Code cleanup based on static analysis
Bug: 169094510
Test: gradlew test
Change-Id: Ie0a6334d0f970d9329e9fca581da68e6e5f32ac7
Merged-In: Ie0a6334d0f970d9329e9fca581da68e6e5f32ac7
diff --git a/src/main/java/com/android/apksig/ApkVerifier.java b/src/main/java/com/android/apksig/ApkVerifier.java
index e323ed9..475ae42 100644
--- a/src/main/java/com/android/apksig/ApkVerifier.java
+++ b/src/main/java/com/android/apksig/ApkVerifier.java
@@ -1643,9 +1643,9 @@
private SourceStampInfo(ApkSignerInfo result) {
mCertificates = result.certs;
- mErrors = ApkVerificationErrorAdapter.getIssuesFromVerificationIssues(
+ mErrors = ApkVerificationIssueAdapter.getIssuesFromVerificationIssues(
result.getErrors());
- mWarnings = ApkVerificationErrorAdapter.getIssuesFromVerificationIssues(
+ mWarnings = ApkVerificationIssueAdapter.getIssuesFromVerificationIssues(
result.getWarnings());
if (mErrors.isEmpty() && mWarnings.isEmpty()) {
mSourceStampVerificationStatus = SourceStampVerificationStatus.STAMP_VERIFIED;
@@ -2976,10 +2976,12 @@
}
/**
- * Adapter for converting base ApkVerificationError instances to their IssueWithParams
- * equivalent.
+ * Adapter for converting base {@link ApkVerificationIssue} instances to their {@link
+ * IssueWithParams} equivalent.
*/
- public static class ApkVerificationErrorAdapter {
+ public static class ApkVerificationIssueAdapter {
+ private ApkVerificationIssueAdapter() {}
+
private static final Map<Integer, Issue> sVerificationIssueIdToIssue = new HashMap<>();
static {
@@ -3053,8 +3055,7 @@
/**
* Converts the provided {@code verificationIssues} to a {@code List} of corresponding
- *
- * @link IssueWithParams} instances.
+ * {@link IssueWithParams} instances.
*/
public static List<IssueWithParams> getIssuesFromVerificationIssues(
List<? extends ApkVerificationIssue> verificationIssues) {
diff --git a/src/main/java/com/android/apksig/SourceStampVerifier.java b/src/main/java/com/android/apksig/SourceStampVerifier.java
index 0dad8e2..1f66464 100644
--- a/src/main/java/com/android/apksig/SourceStampVerifier.java
+++ b/src/main/java/com/android/apksig/SourceStampVerifier.java
@@ -81,7 +81,7 @@
private SourceStampVerifier(
File apkFile,
DataSource apkDataSource,
- Integer minSdkVersion,
+ int minSdkVersion,
int maxSdkVersion) {
mApkFile = apkFile;
mApkDataSource = apkDataSource;
@@ -288,7 +288,7 @@
ByteBuffer apkSignatureSchemeBlock,
int apkSigSchemeVersion,
Map<ContentDigestAlgorithm, byte[]> apkContentDigests,
- Result result) throws NoSuchAlgorithmException {
+ Result result) {
boolean isV2Block = apkSigSchemeVersion == VERSION_APK_SIGNATURE_SCHEME_V2;
// Both the V2 and V3 signature blocks contain the following:
// * length-prefixed sequence of length-prefixed signers
@@ -354,7 +354,7 @@
CertificateFactory certFactory,
Map<ContentDigestAlgorithm, byte[]> apkContentDigests,
Result.SignerInfo signerInfo)
- throws ApkFormatException, NoSuchAlgorithmException {
+ throws ApkFormatException {
boolean isV2Signer = apkSigSchemeVersion == VERSION_APK_SIGNATURE_SCHEME_V2;
// Both the V2 and V3 signer blocks contain the following:
// * length-prefixed signed data
@@ -627,7 +627,7 @@
* should be set to false to ensure only errors trigger a failure verifying the source
* stamp.
