Examples with CodeTransparency com.android.bundle.CodeTransparencyOuterClass.CodeTransparency used on opensource projects

Search in sources :

Example 6 with CodeTransparency

use of com.android.bundle.CodeTransparencyOuterClass.CodeTransparency in project bundletool by google.

the class ApkTransparencyCheckUtils method checkTransparency.

public static TransparencyCheckResult checkTransparency(ImmutableList<Path> deviceSpecificApks) {
    Optional<Path> baseApkPath = getBaseApkPath(deviceSpecificApks);
    if (!baseApkPath.isPresent()) {
        throw InvalidCommandException.builder().withInternalMessage("The provided list of device specific APKs must either contain a single APK, or, if" + " multiple APK files are present, base.apk file.").build();
    }
    TransparencyCheckResult.Builder result = TransparencyCheckResult.builder();
    ApkSignatureVerifier.Result apkSignatureVerificationResult = ApkSignatureVerifier.verify(deviceSpecificApks);
    if (!apkSignatureVerificationResult.verified()) {
        return result.errorMessage("Verification failed: " + apkSignatureVerificationResult.getErrorMessage()).build();
    }
    result.apkSigningKeyCertificateFingerprint(apkSignatureVerificationResult.getApkSigningKeyCertificateFingerprint());
    try (ZipFile baseApkFile = ZipUtils.openZipFile(baseApkPath.get())) {
        Optional<ZipEntry> transparencyFileEntry = Optional.ofNullable(baseApkFile.getEntry(TRANSPARENCY_FILE_ZIP_ENTRY_NAME));
        if (!transparencyFileEntry.isPresent()) {
            throw InvalidCommandException.builder().withInternalMessage("Could not verify code transparency because transparency file is not present in the" + " APK.").build();
        }
        JsonWebSignature jws = CodeTransparencyCryptoUtils.parseJws(ZipUtils.asByteSource(baseApkFile, transparencyFileEntry.get()));
        boolean signatureVerified = CodeTransparencyCryptoUtils.verifySignature(jws);
        if (!signatureVerified) {
            return result.errorMessage("Verification failed because code transparency signature is invalid.").build();
        }
        result.transparencySignatureVerified(true).transparencyKeyCertificateFingerprint(CodeTransparencyCryptoUtils.getCertificateFingerprint(jws));
        CodeTransparency codeTransparencyMetadata = CodeTransparencyFactory.parseFrom(jws.getUnverifiedPayload());
        CodeTransparencyVersion.checkVersion(codeTransparencyMetadata);
        ImmutableSet<String> pathsToModifiedFiles = getModifiedFiles(codeTransparencyMetadata, deviceSpecificApks);
        result.fileContentsVerified(pathsToModifiedFiles.isEmpty());
        if (!pathsToModifiedFiles.isEmpty()) {
            result.errorMessage("Verification failed because code was modified after code transparency metadata" + " generation. Modified files: " + pathsToModifiedFiles);
        }
        return result.build();
    } catch (IOException e) {
        throw new UncheckedIOException("An error occurred when processing the file.", e);
    }
}
Also used : Path(java.nio.file.Path) ZipEntry(java.util.zip.ZipEntry) UncheckedIOException(java.io.UncheckedIOException) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) ZipFile(java.util.zip.ZipFile) JsonWebSignature(org.jose4j.jws.JsonWebSignature) CodeTransparency(com.android.bundle.CodeTransparencyOuterClass.CodeTransparency)

Aggregations

CodeTransparency (com.android.bundle.CodeTransparencyOuterClass.CodeTransparency)6 ZipFile (java.util.zip.ZipFile)5 JsonWebSignature (org.jose4j.jws.JsonWebSignature)5 AppBundle (com.android.tools.build.bundletool.model.AppBundle)4 ByteSource (com.google.common.io.ByteSource)4 Path (java.nio.file.Path)4 Test (org.junit.Test)4 CodeRelatedFile (com.android.bundle.CodeTransparencyOuterClass.CodeRelatedFile)3 AppBundleSerializer (com.android.tools.build.bundletool.io.AppBundleSerializer)2 BundleMetadata (com.android.tools.build.bundletool.model.BundleMetadata)2 InvalidBundleException (com.android.tools.build.bundletool.model.exceptions.InvalidBundleException)2 AppBundleBuilder (com.android.tools.build.bundletool.testing.AppBundleBuilder)2 CertificateFactory (com.android.tools.build.bundletool.testing.CertificateFactory)2 ManifestProtoUtils.androidManifest (com.android.tools.build.bundletool.testing.ManifestProtoUtils.androidManifest)2 Hashing (com.google.common.hash.Hashing)2 CharSource (com.google.common.io.CharSource)2 Truth.assertThat (com.google.common.truth.Truth.assertThat)2 Charset (java.nio.charset.Charset)2 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial