Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / d73d0ff44cdcd1a6090b8dee6a231867315a8dcb^! / . / libs / apkverify / src / algorithms.rs
commitd73d0ff44cdcd1a6090b8dee6a231867315a8dcb[log] [tgz]
authorAlice Wang <aliceywang@google.com>Tue Sep 20 11:33:30 2022 +0000
committerAlice Wang <aliceywang@google.com>Tue Sep 20 17:24:33 2022 +0000
treef5aad8b0f2b9df74552793744eef7836732c8c81
parent7eaeda0f33e3fd145224a8885f64a46573414db6 [diff] [blame]
[apkverify] Use SignatureAlgorithmID in Digest/Signature

This CL uses SignatureAlgorithmID for the signature_algorithm_id
field in Digest/Signature.

Bug: 246254355
Test: libapkverify.integration_test
Change-Id: Ic36c001b007f80498479c2cc2cdf8991c548d1da

diff --git a/libs/apkverify/src/algorithms.rs b/libs/apkverify/src/algorithms.rs
index 622df3b..a1cf368 100644
--- a/libs/apkverify/src/algorithms.rs
+++ b/libs/apkverify/src/algorithms.rs

@@ -17,19 +17,22 @@
 //! Algorithms used for APK Signature Scheme.
 
 use anyhow::{ensure, Result};
+use bytes::{Buf, Bytes};
 use num_derive::{FromPrimitive, ToPrimitive};
-use num_traits::ToPrimitive;
+use num_traits::{FromPrimitive, ToPrimitive};
 use openssl::hash::MessageDigest;
 use openssl::pkey::{self, PKey};
 use openssl::rsa::Padding;
 use openssl::sign::Verifier;
 use serde::{Deserialize, Serialize};
 
+use crate::bytes_ext::ReadFromBytes;
+
 /// [Signature Algorithm IDs]: https://source.android.com/docs/security/apksigning/v2#signature-algorithm-ids
 /// [SignatureAlgorithm.java]: (tools/apksig/src/main/java/com/android/apksig/internal/apk/SignatureAlgorithm.java)
 ///
 /// Some of the algorithms are not implemented. See b/197052981.
-#[derive(Serialize, Deserialize, Clone, Debug, Eq, PartialEq, FromPrimitive, ToPrimitive)]
+#[derive(Serialize, Deserialize, Clone, Copy, Debug, Eq, PartialEq, FromPrimitive, ToPrimitive)]
 #[repr(u32)]
 pub enum SignatureAlgorithmID {
     /// RSASSA-PSS with SHA2-256 digest, SHA2-256 MGF1, 32 bytes of salt, trailer: 0xbc, content
@@ -78,6 +81,12 @@
     }
 }
 
+impl ReadFromBytes for Option<SignatureAlgorithmID> {
+    fn read_from_bytes(buf: &mut Bytes) -> Result<Self> {
+        Ok(SignatureAlgorithmID::from_u32(buf.get_u32_le()))
+    }
+}
+
 impl SignatureAlgorithmID {
     /// Converts the signature algorithm ID to the corresponding u32.
     pub fn to_u32(&self) -> u32 {
@@ -153,7 +162,7 @@
         }
     }
 
-    pub(crate) fn to_content_digest_algorithm(&self) -> ContentDigestAlgorithm {
+    pub(crate) fn content_digest_algorithm(&self) -> ContentDigestAlgorithm {
         match self {
             SignatureAlgorithmID::RsaPssWithSha256
             | SignatureAlgorithmID::RsaPkcs1V15WithSha256