*/
- private final boolean mWarningsAsErrors = true;
+ private static final boolean mWarningsAsErrors = true;
private SourceStampInfo(ApkSignerInfo result) {
mCertificates = result.certs;
diff --git a/src/main/java/com/android/apksig/apk/ApkUtils.java b/src/main/java/com/android/apksig/apk/ApkUtils.java
index 896ce3f..69399a7 100644
--- a/src/main/java/com/android/apksig/apk/ApkUtils.java
+++ b/src/main/java/com/android/apksig/apk/ApkUtils.java
@@ -25,13 +25,10 @@
import com.android.apksig.internal.zip.ZipUtils;
import com.android.apksig.util.DataSource;
import com.android.apksig.zip.ZipFormatException;
-import com.android.apksig.zip.ZipSections;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Comparator;
import java.util.List;
@@ -99,11 +96,6 @@
ZipUtils.setZipEocdCentralDirectoryOffset(eocd, offset);
}
- // See https://source.android.com/security/apksigning/v2.html
- private static final long APK_SIG_BLOCK_MAGIC_HI = 0x3234206b636f6c42L;
- private static final long APK_SIG_BLOCK_MAGIC_LO = 0x20676953204b5041L;
- private static final int APK_SIG_BLOCK_MIN_SIZE = 32;
-
/**
* Returns the APK Signing Block of the provided APK.
*
diff --git a/src/main/java/com/android/apksig/apk/ApkUtilsLite.java b/src/main/java/com/android/apksig/apk/ApkUtilsLite.java
index 992d6c6..13f2301 100644
--- a/src/main/java/com/android/apksig/apk/ApkUtilsLite.java
+++ b/src/main/java/com/android/apksig/apk/ApkUtilsLite.java
@@ -33,6 +33,8 @@
* functionality.
*/
public class ApkUtilsLite {
+ private ApkUtilsLite() {}
+
/**
* Finds the main ZIP sections of the provided APK.
*
diff --git a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
index 261f696..e8f6fc0 100644
--- a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
+++ b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
@@ -52,7 +52,6 @@
import java.io.IOException;
import java.math.BigInteger;
-import java.nio.BufferUnderflowException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.DigestException;
@@ -85,7 +84,6 @@
public class ApkSigningBlockUtils {
- private static final char[] HEX_DIGITS = "0123456789abcdef".toCharArray();
private static final long CONTENT_DIGESTED_CHUNK_MAX_SIZE_BYTES = 1024 * 1024;
public static final int ANDROID_COMMON_PAGE_ALIGNMENT_BYTES = 4096;
private static final byte[] APK_SIGNING_BLOCK_MAGIC =
@@ -241,69 +239,6 @@
ApkSigningBlockUtilsLite.checkByteOrderLittleEndian(buffer);
}
- /**
- * Returns new byte buffer whose content is a shared subsequence of this buffer's content
- * between the specified start (inclusive) and end (exclusive) positions. As opposed to
- * {@link ByteBuffer#slice()}, the returned buffer's byte order is the same as the source
- * buffer's byte order.
- */
- private static ByteBuffer sliceFromTo(ByteBuffer source, int start, int end) {
- if (start < 0) {
- throw new IllegalArgumentException("start: " + start);
- }
- if (end < start) {
- throw new IllegalArgumentException("end < start: " + end + " < " + start);
- }
- int capacity = source.capacity();
- if (end > source.capacity()) {
- throw new IllegalArgumentException("end > capacity: " + end + " > " + capacity);
- }
- int originalLimit = source.limit();
- int originalPosition = source.position();
- try {
- source.position(0);
- source.limit(end);
- source.position(start);
- ByteBuffer result = source.slice();
- result.order(source.order());
- return result;
- } finally {
- source.position(0);
- source.limit(originalLimit);
- source.position(originalPosition);
- }
- }
-
- /**
- * Relative <em>get</em> method for reading {@code size} number of bytes from the current
- * position of this buffer.
