info.guardianproject.netcipher.proxy

Class SignatureUtils

java.lang.Object

info.guardianproject.netcipher.proxy.SignatureUtils

public class SignatureUtils
extends java.lang.Object

Method Summary

Modifier and Type	Method and Description
static java.lang.String	getOwnSignatureHash(android.content.Context context)
static java.lang.String	getSignatureHash(android.content.Context context, java.lang.String packageName)
static java.lang.String	toHexStringWithColons(byte[] bytes)
static android.content.Intent	validateActivityIntent(android.content.Context context, android.content.Intent toValidate, java.util.List<java.lang.String> sigHashes, boolean failIfHack) Confirms that the activity for a given Intent has the desired signature hash.
static android.content.Intent	validateActivityIntent(android.content.Context context, android.content.Intent toValidate, java.lang.String sigHash, boolean failIfHack) Confirms that the activity for a given Intent has the desired signature hash.
static android.content.Intent	validateBroadcastIntent(android.content.Context context, android.content.Intent toValidate, java.util.List<java.lang.String> sigHashes, boolean failIfHack) Confirms that the broadcast receiver for a given Intent has a desired signature hash.
static android.content.Intent	validateBroadcastIntent(android.content.Context context, android.content.Intent toValidate, java.lang.String sigHash, boolean failIfHack) Confirms that the broadcast receiver for a given Intent has the desired signature hash.
static android.content.Intent	validateServiceIntent(android.content.Context context, android.content.Intent toValidate, java.util.List<java.lang.String> sigHashes, boolean failIfHack) Confirms that the service for a given Intent has the desired signature hash.
static android.content.Intent	validateServiceIntent(android.content.Context context, android.content.Intent toValidate, java.lang.String sigHash, boolean failIfHack) Confirms that the service for a given Intent has the desired signature hash.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getOwnSignatureHash

public static java.lang.String getOwnSignatureHash(android.content.Context context)
                                            throws android.content.pm.PackageManager.NameNotFoundException,
                                                   java.security.NoSuchAlgorithmException

Throws:

android.content.pm.PackageManager.NameNotFoundException

java.security.NoSuchAlgorithmException

getSignatureHash

public static java.lang.String getSignatureHash(android.content.Context context,
                                                java.lang.String packageName)
                                         throws android.content.pm.PackageManager.NameNotFoundException,
                                                java.security.NoSuchAlgorithmException

Throws:

android.content.pm.PackageManager.NameNotFoundException

java.security.NoSuchAlgorithmException

toHexStringWithColons

public static java.lang.String toHexStringWithColons(byte[] bytes)

validateBroadcastIntent

@Nullable
public static android.content.Intent validateBroadcastIntent(android.content.Context context,
                                                                       android.content.Intent toValidate,
                                                                       java.lang.String sigHash,
                                                                       boolean failIfHack)

Confirms that the broadcast receiver for a given Intent has the desired signature hash.

If you know the package name of the receiver, call setPackage() on the Intent before passing into this method. That will validate whether the package is installed and whether it has the proper signature hash. You can distinguish between these cases by passing true for the failIfHack parameter.

In general, there are three possible outcomes of calling this method:

1. You get a SecurityException, because failIfHack is true, and we found some receiver whose app does not match the desired hash. The user may have installed a repackaged version of this app that is signed by the wrong key.

2. You get null. If failIfHack is true, this means that no receiver was found that matches the Intent. If failIfHack is false, this means that no receiver was found that matches the Intent and has a valid matching signature.

3. You get an Intent. This means we found a matching receiver that has a matching signature. The Intent will be a copy of the passed-in Intent, with the component name set to the matching receiver, so the "broadcast" will only go to this one component.

Parameters:

context - any Context will do; the value is not retained

toValidate - the Intent that you intend to broadcast

sigHash - the signature hash of the app that you expect to handle this broadcast

failIfHack - true if you want a SecurityException if a matching receiver is found but it has the wrong signature hash, false otherwise

Returns:

null if there is no matching receiver with the correct hash, or a copy of the toValidate parameter with the full component name of the target receiver added to the Intent

validateBroadcastIntent

@Nullable
public static android.content.Intent validateBroadcastIntent(android.content.Context context,
                                                                       android.content.Intent toValidate,
                                                                       java.util.List<java.lang.String> sigHashes,
                                                                       boolean failIfHack)

Confirms that the broadcast receiver for a given Intent has a desired signature hash.

If you know the package name of the receiver, call setPackage() on the Intent before passing into this method. That will validate whether the package is installed and whether it has a proper signature hash. You can distinguish between these cases by passing true for the failIfHack parameter.

In general, there are three possible outcomes of calling this method:

1. You get a SecurityException, because failIfHack is true, and we found some receiver whose app does not match the desired hash. The user may have installed a repackaged version of this app that is signed by the wrong key.

2. You get null. If failIfHack is true, this means that no receiver was found that matches the Intent. If failIfHack is false, this means that no receiver was found that matches the Intent and has a valid matching signature.

3. You get an Intent. This means we found a matching receiver that has a matching signature. The Intent will be a copy of the passed-in Intent, with the component name set to the matching receiver, so the "broadcast" will only go to this one component.

Parameters:

context - any Context will do; the value is not retained

toValidate - the Intent that you intend to broadcast

sigHashes - the possible signature hashes of the app that you expect to handle this broadcast

failIfHack - true if you want a SecurityException if a matching receiver is found but it has the wrong signature hash, false otherwise

Returns:

null if there is no matching receiver with the correct hash, or a copy of the toValidate parameter with the full component name of the target receiver added to the Intent

validateActivityIntent

@Nullable
public static android.content.Intent validateActivityIntent(android.content.Context context,
                                                                      android.content.Intent toValidate,
                                                                      java.lang.String sigHash,
                                                                      boolean failIfHack)

Confirms that the activity for a given Intent has the desired signature hash.

