Lines Matching refs:apk
17 package android.util.apk;
19 import static android.util.apk.ApkSigningBlockUtils.CONTENT_DIGEST_VERITY_CHUNKED_SHA256;
20 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_DSA_WITH_SHA256;
21 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_ECDSA_WITH_SHA256;
22 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_ECDSA_WITH_SHA512;
23 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA256;
24 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA512;
25 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_RSA_PSS_WITH_SHA256;
26 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_RSA_PSS_WITH_SHA512;
27 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_VERITY_DSA_WITH_SHA256;
28 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_VERITY_ECDSA_WITH_SHA256;
29 import static android.util.apk.ApkSigningBlockUtils.SIGNATURE_VERITY_RSA_PKCS1_V1_5_WITH_SHA256;
30 import static android.util.apk.ApkSigningBlockUtils.compareSignatureAlgorithm;
31 import static android.util.apk.ApkSigningBlockUtils.getContentDigestAlgorithmJcaDigestAlgorithm;
32 import static android.util.apk.ApkSigningBlockUtils.getLengthPrefixedSlice;
33 import static android.util.apk.ApkSigningBlockUtils.getSignatureAlgorithmContentDigestAlgorithm;
34 import static android.util.apk.ApkSigningBlockUtils.getSignatureAlgorithmJcaKeyAlgorithm;
35 import static android.util.apk.ApkSigningBlockUtils.getSignatureAlgorithmJcaSignatureAlgorithm;
36 import static android.util.apk.ApkSigningBlockUtils.readLengthPrefixedByteArray;
67 * APK Signature Scheme v2 verifier.
69 * <p>APK Signature Scheme v2 is a whole-file signature scheme which aims to protect every single
70 * bit of the APK, as opposed to the JAR Signature Scheme which protects only the names and
73 * @see <a href="https://source.android.com/security/apksigning/v2.html">APK Signature Scheme v2</a>
80 * ID of this signature scheme as used in X-Android-APK-Signed header used in JAR signing.
87 * Returns {@code true} if the provided APK contains an APK Signature Scheme V2 signature.
92 try (RandomAccessFile apk = new RandomAccessFile(apkFile, "r")) {
93 findSignature(apk);
101 * Verifies APK Signature Scheme v2 signatures of the provided APK and returns the certificates
104 * @throws SignatureNotFoundException if the APK is not signed using APK Signature Scheme v2.
105 * @throws SecurityException if a APK Signature Scheme v2 signature of this APK does not verify.
106 * @throws IOException if an I/O error occurs while reading the APK file.
115 * Returns the certificates associated with each signer for the given APK without verification.
117 * APK is trusted. Specifically, verification is only done for the APK Signature Scheme v2
118 * Block while gathering signer information. The APK contents are not verified.
120 * @throws SignatureNotFoundException if the APK is not signed using APK Signature Scheme v2.
121 * @throws IOException if an I/O error occurs while reading the APK file.
131 try (RandomAccessFile apk = new RandomAccessFile(apkFile, "r")) {
132 return verify(apk, verifyIntegrity);
137 * Verifies APK Signature Scheme v2 signatures of the provided APK and returns the certificates
140 * @throws SignatureNotFoundException if the APK is not signed using APK Signature Scheme v2.
141 * @throws SecurityException if an APK Signature Scheme v2 signature of this APK does not
143 * @throws IOException if an I/O error occurs while reading the APK file.
145 private static VerifiedSigner verify(RandomAccessFile apk, boolean verifyIntegrity)
147 SignatureInfo signatureInfo = findSignature(apk);
148 return verify(apk, signatureInfo, verifyIntegrity);
152 * Returns the APK Signature Scheme v2 block contained in the provided APK file and the
155 * @throws SignatureNotFoundException if the APK is not signed using APK Signature Scheme v2.
156 * @throws IOException if an I/O error occurs while reading the APK file.
158 private static SignatureInfo findSignature(RandomAccessFile apk)
160 return ApkSigningBlockUtils.findSignature(apk, APK_SIGNATURE_SCHEME_V2_BLOCK_ID);
164 * Verifies the contents of the provided APK file against the provided APK Signature Scheme v2
167 * @param signatureInfo APK Signature Scheme v2 Block and information relevant for verifying it
168 * against the APK file.
171 RandomAccessFile apk,
211 ApkSigningBlockUtils.verifyIntegrity(contentDigests, apk, signatureInfo);
218 verityDigest, apk.length(), signatureInfo);
366 // Attribute to check whether a newer APK Signature Scheme signature was stripped
387 throw new SecurityException("V2 signature indicates APK is signed using APK"
401 try (RandomAccessFile apk = new RandomAccessFile(apkPath, "r")) {
402 SignatureInfo signatureInfo = findSignature(apk);
403 VerifiedSigner vSigner = verify(apk, false);
411 try (RandomAccessFile apk = new RandomAccessFile(apkPath, "r")) {
412 SignatureInfo signatureInfo = findSignature(apk);
420 try (RandomAccessFile apk = new RandomAccessFile(apkPath, "r")) {
421 SignatureInfo signatureInfo = findSignature(apk);
422 VerifiedSigner vSigner = verify(apk, false);
427 apk, ByteBuffer.wrap(vSigner.verityRootHash), signatureInfo);
450 * Verified APK Signature Scheme v2 signer.
