From f5bd6a6a4ee50475ca056fe9cc0246bb424debe1 Mon Sep 17 00:00:00 2001 From: Maxim Goretskyy Date: Wed, 29 Jan 2020 13:11:19 -0800 Subject: [PATCH] Cert Hashing Summary: See D19583338 for context Reviewed By: jingping2015 Differential Revision: D19584725 fbshipit-source-id: 0d31a7a989a57d717930c37bc7aa54e6c7f537ae --- .../appevents/AppEventsConstants.java | 5 ++ .../appevents/internal/SessionLogger.java | 3 ++ .../internal/security/CertificateUtil.java | 46 +++++++++++++++++++ 3 files changed, 54 insertions(+) create mode 100644 facebook-core/src/main/java/com/facebook/internal/security/CertificateUtil.java diff --git a/facebook-core/src/main/java/com/facebook/appevents/AppEventsConstants.java b/facebook-core/src/main/java/com/facebook/appevents/AppEventsConstants.java index c14b3e4db1..d7af3fd354 100644 --- a/facebook-core/src/main/java/com/facebook/appevents/AppEventsConstants.java +++ b/facebook-core/src/main/java/com/facebook/appevents/AppEventsConstants.java @@ -269,6 +269,11 @@ public class AppEventsConstants { */ public static final String EVENT_PARAM_PACKAGE_FP = "fb_mobile_pckg_fp"; + /** + * Parameter key used to specify hashed cert for signing the apk. + */ + public static final String EVENT_PARAM_APP_CERT_HASH = "fb_mobile_app_cert_hash"; + // Parameter values /** Yes-valued parameter value to be used with parameter keys that need a Yes/No value */ diff --git a/facebook-core/src/main/java/com/facebook/appevents/internal/SessionLogger.java b/facebook-core/src/main/java/com/facebook/appevents/internal/SessionLogger.java index 033f48d961..9cad03376b 100644 --- a/facebook-core/src/main/java/com/facebook/appevents/internal/SessionLogger.java +++ b/facebook-core/src/main/java/com/facebook/appevents/internal/SessionLogger.java @@ -34,6 +34,7 @@ import com.facebook.appevents.AppEventsLogger; import com.facebook.appevents.InternalAppEventsLogger; import com.facebook.internal.Logger; +import com.facebook.internal.security.CertificateUtil; import java.util.Locale; @@ -81,6 +82,8 @@ public static void logActivateApp( eventParams.putString( AppEventsConstants.EVENT_PARAM_PACKAGE_FP, computePackageChecksum(context)); + eventParams.putString(AppEventsConstants.EVENT_PARAM_APP_CERT_HASH, + CertificateUtil.getCertificateHash(context)); InternalAppEventsLogger logger = new InternalAppEventsLogger( activityName, appId, diff --git a/facebook-core/src/main/java/com/facebook/internal/security/CertificateUtil.java b/facebook-core/src/main/java/com/facebook/internal/security/CertificateUtil.java new file mode 100644 index 0000000000..34b860a028 --- /dev/null +++ b/facebook-core/src/main/java/com/facebook/internal/security/CertificateUtil.java @@ -0,0 +1,46 @@ +package com.facebook.internal.security; + +import android.content.Context; +import android.content.pm.PackageManager; +import android.content.pm.Signature; +import android.util.Base64; + +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +/* + This would need to be changed if we change the docs for how to submit the certificate hashes + https://developers.facebook.com/docs/android/getting-started/ + */ +public class CertificateUtil { + + private CertificateUtil() {} + + private static final String DELIMITER = ":"; //not part of valid characters for base64 + + /** + * @return String of concatenated signatures, since there can be more than one + */ + public static String getCertificateHash(Context ctx) { + try { + Signature[] signatures = ctx.getPackageManager().getPackageInfo(ctx.getPackageName(), PackageManager.GET_SIGNATURES).signatures; + StringBuilder sb = new StringBuilder(); + MessageDigest md = MessageDigest.getInstance("SHA1"); + for (Signature signature : signatures) { + md.update(signature.toByteArray()); + sb.append(Base64.encodeToString(md.digest(), Base64.DEFAULT)); + sb.append(DELIMITER); + } + + if (sb.length() > 0) { + sb.setLength(sb.length() - 1); //remove last delimiter + } + + return sb.toString(); + } catch (PackageManager.NameNotFoundException e) { + //do nothing + } catch (NoSuchAlgorithmException e) { + //do nothing + } + return ""; + } +}