- *
- * <p>This method reads the next {@code size} bytes at this buffer's current position,
- * returning them as a {@code ByteBuffer} with start set to 0, limit and capacity set to
- * {@code size}, byte order set to this buffer's byte order; and then increments the position by
- * {@code size}.
- */
- private static ByteBuffer getByteBuffer(ByteBuffer source, int size) {
- if (size < 0) {
- throw new IllegalArgumentException("size: " + size);
- }
- int originalLimit = source.limit();
- int position = source.position();
- int limit = position + size;
- if ((limit < position) || (limit > originalLimit)) {
- throw new BufferUnderflowException();
- }
- source.limit(limit);
- try {
- ByteBuffer result = source.slice();
- result.order(source.order());
- source.position(limit);
- return result;
- } finally {
- source.limit(originalLimit);
- }
- }
-
public static ByteBuffer getLengthPrefixedSlice(ByteBuffer source) throws ApkFormatException {
return ApkSigningBlockUtilsLite.getLengthPrefixedSlice(source);
}
diff --git a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtilsLite.java b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtilsLite.java
index be14af8..40ae947 100644
--- a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtilsLite.java
+++ b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtilsLite.java
@@ -38,6 +38,8 @@
* utility functionality.
*/
public class ApkSigningBlockUtilsLite {
+ private ApkSigningBlockUtilsLite() {}
+
private static final char[] HEX_DIGITS = "0123456789abcdef".toCharArray();
/**
* Returns the APK Signature Scheme block contained in the provided APK file for the given ID
diff --git a/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java b/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java
index 2453f36..6d7e997 100644
--- a/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java
+++ b/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java
@@ -53,7 +53,6 @@
import java.io.IOException;
import java.nio.ByteBuffer;
-import java.nio.ByteOrder;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
diff --git a/src/main/java/com/android/apksig/internal/zip/ZipUtils.java b/src/main/java/com/android/apksig/internal/zip/ZipUtils.java
index c6f074d..9d9da15 100644
--- a/src/main/java/com/android/apksig/internal/zip/ZipUtils.java
+++ b/src/main/java/com/android/apksig/internal/zip/ZipUtils.java
@@ -17,7 +17,6 @@
package com.android.apksig.internal.zip;
import com.android.apksig.apk.ApkFormatException;
-import com.android.apksig.apk.ApkUtilsLite;
import com.android.apksig.internal.util.Pair;
import com.android.apksig.util.DataSource;
import com.android.apksig.zip.ZipFormatException;
diff --git a/src/test/java/com/android/apksig/SourceStampVerifierTest.java b/src/test/java/com/android/apksig/SourceStampVerifierTest.java
index 0ff5a81..2235657 100644
--- a/src/test/java/com/android/apksig/SourceStampVerifierTest.java
+++ b/src/test/java/com/android/apksig/SourceStampVerifierTest.java
@@ -16,38 +16,16 @@
package com.android.apksig;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
-import static org.junit.Assume.assumeNoException;
-import com.android.apksig.apk.ApkFormatException;
-import com.android.apksig.internal.util.AndroidSdkVersion;
-import com.android.apksig.internal.util.HexEncoding;
import com.android.apksig.internal.util.Resources;
import com.android.apksig.util.DataSources;
-import org.junit.Assume;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
-import java.io.IOException;
import java.nio.ByteBuffer;
-import java.security.InvalidKeyException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.Signature;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.List;
-import java.util.Locale;
-import java.util.Objects;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
@RunWith(JUnit4.class)
public class SourceStampVerifierTest {
@@ -222,7 +200,7 @@
return builder.build().verifySourceStamp(expectedCertDigest);
}
- private void assertVerified(SourceStampVerifier.Result result) {
+ private static void assertVerified(SourceStampVerifier.Result result) {
if (result.isVerified()) {
return;
}
