in CodeTransparencyKotlin/app/src/main/java/com/example/codetransparencyverification/CodeTransparencyChecker.kt [44:77]
fun checkCodeTransparency(packageInfo: PackageInfo): TransparencyCheckResult {
var result = TransparencyCheckResult()
try {
val keyCertificates: List<String> = getApkSigningKeyCertificates(packageInfo)
result = result.copy(apkSigningKeyCertificateFingerprints = keyCertificates)
val baseApkPath: String = packageInfo.applicationInfo.sourceDir
val codeTransparencyJws: JsonWebSignature = getCodeTransparencyJws(baseApkPath)
val transparencyKeyCertFingerPrint: String =
checkCodeTransparencySignature(codeTransparencyJws)
result = result.copy(
isTransparencySignatureVerified = true,
transparencyKeyCertificateFingerprint = transparencyKeyCertFingerPrint
)
val codeRelatedFilesFromTransparencyFile: Map<String, CodeRelatedFile> =
Json.decodeFromString<CodeRelatedFiles>(codeTransparencyJws.unverifiedPayload)
.files.associateBy { codeRelatedFile ->
codeRelatedFile.sha256
}
val splitApkPaths = packageInfo.splitApkPaths.map { path -> baseApkPath + path }
val modifiedFiles: List<String> =
findModifiedFiles(splitApkPaths, codeRelatedFilesFromTransparencyFile)
result = result.copy(isFileContentsVerified = modifiedFiles.isEmpty())
} catch (e: Exception) {
result = result.copy(errorMessage = e.message)
}
return result
}