From 96ed60fda30cbc3783f0c9d6594b260a75f0d5a0 Mon Sep 17 00:00:00 2001
From: Licaon_Kter <licaon.kter@protonmail.com>
Date: Fri, 8 Nov 2024 15:09:05 +0000
Subject: [PATCH] Reword extra blocks

---
 fdroidserver/scanner.py | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/fdroidserver/scanner.py b/fdroidserver/scanner.py
index 6a392b2b..08c09918 100644
--- a/fdroidserver/scanner.py
+++ b/fdroidserver/scanner.py
@@ -75,14 +75,18 @@ GRADLE_CATALOG_FILE_REGEX = re.compile(
 )
 VERSION_CATALOG_REGEX = re.compile(r'versionCatalogs\s*\{')
 
-FROSTING_BLOCK_TYPES = {
-    # 0x7109871a: 'SIGNv2',
-    # 0xf05368c0: 'SIGNv3',
-    0x2146444E: 'Google metadata',
+APK_SIGNING_BLOCK_IDS = {
+    # https://source.android.com/docs/security/features/apksigning/v2#apk-signing-block
+    # 0x7109871a: 'APK signature scheme v2',
+    # https://source.android.com/docs/security/features/apksigning/v3#apk-signing-block
+    # 0xf05368c0: 'APK signature scheme v3',
+    # See "Security metadata in early 2018"
+    # https://android-developers.googleblog.com/2017/12/improving-app-security-and-performance.html
+    0x2146444E: 'Google Play Signature aka "Frosting"',
     # 0x42726577: 'Verity padding',
     # 0x6DFF800D: 'Source stamp V2 X509 cert',
     # JSON with some metadata, used by Chinese company Meituan
-    0x71777777: 'Meituan metadata',
+    0x71777777: 'Meituan payload',
     # Dependencies metadata generated by Gradle and encrypted by Google Play.
     # '...The data is compressed, encrypted by a Google Play signing key...'
     # https://developer.android.com/studio/releases/gradle-plugin#dependency-metadata
@@ -669,12 +673,14 @@ def scan_binary(apkfile):
                 logging.debug("Problem: found class '%s'" % classname)
                 problems += 1
 
-    logging.info(_('Scanning APK for known frosting blocks.'))
+    logging.info(_('Scanning APK for extra signing blocks.'))
     a = common.get_androguard_APK(str(apkfile))
     a.parse_v2_v3_signature()
     for b in a._v2_blocks:
-        if b in FROSTING_BLOCK_TYPES:
-            logging.debug(f"Problem: found frosting block '{FROSTING_BLOCK_TYPES[b]}'")
+        if b in APK_SIGNING_BLOCK_IDS:
+            logging.debug(
+                f"Problem: found extra signing block '{APK_SIGNING_BLOCK_IDS[b]}'"
+            )
             problems += 1
 
     if warnings: