Verify intent signatures.

chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 package org.chromium.chrome.browser.externalnav;
 
 import android.content.ActivityNotFoundException;
 import android.content.ComponentName;
 import android.content.Intent;
+import android.content.pm.PackageManager;
 import android.content.pm.ResolveInfo;
 import android.net.Uri;
 import android.os.SystemClock;
 import android.provider.Browser;
 import android.text.TextUtils;
 import android.webkit.WebView;
 
 import org.chromium.base.CommandLine;
 import org.chromium.base.Log;
 import org.chromium.base.VisibleForTesting;
 import org.chromium.base.metrics.RecordHistogram;
 import org.chromium.chrome.browser.ChromeSwitches;
 import org.chromium.chrome.browser.IntentHandler;
 import org.chromium.chrome.browser.UrlConstants;
 import org.chromium.chrome.browser.tab.Tab;
 import org.chromium.chrome.browser.tab.TabRedirectHandler;
 import org.chromium.chrome.browser.util.IntentUtils;
 import org.chromium.chrome.browser.util.UrlUtilities;
 import org.chromium.ui.base.PageTransition;
 
 import java.net.URI;
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
 
 /**
  * Logic related to the URL overriding/intercepting functionality.
  * This feature allows Chrome to convert certain navigations to Android Intents allowing
  * applications like Youtube to direct users clicking on a http(s) link to their native app.
  */
 public class ExternalNavigationHandler {
     private static final String TAG = "UrlHandler";
     private static final String SCHEME_WTAI = "wtai://wp/";
@@ skipping 62 matching lines @@
         boolean hasBrowserFallbackUrl = false;
         String browserFallbackUrl =
                 IntentUtils.safeGetStringExtra(intent, EXTRA_BROWSER_FALLBACK_URL);
         if (browserFallbackUrl != null
                 && UrlUtilities.isValidForIntentFallbackNavigation(browserFallbackUrl)) {
             hasBrowserFallbackUrl = true;
         } else {
             browserFallbackUrl = null;
         }
 
+        try {

[please use gerrit instead, 2016/07/27 08:29:02]

Put this block into a separate function, for example:

if (!packageSignatureMatches()) {
    return OverrideLoadingResult.NO_OVERRIDE;
}

+            //scheme
+            String scheme = intent.getData().getScheme();

[please use gerrit instead, 2016/07/27 08:29:02]

You don't use "scheme" anywhere except to check that it's present. Add a comment
about its purpose.

+            String fragment = intent.getData().getFragment();
+            if (!TextUtils.isEmpty(scheme) && null != fragment && fragment.contains(";")) {

[please use gerrit instead, 2016/07/27 08:29:02]

Chrome style is to put null after variable:

fragment != null

+                String[] parts = fragment.split(";");
+
+                Set<Set<String>> allFingerPrint256 = new HashSet<>();
+                /**
+                 * same package name , different keystores, generated fingerprint256 set.
+                 *
+                 * 1.an app's signature may update and change from old, so need config and
+                 * support new and old, but this is optional.(e.g. a.only config new fingerprint
+                 * b. only config old fingerprint. c.config new and old fingerprint)
+                 *
+                 * 2.one apk itself may contain more than one keystore to sign.
+                 *
+                 * example: suppose apk's new signature is 3A4FXXXXXX,12XXXXXXX,and old signature
+                 * is 1B2AXXXX. you can config the intent like "...;sha256=3A4FXXXXXX,12XXXXXXX;.."
+                 * or "..;sha256=3A4FXXXXXX,12XXXXXXX|1B2AXXXX;.."
+                 */

[please use gerrit instead, 2016/07/27 08:29:02]

Chrome style is to use // style comments when inside of a function.

+                String pkgName = "";
+                String fingerPrint256 = "";
+                String[] fingerPrint256DifGroups;
+                for (String each : parts) {
+                    String[] part = each.split("=");

[please use gerrit instead, 2016/07/27 08:29:02]

Integer loops are more efficient on Android. 

for (int i - 0; i < parts.length; i++) {
    ...
}

+                    if (part[0].equals("sha256")) {

[please use gerrit instead, 2016/07/27 08:29:02]

This will crash if "each" does not contain "=".

+                        fingerPrint256 = part[1];

[please use gerrit instead, 2016/07/27 08:29:02]

This will crash if "=" is the last character of "each".

+
+                    }
+                    if (part[0].equals("package")) {
+                        pkgName = part[1];
+                    }
+                }
+                if (!TextUtils.isEmpty(pkgName) && !TextUtils.isEmpty(fingerPrint256)) {
+                    fingerPrint256DifGroups = fingerPrint256.split("\\|");
+                    for (int i = 0; i < fingerPrint256DifGroups.length; ++i) {
+                        Set<String> fingerPrint256GroupSignKeySet = new HashSet<>();
+                        Collections.addAll(fingerPrint256GroupSignKeySet, fingerPrint256DifGroups[i]
+                                .split(","));
+                        allFingerPrint256.add(fingerPrint256GroupSignKeySet);
+                    }
+                    Set<String> fingerPrint256Set = mDelegate.getPackageSHA256Fingerprints(pkgName);
+                    if (!allFingerPrint256.contains(fingerPrint256Set)) {
+                        return OverrideUrlLoadingResult.NO_OVERRIDE;
+                    }
+                }
+            }
+        } catch (PackageManager.NameNotFoundException e) {
+            return OverrideUrlLoadingResult.NO_OVERRIDE;
+        } catch (Throwable ignore) {
+            /**
+             * 1. in method getSha256() , if No SHA-256 implementation found, this new feature won't
+             * work, so it should backwards to original way to handle the intent , we should ignore
+             * ths Throwable.
+             *
+             * 2. in the process above, any other exception or error except "NameNotFoundException"
+             * happens, we can consider the feature fail ,and catch the throwable and continue next
+             * work.
+             */
+        }
+
         long time = SystemClock.elapsedRealtime();
         OverrideUrlLoadingResult result = shouldOverrideUrlLoadingInternal(
                 params, intent, hasBrowserFallbackUrl, browserFallbackUrl);
         RecordHistogram.recordTimesHistogram("Android.StrictMode.OverrideUrlLoadingTime",
                 SystemClock.elapsedRealtime() - time, TimeUnit.MILLISECONDS);
 
         if (result == OverrideUrlLoadingResult.NO_OVERRIDE && hasBrowserFallbackUrl
                 && (params.getRedirectHandler() == null
                         // For instance, if this is a chained fallback URL, we ignore it.
                         || !params.getRedirectHandler().shouldNotOverrideUrlLoading())) {
@@ skipping 389 matching lines @@
         if (defaultSmsPackageName == null) return null;
         // Makes sure that the default SMS app actually resolves the intent.
         for (ResolveInfo resolveInfo : resolvingComponentNames) {
             if (defaultSmsPackageName.equals(resolveInfo.activityInfo.packageName)) {
                 return defaultSmsPackageName;
             }
         }
         return null;
     }
 }