1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.content.pm; 18 19 import android.annotation.IntDef; 20 import android.annotation.NonNull; 21 import android.os.Parcel; 22 import android.os.Parcelable; 23 24 import com.android.internal.util.DataClass; 25 26 import java.io.DataInputStream; 27 import java.io.DataOutputStream; 28 import java.io.IOException; 29 import java.lang.annotation.Retention; 30 import java.lang.annotation.RetentionPolicy; 31 32 /** 33 * A typed checksum. 34 * 35 * @see ApkChecksum 36 * @see PackageManager#requestChecksums 37 */ 38 @DataClass(genConstDefs = false) 39 public final class Checksum implements Parcelable { 40 /** 41 * Root SHA256 hash of a 4K Merkle tree computed over all file bytes. 42 * <a href="https://source.android.com/security/apksigning/v4">See APK Signature Scheme V4</a>. 43 * <a href="https://www.kernel.org/doc/html/latest/filesystems/fsverity.html">See fs-verity</a>. 44 * 45 * Recommended for all new applications. 46 * Can be used by kernel to enforce authenticity and integrity of the APK. 47 * <a href="https://www.kernel.org/doc/html/latest/filesystems/fsverity.html">See fs-verity for details</a> 48 * 49 * @see PackageManager#requestChecksums 50 */ 51 public static final int TYPE_WHOLE_MERKLE_ROOT_4K_SHA256 = 0x00000001; 52 53 /** 54 * MD5 hash computed over all file bytes. 55 * 56 * @see PackageManager#requestChecksums 57 * @deprecated Not platform enforced. Cryptographically broken and unsuitable for further use. 58 * Use platform enforced digests e.g. {@link #TYPE_WHOLE_MERKLE_ROOT_4K_SHA256}. 59 * Provided for completeness' sake and to support legacy usecases. 60 */ 61 @Deprecated 62 public static final int TYPE_WHOLE_MD5 = 0x00000002; 63 64 /** 65 * SHA1 hash computed over all file bytes. 66 * 67 * @see PackageManager#requestChecksums 68 * @deprecated Not platform enforced. Broken and should not be used. 69 * Use platform enforced digests e.g. {@link #TYPE_WHOLE_MERKLE_ROOT_4K_SHA256}. 70 * Provided for completeness' sake and to support legacy usecases. 71 */ 72 @Deprecated 73 public static final int TYPE_WHOLE_SHA1 = 0x00000004; 74 75 /** 76 * SHA256 hash computed over all file bytes. 77 * @deprecated Not platform enforced. 78 * Use platform enforced digests e.g. {@link #TYPE_WHOLE_MERKLE_ROOT_4K_SHA256}. 79 * Provided for completeness' sake and to support legacy usecases. 80 * 81 * @see PackageManager#requestChecksums 82 */ 83 @Deprecated 84 public static final int TYPE_WHOLE_SHA256 = 0x00000008; 85 86 /** 87 * SHA512 hash computed over all file bytes. 88 * @deprecated Not platform enforced. 89 * Use platform enforced digests e.g. {@link #TYPE_WHOLE_MERKLE_ROOT_4K_SHA256}. 90 * Provided for completeness' sake and to support legacy usecases. 91 * 92 * @see PackageManager#requestChecksums 93 */ 94 @Deprecated 95 public static final int TYPE_WHOLE_SHA512 = 0x00000010; 96 97 /** 98 * Root SHA256 hash of a 1M Merkle tree computed over protected content. 99 * Excludes signing block. 100 * <a href="https://source.android.com/security/apksigning/v2">See APK Signature Scheme V2</a>. 101 * 102 * @see PackageManager#requestChecksums 103 */ 104 public static final int TYPE_PARTIAL_MERKLE_ROOT_1M_SHA256 = 0x00000020; 105 106 /** 107 * Root SHA512 hash of a 1M Merkle tree computed over protected content. 108 * Excludes signing block. 109 * <a href="https://source.android.com/security/apksigning/v2">See APK Signature Scheme V2</a>. 110 * 111 * @see PackageManager#requestChecksums 112 */ 113 public static final int TYPE_PARTIAL_MERKLE_ROOT_1M_SHA512 = 0x00000040; 114 115 /** @hide */ 116 @IntDef(prefix = {"TYPE_"}, value = { 117 TYPE_WHOLE_MERKLE_ROOT_4K_SHA256, 118 TYPE_WHOLE_MD5, 119 TYPE_WHOLE_SHA1, 120 TYPE_WHOLE_SHA256, 121 TYPE_WHOLE_SHA512, 122 TYPE_PARTIAL_MERKLE_ROOT_1M_SHA256, 123 TYPE_PARTIAL_MERKLE_ROOT_1M_SHA512, 124 }) 125 @Retention(RetentionPolicy.SOURCE) 126 public @interface Type {} 127 128 /** @hide */ 129 @IntDef(flag = true, prefix = {"TYPE_"}, value = { 130 TYPE_WHOLE_MERKLE_ROOT_4K_SHA256, 131 TYPE_WHOLE_MD5, 132 TYPE_WHOLE_SHA1, 133 TYPE_WHOLE_SHA256, 134 TYPE_WHOLE_SHA512, 135 TYPE_PARTIAL_MERKLE_ROOT_1M_SHA256, 136 TYPE_PARTIAL_MERKLE_ROOT_1M_SHA512, 137 }) 138 @Retention(RetentionPolicy.SOURCE) 139 public @interface TypeMask {} 140 141 /** 142 * Max size of checksum in bytes. 143 * sizeof(SHA512) == 64 bytes 144 * @hide 145 */ 146 public static final int MAX_CHECKSUM_SIZE_BYTES = 64; 147 148 /** 149 * Serialize checksum to the stream in binary format. 150 * @hide 151 */ writeToStream(@onNull DataOutputStream dos, @NonNull Checksum checksum)152 public static void writeToStream(@NonNull DataOutputStream dos, @NonNull Checksum checksum) 153 throws IOException { 154 dos.writeInt(checksum.getType()); 155 156 final byte[] valueBytes = checksum.getValue(); 157 dos.writeInt(valueBytes.length); 158 dos.write(valueBytes); 159 } 160 161 /** 162 * Deserialize checksum previously stored in 163 * {@link #writeToStream(DataOutputStream, Checksum)}. 