Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0a8c784d authored by Mohammad Samiul Islam's avatar Mohammad Samiul Islam
Browse files

Allow apex packages to be signed with key that has rollback capability 

When a key is rotated with a new key, it may continue to trust the old
one. As such, trusted old key should be able to update.

We no longer need to handle "key-downgrade" separately in any situation.
An update will be installed iff it is signed by a trusted key (even
during Rollbacks/Downgrades).

Bug: 136002636
Test: atest StagedInstallTest#testTrustedOldKeyIsAccepted
Change-Id: I3455bd00e13a9271fe25cfaac1476ad7e55eb5f3
Merged-In: I3455bd00e13a9271fe25cfaac1476ad7e55eb5f3
parent b929a547

services/core/java/com/android/server/pm/StagingManager.java

+8 −16
Original line number Diff line number Diff line
@@ -113,18 +113,17 @@ public class StagingManager { 
     * Validates the signature used to sign the container of the new apex package

     *

     * @param newApexPkg The new apex package that is being installed

     * @param installFlags flags related to the session

     * @throws PackageManagerException

     */

    private void validateApexSignature(PackageInfo newApexPkg, int installFlags)

    private void validateApexSignature(PackageInfo newApexPkg)

            throws PackageManagerException {

        // Get signing details of the new package

        final String apexPath = newApexPkg.applicationInfo.sourceDir;

        final String packageName = newApexPkg.packageName;



        final SigningDetails signingDetails;

        final SigningDetails newSigningDetails;

        try {

            signingDetails = ApkSignatureVerifier.verify(apexPath, SignatureSchemeVersion.JAR);

            newSigningDetails = ApkSignatureVerifier.verify(apexPath, SignatureSchemeVersion.JAR);

        } catch (PackageParserException e) {

            throw new PackageManagerException(SessionInfo.STAGED_SESSION_VERIFICATION_FAILED,

                    "Failed to parse APEX package " + apexPath, e);
@@ -149,16 +148,10 @@ public class StagingManager { 
        }



        // Verify signing details for upgrade

        if (signingDetails.checkCapability(existingSigningDetails,

                PackageParser.SigningDetails.CertCapabilities.INSTALLED_DATA)) {

            return;

        }



        // Verify signing details for downgrade

        // Allow downgrading from B to A iff it is possible to upgrade from A to B

        if (existingApexPkg.getLongVersionCode() > newApexPkg.getLongVersionCode()

                && existingSigningDetails.checkCapability(signingDetails,

                        PackageParser.SigningDetails.CertCapabilities.INSTALLED_DATA)) {

        if (newSigningDetails.checkCapability(existingSigningDetails,

                SigningDetails.CertCapabilities.INSTALLED_DATA)

                || existingSigningDetails.checkCapability(newSigningDetails,

                SigningDetails.CertCapabilities.ROLLBACK)) {

            return;

        }
@@ -825,8 +818,7 @@ public class StagingManager { 
                    final List<PackageInfo> apexPackages =

                            submitSessionToApexService(session);

                    for (PackageInfo apexPackage : apexPackages) {

                        validateApexSignature(

                                apexPackage, session.params.installFlags);

                        validateApexSignature(apexPackage);

                    }

                } catch (PackageManagerException e) {

                    session.setStagedSessionFailed(e.error, e.getMessage());