Check that signatureMask isn't an empty array (#26)

* Check that signatureMask isn't an empty array If for some reason signatureMask turned out to be an empty array, verify() would always return true and the verification logic could be bypassed. This change ensures that the code throws an exception in the unlikely case that signatureMask is an empty array. * Update digitalassetlinks/src/test/java/com/solana/digitalassetlinks/AndroidAppPackageVerifierUnitTests.java Co-authored-by: sdlaver <103003665+sdlaver@users.noreply.github.com>
solana-mobile · Dec 8, 2022 · b4cb100 · b4cb100
1 parent bdd156c
commit b4cb100
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 5 deletions.
diff --git a/digitalassetlinks/src/main/java/com/solana/digitalassetlinks/AndroidAppPackageVerifier.java b/digitalassetlinks/src/main/java/com/solana/digitalassetlinks/AndroidAppPackageVerifier.java
@@ -95,6 +95,10 @@ public boolean verify(@NonNull String packageName, @NonNull URI uri)
             requireAllSignatures = true;
         }
 
+        if (signatureMask.length == 0) {
+            throw new CouldNotVerifyPackageException("Failed reading signatures for package " + packageName);
+        }
+
         // Create and configure an AssetLinksJSONParser object
         final StatementMatcher androidAppMatcher = StatementMatcher
                 .createAndroidAppStatementMatcher(

diff --git a/...tlinks/src/test/java/com/solana/digitalassetlinks/AndroidAppPackageVerifierUnitTests.java b/...tlinks/src/test/java/com/solana/digitalassetlinks/AndroidAppPackageVerifierUnitTests.java
@@ -69,6 +69,24 @@ public void testAppPackageVerificationSuccess()
         assertTrue(verified);
     }
 
+    @Test
+    public void testAppPackageVerificationNoCertificates() {
+        ArrayList<MockWebContentServer.Content> mockWebContent = new ArrayList<>();
+        mockWebContent.add(new MockWebContentServer.Content(
+                URI.create("https://www.test.com/.well-known/assetlinks.json"),
+                HttpURLConnection.HTTP_OK,
+                "application/json",
+                ANDROID_APP_STATEMENT_LIST_CERTS_2_3));
+
+        final PackageManager pm = mockPackageManagerFactory(
+                "com.test.sample", new byte[][] {}, true);
+
+        final AndroidAppPackageVerifierHarness verifier =
+                new AndroidAppPackageVerifierHarness(pm, mockWebContent);
+        assertThrows(AndroidAppPackageVerifier.CouldNotVerifyPackageException.class,
+                () ->verifier.verify("com.test.sample", URI.create("https://www.test.com")));
+    }
+
     @Test
     public void testAppPackageVerificationNoAssetLinks() {
         ArrayList<MockWebContentServer.Content> mockWebContent = new ArrayList<>();
@@ -205,11 +223,8 @@ public void testAppPackageVerificationNoMatchingPackageInPackageManager() {
     private static PackageManager mockPackageManagerFactory(@NonNull String packageName,
                                                             @NonNull byte[][] certificates,
                                                             boolean multipleSigners) {
-        if (certificates.length == 0) {
-            throw new IllegalArgumentException("at least 1 certificate required");
-        } else if (multipleSigners && certificates.length == 1) {
-            throw new IllegalArgumentException("multipleSigners requires at least 2 certificates");
-        }
+        // NOTE: empty certificates would normally be an error, but we want to exercise unit tests
+        // for this case, so allow it when constructing a mock PackageManager
 
         final PackageInfo pi = new PackageInfo();
         final int piFlags;