Merge "[apkverify] Remove the Ord implementation for SignatureAlgorithmID"
diff --git a/libs/apkverify/src/algorithms.rs b/libs/apkverify/src/algorithms.rs
index 9e6c415..9a5144c 100644
--- a/libs/apkverify/src/algorithms.rs
+++ b/libs/apkverify/src/algorithms.rs
@@ -22,13 +22,12 @@
use openssl::pkey::{self, PKey};
use openssl::rsa::Padding;
use openssl::sign::Verifier;
-use std::cmp::Ordering;
/// [Signature Algorithm IDs]: https://source.android.com/docs/security/apksigning/v2#signature-algorithm-ids
/// [SignatureAlgorithm.java]: (tools/apksig/src/main/java/com/android/apksig/internal/apk/SignatureAlgorithm.java)
///
/// Some of the algorithms are not implemented. See b/197052981.
-#[derive(Clone, Debug, Eq, FromPrimitive, ToPrimitive)]
+#[derive(Clone, Debug, Eq, PartialEq, FromPrimitive, ToPrimitive)]
#[repr(u32)]
pub enum SignatureAlgorithmID {
/// RSASSA-PSS with SHA2-256 digest, SHA2-256 MGF1, 32 bytes of salt, trailer: 0xbc, content
@@ -77,26 +76,6 @@
}
}
-impl Ord for SignatureAlgorithmID {
- /// Ranks the signature algorithm according to the corresponding content
- /// digest algorithm's rank.
- fn cmp(&self, other: &Self) -> Ordering {
- self.to_content_digest_algorithm().cmp(&other.to_content_digest_algorithm())
- }
-}
-
-impl PartialOrd for SignatureAlgorithmID {
- fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
- Some(self.cmp(other))
- }
-}
-
-impl PartialEq for SignatureAlgorithmID {
- fn eq(&self, other: &Self) -> bool {
- self.cmp(other) == Ordering::Equal
- }
-}
-
impl SignatureAlgorithmID {
pub(crate) fn new_verifier<'a>(
&self,
@@ -167,7 +146,7 @@
}
}
- fn to_content_digest_algorithm(&self) -> ContentDigestAlgorithm {
+ pub(crate) fn to_content_digest_algorithm(&self) -> ContentDigestAlgorithm {
match self {
SignatureAlgorithmID::RsaPssWithSha256
| SignatureAlgorithmID::RsaPkcs1V15WithSha256
@@ -195,7 +174,7 @@
/// [apk digest]: https://source.android.com/docs/security/features/apksigning/v4#apk-digest
/// [v3 verification]: https://source.android.com/docs/security/apksigning/v3#v3-verification
#[derive(Clone, Debug, PartialEq, Eq, PartialOrd, Ord)]
-enum ContentDigestAlgorithm {
+pub(crate) enum ContentDigestAlgorithm {
ChunkedSha256 = 1,
VerityChunkedSha256,
ChunkedSha512,
diff --git a/libs/apkverify/src/v3.rs b/libs/apkverify/src/v3.rs
index 570ad49..2f8fb45 100644
--- a/libs/apkverify/src/v3.rs
+++ b/libs/apkverify/src/v3.rs
@@ -143,7 +143,11 @@
.signatures
.iter()
.filter(|sig| SignatureAlgorithmID::from_u32(sig.signature_algorithm_id).is_some())
- .max_by_key(|sig| SignatureAlgorithmID::from_u32(sig.signature_algorithm_id).unwrap())
+ .max_by_key(|sig| {
+ SignatureAlgorithmID::from_u32(sig.signature_algorithm_id)
+ .unwrap()
+ .to_content_digest_algorithm()
+ })
.context("No supported signatures found")?)
}