164 * @hide 165 */ readFromStream(@onNull DataInputStream dis)166 public static @NonNull Checksum readFromStream(@NonNull DataInputStream dis) 167 throws IOException { 168 final int type = dis.readInt(); 169 170 final byte[] valueBytes = new byte[dis.readInt()]; 171 dis.read(valueBytes); 172 return new Checksum(type, valueBytes); 173 } 174 175 /** 176 * Checksum type. 177 */ 178 private final @Checksum.Type int mType; 179 /** 180 * Checksum value. 181 */ 182 private final @NonNull byte[] mValue; 183 184 185 186 // Code below generated by codegen v1.0.23. 187 // 188 // DO NOT MODIFY! 189 // CHECKSTYLE:OFF Generated code 190 // 191 // To regenerate run: 192 // $ codegen $ANDROID_BUILD_TOP/frameworks/base/core/java/android/content/pm/Checksum.java 193 // 194 // To exclude the generated code from IntelliJ auto-formatting enable (one-time): 195 // Settings > Editor > Code Style > Formatter Control 196 //@formatter:off 197 198 199 /** 200 * Creates a new Checksum. 201 * 202 * @param type 203 * Checksum type. 204 * @param value 205 * Checksum value. 206 */ 207 @DataClass.Generated.Member Checksum( @hecksum.Type int type, @NonNull byte[] value)208 public Checksum( 209 @Checksum.Type int type, 210 @NonNull byte[] value) { 211 this.mType = type; 212 com.android.internal.util.AnnotationValidations.validate( 213 Checksum.Type.class, null, mType); 214 this.mValue = value; 215 com.android.internal.util.AnnotationValidations.validate( 216 NonNull.class, null, mValue); 217 218 // onConstructed(); // You can define this method to get a callback 219 } 220 221 /** 222 * Checksum type. 223 */ 224 @DataClass.Generated.Member getType()225 public @Checksum.Type int getType() { 226 return mType; 227 } 228 229 /** 230 * Checksum value. 231 */ 232 @DataClass.Generated.Member getValue()233 public @NonNull byte[] getValue() { 234 return mValue; 235 } 236 237 @Override 238 @DataClass.Generated.Member writeToParcel(@onNull Parcel dest, int flags)239 public void writeToParcel(@NonNull Parcel dest, int flags) { 240 // You can override field parcelling by defining methods like: 241 // void parcelFieldName(Parcel dest, int flags) { ... } 242 243 dest.writeInt(mType); 244 dest.writeByteArray(mValue); 245 } 246 247 @Override 248 @DataClass.Generated.Member describeContents()249 public int describeContents() { return 0; } 250 251 /** @hide */ 252 @SuppressWarnings({"unchecked", "RedundantCast"}) 253 @DataClass.Generated.Member Checksum(@onNull Parcel in)254 /* package-private */ Checksum(@NonNull Parcel in) { 255 // You can override field unparcelling by defining methods like: 256 // static FieldType unparcelFieldName(Parcel in) { ... } 257 258 int type = in.readInt(); 259 byte[] value = in.createByteArray(); 260 261 this.mType = type; 262 com.android.internal.util.AnnotationValidations.validate( 263 Checksum.Type.class, null, mType); 264 this.mValue = value; 265 com.android.internal.util.AnnotationValidations.validate( 266 NonNull.class, null, mValue); 267 268 // onConstructed(); // You can define this method to get a callback 269 } 270 271 @DataClass.Generated.Member 272 public static final @NonNull Parcelable.Creator<Checksum> CREATOR 273 = new Parcelable.Creator<Checksum>() { 274 @Override 275 public Checksum[] newArray(int size) { 276 return new Checksum[size]; 277 } 278 279 @Override 280 public Checksum createFromParcel(@NonNull Parcel in) { 281 return new Checksum(in); 282 } 283 }; 284 285 @DataClass.Generated( 286 time = 1700002689652L, 287 codegenVersion = "1.0.23", 288 sourceFile = "frameworks/base/core/java/android/content/pm/Checksum.java", 289 inputSignatures = "public static final int TYPE_WHOLE_MERKLE_ROOT_4K_SHA256\npublic static final @java.lang.Deprecated int TYPE_WHOLE_MD5\npublic static final @java.lang.Deprecated int TYPE_WHOLE_SHA1\npublic static final @java.lang.Deprecated int TYPE_WHOLE_SHA256\npublic static final @java.lang.Deprecated int TYPE_WHOLE_SHA512\npublic static final int TYPE_PARTIAL_MERKLE_ROOT_1M_SHA256\npublic static final int TYPE_PARTIAL_MERKLE_ROOT_1M_SHA512\npublic static final int MAX_CHECKSUM_SIZE_BYTES\nprivate final @android.content.pm.Checksum.Type int mType\nprivate final @android.annotation.NonNull byte[] mValue\npublic static void writeToStream(java.io.DataOutputStream,android.content.pm.Checksum)\npublic static @android.annotation.NonNull android.content.pm.Checksum readFromStream(java.io.DataInputStream)\nclass Checksum extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genConstDefs=false)") 290 @Deprecated __metadata()291 private void __metadata() {} 292 293 294 //@formatter:on 295 // End of generated code 296 297 } 298