Convert the app signature check to use SHA-256 instead of SHA1.

Test:atest cts/tests/tests/telephony/current/src/android/telephony/cts/TelephonyManagerTest.java
Test2:atest cts/tests/tests/telephony/current/src/android/telephony/cts/TelephonyManagerTestOnMockModem.java
Test3: manual test with Fi's TychoApk-debug.apk
Bug: 321868791
Bug: 326325598
Change-Id: I96cb01864b3db3640664d549337fbe30aee262c9
diff --git a/src/com/android/phone/TelephonyShellCommand.java b/src/com/android/phone/TelephonyShellCommand.java
index 429b7cc..80304b2 100644
--- a/src/com/android/phone/TelephonyShellCommand.java
+++ b/src/com/android/phone/TelephonyShellCommand.java
@@ -3883,7 +3883,7 @@
     /**
      * Building the string that can be used to build the JsonObject which supports to stub the data
      * in CarrierAllowListInfo for CTS testing. sample format is like
-     * {"com.android.example":{"carrierIds":[10000],"callerSHA1Id":["XXXXXXXXXXXXXX"]}}
+     * {"com.android.example":{"carrierIds":[10000],"callerSHA256Ids":["XXXXXXXXXXXXXX"]}}
      */
     private String convertToJsonString(int index, String param) {
 
diff --git a/src/com/android/phone/utils/CarrierAllowListInfo.java b/src/com/android/phone/utils/CarrierAllowListInfo.java
index 62b71ff..3ab9733 100644
--- a/src/com/android/phone/utils/CarrierAllowListInfo.java
+++ b/src/com/android/phone/utils/CarrierAllowListInfo.java
@@ -23,7 +23,6 @@
 import android.content.pm.Signature;
 import android.telephony.Rlog;
 import android.text.TextUtils;
-import android.util.Log;
 
 import com.android.internal.telephony.uicc.IccUtils;
 
@@ -46,8 +45,8 @@
     private static final String LOG_TAG = "CarrierAllowListInfo";
     private JSONObject mDataJSON;
     private static final String JSON_CHARSET = "UTF-8";
-    private static final String MESSAGE_DIGEST_ALGORITHM = "SHA1";
-    private static final String CALLER_SHA_1_ID = "callerSHA1Id";
+    private static final String MESSAGE_DIGEST_256_ALGORITHM = "SHA-256";
+    private static final String CALLER_SHA256_ID = "callerSHA256Ids";
     private static final String CALLER_CARRIER_ID = "carrierIds";
     public static final int INVALID_CARRIER_ID = -1;
 
@@ -96,7 +95,7 @@
         try {
             if (mDataJSON != null && callerPackage != null) {
                 JSONObject callerJSON = mDataJSON.getJSONObject(callerPackage.trim());
-                JSONArray callerJSONArray = callerJSON.getJSONArray(CALLER_SHA_1_ID);
+                JSONArray callerJSONArray = callerJSON.getJSONArray(CALLER_SHA256_ID);
                 JSONArray carrierIdArray = callerJSON.getJSONArray(CALLER_CARRIER_ID);
 
                 Set<Integer> carrierIds = new HashSet<>();
@@ -142,7 +141,7 @@
 
     /**
      * API fetches all the related signatures of the given package from the packageManager
-     * and validate all the signatures.
+     * and validate all the signatures using SHA-256.
      *
      * @param context             context
      * @param packageName         package name of the caller to validate the signatures.
@@ -158,13 +157,13 @@
         }
         final PackageManager packageManager = context.getPackageManager();
         try {
-            MessageDigest sha1MDigest = MessageDigest.getInstance(MESSAGE_DIGEST_ALGORITHM);
+            MessageDigest sha256MDigest = MessageDigest.getInstance(MESSAGE_DIGEST_256_ALGORITHM);
             final PackageInfo packageInfo = packageManager.getPackageInfo(packageName,
                     PackageManager.GET_SIGNATURES);
             for (Signature signature : packageInfo.signatures) {
-                final byte[] signatureSha1 = sha1MDigest.digest(signature.toByteArray());
-                final String hexSignatureSha1 = IccUtils.bytesToHexString(signatureSha1);
-                if (!allowListSignatures.contains(hexSignatureSha1)) {
+                final byte[] signatureSha256 = sha256MDigest.digest(signature.toByteArray());
+                final String hexSignatureSha256 = IccUtils.bytesToHexString(signatureSha256);
+                if (!allowListSignatures.contains(hexSignatureSha256)) {
                     return false;
                 }
             }
@@ -214,7 +213,7 @@
         if (carrierInfo != null && carrierInfo.getCallerCarrierIdList().contains(carrierId)) {
             return carrierInfo.getSHAIdList();
         }
-        Rlog.e(LOG_TAG, "getShaIdList carrierId or shaIdList is empty");
+        Rlog.e(LOG_TAG, "getShaIdList: carrierId or shaIdList is empty");
         return Collections.EMPTY_LIST;
     }
 }