diff options
| -rw-r--r-- | core/java/android/util/jar/StrictJarVerifier.java | 22 | ||||
| -rw-r--r-- | services/core/java/com/android/server/pm/ShortcutPackageInfo.java | 9 |
2 files changed, 20 insertions, 11 deletions
diff --git a/core/java/android/util/jar/StrictJarVerifier.java b/core/java/android/util/jar/StrictJarVerifier.java index cb71ecc1da8b..debc170fa537 100644 --- a/core/java/android/util/jar/StrictJarVerifier.java +++ b/core/java/android/util/jar/StrictJarVerifier.java @@ -17,7 +17,7 @@ package android.util.jar; -import java.io.ByteArrayInputStream; +import android.util.apk.ApkSignatureSchemeV2Verifier; import java.io.IOException; import java.io.OutputStream; import java.nio.charset.StandardCharsets; @@ -33,13 +33,9 @@ import java.util.Iterator; import java.util.List; import java.util.Locale; import java.util.Map; -import java.util.Set; import java.util.StringTokenizer; import java.util.jar.Attributes; import java.util.jar.JarFile; -import android.util.ArraySet; -import android.util.apk.ApkSignatureSchemeV2Verifier; -import libcore.io.Base64; import sun.security.jca.Providers; import sun.security.pkcs.PKCS7; import sun.security.pkcs.SignerInfo; @@ -139,7 +135,7 @@ class StrictJarVerifier { */ void verify() { byte[] d = digest.digest(); - if (!MessageDigest.isEqual(d, Base64.decode(hash))) { + if (!verifyMessageDigest(d, hash)) { throw invalidDigest(JarFile.MANIFEST_NAME, name, name); } verifiedEntries.put(name, certChains); @@ -490,12 +486,22 @@ class StrictJarVerifier { md.update(data, start, end - start); } byte[] b = md.digest(); - byte[] hashBytes = hash.getBytes(StandardCharsets.ISO_8859_1); - return MessageDigest.isEqual(b, Base64.decode(hashBytes)); + byte[] encodedHashBytes = hash.getBytes(StandardCharsets.ISO_8859_1); + return verifyMessageDigest(b, encodedHashBytes); } return ignorable; } + private static boolean verifyMessageDigest(byte[] expected, byte[] encodedActual) { + byte[] actual; + try { + actual = java.util.Base64.getDecoder().decode(encodedActual); + } catch (IllegalArgumentException e) { + return false; + } + return MessageDigest.isEqual(expected, actual); + } + /** * Returns all of the {@link java.security.cert.Certificate} chains that * were used to verify the signature on the JAR entry called diff --git a/services/core/java/com/android/server/pm/ShortcutPackageInfo.java b/services/core/java/com/android/server/pm/ShortcutPackageInfo.java index 74969f02d702..f9502696335c 100644 --- a/services/core/java/com/android/server/pm/ShortcutPackageInfo.java +++ b/services/core/java/com/android/server/pm/ShortcutPackageInfo.java @@ -21,7 +21,6 @@ import android.util.Slog; import com.android.server.backup.BackupUtils; -import libcore.io.Base64; import libcore.util.HexEncoding; import org.xmlpull.v1.XmlPullParser; @@ -31,6 +30,7 @@ import org.xmlpull.v1.XmlSerializer; import java.io.IOException; import java.io.PrintWriter; import java.util.ArrayList; +import java.util.Base64; /** * Package information used by {@link android.content.pm.ShortcutManager} for backup / restore. @@ -143,7 +143,8 @@ class ShortcutPackageInfo { for (int i = 0; i < mSigHashes.size(); i++) { out.startTag(null, TAG_SIGNATURE); - ShortcutService.writeAttr(out, ATTR_SIGNATURE_HASH, Base64.encode(mSigHashes.get(i))); + final String encoded = Base64.getEncoder().encodeToString(mSigHashes.get(i)); + ShortcutService.writeAttr(out, ATTR_SIGNATURE_HASH, encoded); out.endTag(null, TAG_SIGNATURE); } out.endTag(null, TAG_ROOT); @@ -175,7 +176,9 @@ class ShortcutPackageInfo { case TAG_SIGNATURE: { final String hash = ShortcutService.parseStringAttribute( parser, ATTR_SIGNATURE_HASH); - hashes.add(Base64.decode(hash.getBytes())); + // Throws IllegalArgumentException if hash is invalid base64 data + final byte[] decoded = Base64.getDecoder().decode(hash); + hashes.add(decoded); continue; } } |