Examples with CodeRelatedFile - com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile

Example 1 with CodeRelatedFile

use of com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile in project bundletool by google.

the class BundleTransparencyCheckUtils method checkTransparency.

/**
 * Verifies code transparency for the given bundle, and returns {@link TransparencyCheckResult}.
 *
 * @throws InvalidBundleException if an error occurs during verification.
 */
public static TransparencyCheckResult checkTransparency(AppBundle bundle, ByteSource signedTransparencyFile) {
    if (bundle.hasSharedUserId()) {
        throw InvalidBundleException.builder().withUserMessage("Transparency file is present in the bundle, but it can not be verified because" + " `sharedUserId` attribute is specified in one of the manifests.").build();
    }
    TransparencyCheckResult.Builder result = TransparencyCheckResult.builder();
    JsonWebSignature jws = CodeTransparencyCryptoUtils.parseJws(signedTransparencyFile);
    if (!CodeTransparencyCryptoUtils.verifySignature(jws)) {
        return result.errorMessage("Verification failed because code transparency signature is invalid.").build();
    }
    result.transparencySignatureVerified(true).transparencyKeyCertificateFingerprint(CodeTransparencyCryptoUtils.getCertificateFingerprint(jws));
    CodeTransparency parsedTransparencyFile = CodeTransparencyFactory.parseFrom(jws.getUnverifiedPayload());
    CodeTransparencyVersion.checkVersion(parsedTransparencyFile);
    MapDifference<String, CodeRelatedFile> difference = Maps.difference(getCodeRelatedFilesFromParsedTransparencyFile(parsedTransparencyFile), getCodeRelatedFilesFromBundle(bundle));
    result.fileContentsVerified(difference.areEqual());
    if (!difference.areEqual()) {
        result.errorMessage(getDiffAsString(difference));
    }
    return result.build();
}

Also used : JsonWebSignature(org.jose4j.jws.JsonWebSignature) CodeTransparency(com.android.bundle.CodeTransparencyOuterClass.CodeTransparency) CodeRelatedFile(com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile)

Example 2 with CodeRelatedFile

use of com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile in project bundletool by google.

the class CodeTransparencyFactory method createCodeRelatedFile.

private static CodeRelatedFile createCodeRelatedFile(ModuleEntry moduleEntry) {
    checkArgument(moduleEntry.getBundleLocation().isPresent());
    CodeRelatedFile.Builder codeRelatedFile = CodeRelatedFile.newBuilder().setPath(moduleEntry.getBundleLocation().get().entryPathInBundle().toString());
    if (moduleEntry.getPath().startsWith(BundleModule.LIB_DIRECTORY)) {
        codeRelatedFile.setType(CodeRelatedFile.Type.NATIVE_LIBRARY);
        codeRelatedFile.setApkPath(moduleEntry.getPath().toString());
    } else {
        codeRelatedFile.setType(CodeRelatedFile.Type.DEX);
    }
    try {
        codeRelatedFile.setSha256(moduleEntry.getContent().hash(Hashing.sha256()).toString());
    } catch (IOException e) {
        throw new UncheckedIOException("An error occurred when calculating file hash.", e);
    }
    return codeRelatedFile.build();
}

Also used : UncheckedIOException(java.io.UncheckedIOException) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) CodeRelatedFile(com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile)

Aggregations

CodeRelatedFile (com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile)2 CodeTransparency (com.android.bundle.CodeTransparencyOuterClass.CodeTransparency)1 IOException (java.io.IOException)1 UncheckedIOException (java.io.UncheckedIOException)1 JsonWebSignature (org.jose4j.jws.JsonWebSignature)1