allstars' blog: signature check in Android PluginManager

Thursday, November 18, 2010

signature check in Android PluginManager

常常看到有人在問android PluginManager裡面的signature 是幹嘛用的
http://android.git.kernel.org/?p=platform/frameworks/base.git;a=blob;f=core/java/android/webkit/PluginManager.java;h=cdcb662e057c4d41b7e7af235991d53037d1e19d;hb=HEAD#l75

查了一下commit的log
原來是當初要給flash on android

commit 73477e7336cd1bdd67984a0f6374c79108a8f098
Author: Grace Kloba
Date: Wed Sep 30 17:45:46 2009 -0700

   Add the signature checking for WebView plugins. The
   first one is for SampleBrowserPlugin. The second
   one is for Flash.

diff --git a/core/java/android/webkit/PluginManager.java b/core/java/android/webkit/PluginManager.java
index 766bd75..edba446 100644
--- a/core/java/android/webkit/PluginManager.java
+++ b/core/java/android/webkit/PluginManager.java
@@ -65,6 +65,15 @@ public class PluginManager {

   private ArrayList mPackageInfoCache;

+ // Only plugin matches one of the signatures in the list can be loaded
+ // inside the WebView process
+ private static final String SIGNATURE_1 = "308204a830820390a003020102020900936eacbe07f201df300d06092a864886f70d0101050500308194310b3009060355040613025553311330110603550408130a43616c69666f726e69613116301
+ private static final String SIGNATURE_2 = "308204c5308203ada003020102020900d7cb412f75f4887e300d06092a864886f70d010105050030819d310b3009060355040613025553311330110603550408130a43616c69666f726e69613111300
+
+ private static final Signature[] SIGNATURES = new Signature[] {
+ new Signature(SIGNATURE_1), new Signature(SIGNATURE_2)
+ };
+
   private PluginManager(Context context) {
   mContext = context;
   mPackageInfoCache = new ArrayList();
@@ -148,9 +157,12 @@ public class PluginManager {
   }
   boolean signatureMatch = false;
   for (Signature signature : signatures) {
- // TODO: check signature against Google provided one
- signatureMatch = true;
- break;
+ for (int i = 0; i < SIGNATURES.length; i++) {
+ if (SIGNATURES[i].equals(signature)) {
+ signatureMatch = true;
+ break;
+ }
+ }
   }
   if (!signatureMatch) {
   continue;

2 comments:

TopClass said...: thanks your post. I have one question about plugin. I understand that we can use plugin by adding signature at "pluginmanager.java", then isn't it possible using plugin released android version not modified? Actually, I want to use my plugin on any android devices. If you have some solutions, please give me directions. thanks.; March 22, 2011 at 2:54 PM
allstars.chh said...: everybody has the same problem with you....ha
the best way is ask google I presume; March 23, 2011 at 6:50 PM

allstars' blog

Thursday, November 18, 2010

signature check in Android PluginManager

2 comments:

Top posts

Labels

Total Pageviews

Search my blog

Blog Archive

About Me