in ioXt/uraniborg/scripts/python/risk_analyzer.py [0:0]
def compute_base_score(self, hubble, normalize):
logger = self.logger
total_granted_score = 0
total_ungranted_score = 0
packages = hubble.packages
whitelist = PackageWhitelists.get_whitelist(hubble.get_oem())
baseline = BaselinePackages.get_instance(hubble.get_api_level())
gms_packages = GMS.PACKAGES if self.google_discount else []
update_apps = False
if not self.related_apps and normalize:
update_apps = True
for package in packages:
package_name = package["name"]
# We start by handling whitelists or identifying packages that should
# be skipped.
if package_name in hubble.platform_apps:
logger.debug("^%s was platform signed. Skipping...", package_name)
continue
if package_name in whitelist.EXCLUDED_PACKAGES:
logger.debug("^%s is listed in OEM whitelist. Skipping...",
package_name)
continue
if package_name in whitelist.INSTALLER_PACKAGES:
if package["certIds"][0] == whitelist.INSTALLER_PACKAGES.get(
package_name):
logger.debug("^%s is the OEM's app store. Skipping...", package_name)
continue
else:
logger.warning("!%s's signature does not match whitelist",
package_name)
if normalize:
fuzzy_matched_package = PackageWhitelists.package_name_fuzzy_match(
logger, package_name, baseline.get_all_packages())
if fuzzy_matched_package:
# the ideal case would be to compute the diff of permission between
# packages. But we'll use a simpler version by skipping for now in
# this iteration.
logger.debug("^%s skipped - fuzzy matched to GSI package %s",
package_name, fuzzy_matched_package)
continue
if not package["hasCode"]:
logger.debug("^%s has no code. Skipping...", package_name)
continue
if package_name in gms_packages:
if GMS.is_gms_package(package):
logger.debug("^%s is GMS package. Skipped...", package_name)
continue
else:
logger.debug("!%s seems to be GMS but signature doesn't match!",
package_name)
risk_score = self._compute_fair_permission_score(
package["permissionsGranted"])
# handle special permissions
risk_score["special"] = 0
for special_permission in package["permissionsSpecial"]:
risk_score["special"] += RiskyPermissions.map_permission_to_score(
special_permission)
ungranted_score = self._compute_fair_permission_score(
package["permissionsNotGranted"])
is_related = False
for score_type in risk_score:
if risk_score[score_type]:
logger.debug("+%s added %d points as %s pregranted score.",
package_name, risk_score[score_type], score_type)
is_related = True
total_granted_score += risk_score[score_type]
for score_type in ungranted_score:
if ungranted_score[score_type]:
logger.debug("/%s added %d points as %s ungranted score.",
package_name, ungranted_score[score_type], score_type)
total_ungranted_score += ungranted_score[score_type]
if update_apps and is_related:
self.related_apps.append(package)
logger.debug("Total pregranted perms score: %2.2f", total_granted_score)
logger.debug("Total ungranted perms score: %2.2f", total_ungranted_score)
return total_granted_score