diff options
| author | 2020-02-06 14:32:02 +0000 | |
|---|---|---|
| committer | 2020-02-06 18:05:28 +0000 | |
| commit | e5a165f39d4fd0c5f7bcc11515da6602a59f614d (patch) | |
| tree | 0d8d2c2c8af3361c638f51d22fd3e8a37fe09683 | |
| parent | c93be974bfb1973cd66ec82fec06b5b8c88fc611 (diff) | |
Fix the isHashed value to true for all certificate keys.
Bug: 148955753
Test: atest frameworks/base/core/tests/coretests/src/android/content/integrity
Change-Id: I7c19fa9a37a3ab94453e9520c14f964fdc952439
3 files changed, 14 insertions, 8 deletions
diff --git a/core/java/android/content/integrity/AtomicFormula.java b/core/java/android/content/integrity/AtomicFormula.java index 439d53661b8e..d25f413bb65f 100644 --- a/core/java/android/content/integrity/AtomicFormula.java +++ b/core/java/android/content/integrity/AtomicFormula.java @@ -332,9 +332,12 @@ public abstract class AtomicFormula extends IntegrityFormula { * Constructs a new {@link StringAtomicFormula} together with handling the necessary * hashing for the given key. * - * <p> The value will be hashed with SHA256 and the hex digest will be computed; for - * all cases except when the key is PACKAGE_NAME or INSTALLER_NAME and the value - * is less than 33 characters. + * <p> The value will be automatically hashed with SHA256 and the hex digest will be + * computed when the key is PACKAGE_NAME or INSTALLER_NAME and the value is more than 32 + * characters. + * + * <p> The APP_CERTIFICATES and INSTALLER_CERTIFICATES are always delivered in hashed + * form. So the isHashedValue is set to true by default. * * @throws IllegalArgumentException if {@code key} cannot be used with string value. */ @@ -348,7 +351,10 @@ public abstract class AtomicFormula extends IntegrityFormula { String.format( "Key %s cannot be used with StringAtomicFormula", keyToString(key))); mValue = hashValue(key, value); - mIsHashedValue = !mValue.equals(value); + mIsHashedValue = + key == APP_CERTIFICATE || key == INSTALLER_CERTIFICATE + ? true + : !mValue.equals(value); } StringAtomicFormula(Parcel in) { diff --git a/core/tests/coretests/src/android/content/integrity/AtomicFormulaTest.java b/core/tests/coretests/src/android/content/integrity/AtomicFormulaTest.java index 7733559c156a..3273e5dd32ba 100644 --- a/core/tests/coretests/src/android/content/integrity/AtomicFormulaTest.java +++ b/core/tests/coretests/src/android/content/integrity/AtomicFormulaTest.java @@ -97,7 +97,7 @@ public class AtomicFormulaTest { assertThat(stringAtomicFormula.getKey()).isEqualTo(AtomicFormula.APP_CERTIFICATE); assertThat(stringAtomicFormula.getValue()).matches(appCert); - assertThat(stringAtomicFormula.getIsHashedValue()).isFalse(); + assertThat(stringAtomicFormula.getIsHashedValue()).isTrue(); } @Test @@ -110,7 +110,7 @@ public class AtomicFormulaTest { assertThat(stringAtomicFormula.getKey()).isEqualTo( AtomicFormula.INSTALLER_CERTIFICATE); assertThat(stringAtomicFormula.getValue()).matches(installerCert); - assertThat(stringAtomicFormula.getIsHashedValue()).isFalse(); + assertThat(stringAtomicFormula.getIsHashedValue()).isTrue(); } @Test diff --git a/core/tests/coretests/src/android/content/integrity/IntegrityFormulaTest.java b/core/tests/coretests/src/android/content/integrity/IntegrityFormulaTest.java index dc03167f51a9..75ef1f22b819 100644 --- a/core/tests/coretests/src/android/content/integrity/IntegrityFormulaTest.java +++ b/core/tests/coretests/src/android/content/integrity/IntegrityFormulaTest.java @@ -54,7 +54,7 @@ public class IntegrityFormulaTest { assertThat(stringAtomicFormula.getKey()).isEqualTo(AtomicFormula.APP_CERTIFICATE); assertThat(stringAtomicFormula.getValue()).matches(appCertificate); - assertThat(stringAtomicFormula.getIsHashedValue()).isFalse(); + assertThat(stringAtomicFormula.getIsHashedValue()).isTrue(); } @Test @@ -82,7 +82,7 @@ public class IntegrityFormulaTest { assertThat(stringAtomicFormula.getKey()).isEqualTo(AtomicFormula.INSTALLER_CERTIFICATE); assertThat(stringAtomicFormula.getValue()).matches(installerCertificate); - assertThat(stringAtomicFormula.getIsHashedValue()).isFalse(); + assertThat(stringAtomicFormula.getIsHashedValue()).isTrue(); } @Test |