Verify intent signatures.

chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java

Index: chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java
index 0269372a91fe45d29b372fdb1dc5b7bfda8af30a..ac758a70fa06afdee49376c4b69fa2ffb2ee502e 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java
@@ -14,6 +14,7 @@ import android.content.Intent;
 import android.content.IntentFilter;
 import android.content.pm.PackageManager;
 import android.content.pm.ResolveInfo;
+import android.content.pm.Signature;
 import android.net.Uri;
 import android.os.Build;
 import android.os.StrictMode;
@@ -49,8 +50,12 @@ import org.chromium.ui.base.WindowAndroid;
 import org.chromium.ui.base.WindowAndroid.PermissionCallback;
 import org.chromium.webapk.lib.client.WebApkValidator;
 
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 /**
  * The main implementation of the {@link ExternalNavigationDelegate}.
@@ -542,4 +547,62 @@ public class ExternalNavigationDelegateImpl implements ExternalNavigationDelegat
         intent.putExtra(IntentHandler.EXTRA_EXTERNAL_NAV_PACKAGES,
                 getSpecializedHandlersWithFilter(infos, null));
     }
+
+
+    @Override
+    public Set<String> getPackageSHA256Fingerprints(String pkgName) {
+        PackageManager pm = getAvailableContext().getPackageManager();
+        Signature[] signatures;
+        try {
+            signatures = pm.getPackageInfo(pkgName,
+                    PackageManager.GET_SIGNATURES).signatures;
+        } catch (PackageManager.NameNotFoundException e) {
+            return null;
+        }
+        Set<String> fingerPrints = new HashSet<>();
+        for (int i = 0; i < signatures.length; ++i) {
+            String fingerPrint = getSha256(signatures[i].toByteArray());
+            if (fingerPrint == null) {
+                return null;
+            }
+            fingerPrints.add(fingerPrint);
+        }
+        return fingerPrints;
+    }
+
+    /**
+     * Compute sha256 fingerprint from signature using MessageDigest.
+     *
+     * @param signature The signature to process.
+     * @return The hex string for the fingerprint or null on failure.
+     */
+    private String getSha256(byte[] signature) {
+        MessageDigest digester;
+        try {
+            digester = MessageDigest.getInstance("SHA-256");
+        } catch (NoSuchAlgorithmException e) {
+            return null;
+        }
+        digester.update(signature);
+        return byteArrayToHexString(digester.digest());
+    }
+
+    /**
+     * Convert bytes to a hex string.
+     *
+     * @param bytes The bytes to convert into a string.
+     * @return The hex string for the bytes or null on empty bytes.
+     */
+    private String byteArrayToHexString(byte[] bytes) {
+        if (bytes.length == 0) {
+            return null;
+        }
+        StringBuilder hexString = new StringBuilder();
+        for (int i = 0; i < bytes.length; ++i) {
+            hexString.append(Integer.toHexString((bytes[i] >> 4) & 0x0f));
+            hexString.append(Integer.toHexString(bytes[i] & 0x0f));
+        }
+        return hexString.toString().toUpperCase();
+    }
+
 }