If you know the package name of the activity, call setPackage() on the Intent before passing into this method. That will validate whether the package is installed and whether it has the proper signature hash. You can distinguish between these cases by passing true for the failIfHack parameter.

In general, there are three possible outcomes of calling this method:

1. You get a SecurityException, because failIfHack is true, and we found some activity whose app does not match the desired hash. The user may have installed a repackaged version of this app that is signed by the wrong key.

2. You get null. If failIfHack is true, this means that no activity was found that matches the Intent. If failIfHack is false, this means that no activity was found that matches the Intent and has a valid matching signature.

3. You get an Intent. This means we found a matching activity that has a matching signature. The Intent will be a copy of the passed-in Intent, with the component name set to the matching activity, so a call to startActivity() for this Intent is guaranteed to go to this specific activity.

Parameters:

context - any Context will do; the value is not retained

toValidate - the Intent that you intend to use with startActivity()

sigHash - the signature hash of the app that you expect to handle this activity

failIfHack - true if you want a SecurityException if a matching activity is found but it has the wrong signature hash, false otherwise

Returns:

null if there is no matching activity with the correct hash, or a copy of the toValidate parameter with the full component name of the target activity added to the Intent

validateActivityIntent

@Nullable
public static android.content.Intent validateActivityIntent(android.content.Context context,
                                                                      android.content.Intent toValidate,
                                                                      java.util.List<java.lang.String> sigHashes,
                                                                      boolean failIfHack)

Confirms that the activity for a given Intent has the desired signature hash.

If you know the package name of the activity, call setPackage() on the Intent before passing into this method. That will validate whether the package is installed and whether it has the proper signature hash. You can distinguish between these cases by passing true for the failIfHack parameter.

In general, there are three possible outcomes of calling this method:

1. You get a SecurityException, because failIfHack is true, and we found some activity whose app does not match the desired hash. The user may have installed a repackaged version of this app that is signed by the wrong key.

2. You get null. If failIfHack is true, this means that no activity was found that matches the Intent. If failIfHack is false, this means that no activity was found that matches the Intent and has a valid matching signature.

3. You get an Intent. This means we found a matching activity that has a matching signature. The Intent will be a copy of the passed-in Intent, with the component name set to the matching activity, so a call to startActivity() for this Intent is guaranteed to go to this specific activity.

Parameters:

context - any Context will do; the value is not retained

toValidate - the Intent that you intend to use with startActivity()

sigHashes - the signature hashes of the app that you expect to handle this activity

failIfHack - true if you want a SecurityException if a matching activity is found but it has the wrong signature hash, false otherwise

Returns:

null if there is no matching activity with the correct hash, or a copy of the toValidate parameter with the full component name of the target activity added to the Intent

validateServiceIntent

@Nullable
public static android.content.Intent validateServiceIntent(android.content.Context context,
                                                                     android.content.Intent toValidate,
                                                                     java.lang.String sigHash,
                                                                     boolean failIfHack)

Confirms that the service for a given Intent has the desired signature hash.

If you know the package name of the service, call setPackage() on the Intent before passing into this method. That will validate whether the package is installed and whether it has the proper signature hash. You can distinguish between these cases by passing true for the failIfHack parameter.

In general, there are three possible outcomes of calling this method:

1. You get a SecurityException, because failIfHack is true, and we found some service whose app does not match the desired hash. The user may have installed a repackaged version of this app that is signed by the wrong key.

2. You get null. If failIfHack is true, this means that no service was found that matches the Intent. If failIfHack is false, this means that no service was found that matches the Intent and has a valid matching signature.

3. You get an Intent. This means we found a matching service that has a matching signature. The Intent will be a copy of the passed-in Intent, with the component name set to the matching service, so a call to startService() or bindService() for this Intent is guaranteed to go to this specific service.

Parameters:

context - any Context will do; the value is not retained

toValidate - the Intent that you intend to use with startService() or bindService()

sigHash - the signature hash of the app that you expect to handle this service

failIfHack - true if you want a SecurityException if a matching service is found but it has the wrong signature hash, false otherwise

Returns:

null if there is no matching service with the correct hash, or a copy of the toValidate parameter with the full component name of the target service added to the Intent

validateServiceIntent

@Nullable
public static android.content.Intent validateServiceIntent(android.content.Context context,
                                                                     android.content.Intent toValidate,
                                                                     java.util.List<java.lang.String> sigHashes,
                                                                     boolean failIfHack)

Confirms that the service for a given Intent has the desired signature hash.

If you know the package name of the service, call setPackage() on the Intent before passing into this method. That will validate whether the package is installed and whether it has the proper signature hash. You can distinguish between these cases by passing true for the failIfHack parameter.

In general, there are three possible outcomes of calling this method:

1. You get a SecurityException, because failIfHack is true, and we found some service whose app does not match the desired hash. The user may have installed a repackaged version of this app that is signed by the wrong key.

2. You get null. If failIfHack is true, this means that no service was found that matches the Intent. If failIfHack is false, this means that no service was found that matches the Intent and has a valid matching signature.

3. You get an Intent. This means we found a matching service that has a matching signature. The Intent will be a copy of the passed-in Intent, with the component name set to the matching service, so a call to startService() or bindService() for this Intent is guaranteed to go to this specific service.

Parameters:

context - any Context will do; the value is not retained

toValidate - the Intent that you intend to use with startService() or bindService()

sigHashes - the signature hash of the app that you expect to handle this service

failIfHack - true if you want a SecurityException if a matching service is found but it has the wrong signature hash, false otherwise

Returns:

null if there is no matching service with the correct hash, or a copy of the toValidate parameter with the full component name of the target service added to the Intent