.apksig.internal.util.Pair)

Example 13 with ContentDigestAlgorithm

use of com.android.apksig.internal.apk.ContentDigestAlgorithm in project apksig by venshine.

the class V4SchemeSigner method getBestV3Digest.

private static byte[] getBestV3Digest(DataSource apk, ApkUtils.ZipSections zipSections) throws SignatureException {
    final Set<ContentDigestAlgorithm> contentDigestsToVerify = new HashSet<>(1);
    final ApkSigningBlockUtils.Result result = new ApkSigningBlockUtils.Result(ApkSigningBlockUtils.VERSION_APK_SIGNATURE_SCHEME_V3);
    try {
        final SignatureInfo signatureInfo = ApkSigningBlockUtils.findSignature(apk, zipSections, APK_SIGNATURE_SCHEME_V3_BLOCK_ID, result);
        final ByteBuffer apkSignatureSchemeV3Block = signatureInfo.signatureBlock;
        V3SchemeVerifier.parseSigners(apkSignatureSchemeV3Block, contentDigestsToVerify, result);
    } catch (Exception e) {
        throw new SignatureException("Failed to extract and parse v3 block", e);
    }
    if (result.signers.size() != 1) {
        throw new SignatureException("Should only have one signer, errors: " + result.getErrors());
    }
    ApkSigningBlockUtils.Result.SignerInfo signer = result.signers.get(0);
    if (signer.containsErrors()) {
        throw new SignatureException("Parsing failed: " + signer.getErrors());
    }
    final List<ApkSigningBlockUtils.Result.SignerInfo.ContentDigest> contentDigests = result.signers.get(0).contentDigests;
    return pickBestDigest(contentDigests);
}
Also used : SignatureException(java.security.SignatureException) ApkSigningBlockUtils(com.android.apksig.internal.apk.ApkSigningBlockUtils) ByteBuffer(java.nio.ByteBuffer) SignatureException(java.security.SignatureException) IOException(java.io.IOException) ZipFormatException(com.android.apksig.zip.ZipFormatException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CertificateEncodingException(java.security.cert.CertificateEncodingException) SignatureInfo(com.android.apksig.internal.apk.SignatureInfo) ContentDigestAlgorithm(com.android.apksig.internal.apk.ContentDigestAlgorithm) HashSet(java.util.HashSet)

Example 14 with ContentDigestAlgorithm

use of com.android.apksig.internal.apk.ContentDigestAlgorithm in project apksig by venshine.

the class V4SchemeSigner method getBestV2Digest.

private static byte[] getBestV2Digest(DataSource apk, ApkUtils.ZipSections zipSections) throws SignatureException {
    final Set<ContentDigestAlgorithm> contentDigestsToVerify = new HashSet<>(1);
    final Set<Integer> foundApkSigSchemeIds = new HashSet<>(1);
    final ApkSigningBlockUtils.Result result = new ApkSigningBlockUtils.Result(ApkSigningBlockUtils.VERSION_APK_SIGNATURE_SCHEME_V2);
    try {
        final SignatureInfo signatureInfo = ApkSigningBlockUtils.findSignature(apk, zipSections, APK_SIGNATURE_SCHEME_V2_BLOCK_ID, result);
        final ByteBuffer apkSignatureSchemeV2Block = signatureInfo.signatureBlock;
        V2SchemeVerifier.parseSigners(apkSignatureSchemeV2Block, contentDigestsToVerify, Collections.emptyMap(), foundApkSigSchemeIds, Integer.MAX_VALUE, Integer.MAX_VALUE, result);
    } catch (Exception e) {
        throw new SignatureException("Failed to extract and parse v2 block", e);
    }
    if (result.signers.size() != 1) {
        throw new SignatureException("Should only have one signer, errors: " + result.getErrors());
    }
    ApkSigningBlockUtils.Result.SignerInfo signer = result.signers.get(0);
    if (signer.containsErrors()) {
        throw new SignatureException("Parsing failed: " + signer.getErrors());
    }
    final List<ApkSigningBlockUtils.Result.SignerInfo.ContentDigest> contentDigests = signer.contentDigests;
    return pickBestDigest(contentDigests);
}
Also used : SignatureException(java.security.SignatureException) ApkSigningBlockUtils(com.android.apksig.internal.apk.ApkSigningBlockUtils) ByteBuffer(java.nio.ByteBuffer) SignatureException(java.security.SignatureException) IOException(java.io.IOException) ZipFormatException(com.android.apksig.zip.ZipFormatException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CertificateEncodingException(java.security.cert.CertificateEncodingException) SignatureInfo(com.android.apksig.internal.apk.SignatureInfo) ContentDigestAlgorithm(com.android.apksig.internal.apk.ContentDigestAlgorithm) HashSet(java.util.HashSet)

Aggregations

ContentDigestAlgorithm (com.android.apksig.internal.apk.ContentDigestAlgorithm)14 ApkSigningBlockUtils (com.android.apksig.internal.apk.ApkSigningBlockUtils)8 SignatureException (java.security.SignatureException)7 CertificateEncodingException (java.security.cert.CertificateEncodingException)6 SignatureAlgorithm (com.android.apksig.internal.apk.SignatureAlgorithm)5 ZipFormatException (com.android.apksig.zip.ZipFormatException)5 ArrayList (java.util.ArrayList)5 ApkFormatException (com.android.apksig.apk.ApkFormatException)4 SignatureInfo (com.android.apksig.internal.apk.SignatureInfo)4 Pair (com.android.apksig.internal.util.Pair)4 EnumMap (java.util.EnumMap)4 ApkSigResult (com.android.apksig.internal.apk.ApkSigResult)3 ApkSignerInfo (com.android.apksig.internal.apk.ApkSignerInfo)3 CentralDirectoryRecord (com.android.apksig.internal.zip.CentralDirectoryRecord)3 IOException (java.io.IOException)3 InvalidKeyException (java.security.InvalidKeyException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 HashSet (java.util.HashSet)3 Map (java.util.Map)3 ApkSigningBlockUtils.encodePublicKey (com.android.apksig.internal.apk.ApkSigningBlockUtils.encodePublicKey)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial