Loading core/java/android/content/pm/PackageParser.java +4 −2 Original line number Diff line number Diff line Loading @@ -1414,9 +1414,11 @@ public class PackageParser { final ParseTypeImpl input = ParseTypeImpl.forDefaultParsing(); final ParseResult<android.content.pm.SigningDetails> result; if (skipVerify) { // systemDir APKs are already trusted, save time by not verifying // systemDir APKs are already trusted, save time by not verifying; since the signature // is not verified and some system apps can have their V2+ signatures stripped allow // pulling the certs from the jar signature. result = ApkSignatureVerifier.unsafeGetCertsWithoutVerification( input, apkPath, minSignatureScheme); input, apkPath, SigningDetails.SignatureSchemeVersion.JAR); } else { result = ApkSignatureVerifier.verify(input, apkPath, minSignatureScheme); } Loading services/core/java/com/android/server/pm/InstallPackageHelper.java +2 −2 Original line number Diff line number Diff line Loading @@ -4187,8 +4187,8 @@ final class InstallPackageHelper { assertOverlayIsValid(pkg, parseFlags, scanFlags); } // Ensure the package is signed with at least the minimum signature scheme version // required for its target SDK. // If the package is not on a system partition ensure it is signed with at least the // minimum signature scheme version required for its target SDK. ScanPackageUtils.assertMinSignatureSchemeIsValid(pkg, parseFlags); } } Loading services/core/java/com/android/server/pm/ScanPackageUtils.java +10 −8 Original line number Diff line number Diff line Loading @@ -690,6 +690,7 @@ final class ScanPackageUtils { public static void assertMinSignatureSchemeIsValid(AndroidPackage pkg, @ParsingPackageUtils.ParseFlags int parseFlags) throws PackageManagerException { if ((parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) == 0) { int minSignatureSchemeVersion = ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk( pkg.getTargetSdkVersion()); Loading @@ -700,6 +701,7 @@ final class ScanPackageUtils { + " or newer for package " + pkg.getPackageName()); } } } /** * Returns the "real" name of the package. Loading services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageUtils.java +4 −2 Original line number Diff line number Diff line Loading @@ -3105,9 +3105,11 @@ public class ParsingPackageUtils { } final ParseResult<SigningDetails> verified; if (skipVerify) { // systemDir APKs are already trusted, save time by not verifying // systemDir APKs are already trusted, save time by not verifying; since the // signature is not verified and some system apps can have their V2+ signatures // stripped allow pulling the certs from the jar signature. verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification(input, baseCodePath, minSignatureScheme); SigningDetails.SignatureSchemeVersion.JAR); } else { verified = ApkSignatureVerifier.verify(input, baseCodePath, minSignatureScheme); } Loading Loading
core/java/android/content/pm/PackageParser.java +4 −2 Original line number Diff line number Diff line Loading @@ -1414,9 +1414,11 @@ public class PackageParser { final ParseTypeImpl input = ParseTypeImpl.forDefaultParsing(); final ParseResult<android.content.pm.SigningDetails> result; if (skipVerify) { // systemDir APKs are already trusted, save time by not verifying // systemDir APKs are already trusted, save time by not verifying; since the signature // is not verified and some system apps can have their V2+ signatures stripped allow // pulling the certs from the jar signature. result = ApkSignatureVerifier.unsafeGetCertsWithoutVerification( input, apkPath, minSignatureScheme); input, apkPath, SigningDetails.SignatureSchemeVersion.JAR); } else { result = ApkSignatureVerifier.verify(input, apkPath, minSignatureScheme); } Loading
services/core/java/com/android/server/pm/InstallPackageHelper.java +2 −2 Original line number Diff line number Diff line Loading @@ -4187,8 +4187,8 @@ final class InstallPackageHelper { assertOverlayIsValid(pkg, parseFlags, scanFlags); } // Ensure the package is signed with at least the minimum signature scheme version // required for its target SDK. // If the package is not on a system partition ensure it is signed with at least the // minimum signature scheme version required for its target SDK. ScanPackageUtils.assertMinSignatureSchemeIsValid(pkg, parseFlags); } } Loading
services/core/java/com/android/server/pm/ScanPackageUtils.java +10 −8 Original line number Diff line number Diff line Loading @@ -690,6 +690,7 @@ final class ScanPackageUtils { public static void assertMinSignatureSchemeIsValid(AndroidPackage pkg, @ParsingPackageUtils.ParseFlags int parseFlags) throws PackageManagerException { if ((parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) == 0) { int minSignatureSchemeVersion = ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk( pkg.getTargetSdkVersion()); Loading @@ -700,6 +701,7 @@ final class ScanPackageUtils { + " or newer for package " + pkg.getPackageName()); } } } /** * Returns the "real" name of the package. Loading
services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageUtils.java +4 −2 Original line number Diff line number Diff line Loading @@ -3105,9 +3105,11 @@ public class ParsingPackageUtils { } final ParseResult<SigningDetails> verified; if (skipVerify) { // systemDir APKs are already trusted, save time by not verifying // systemDir APKs are already trusted, save time by not verifying; since the // signature is not verified and some system apps can have their V2+ signatures // stripped allow pulling the certs from the jar signature. verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification(input, baseCodePath, minSignatureScheme); SigningDetails.SignatureSchemeVersion.JAR); } else { verified = ApkSignatureVerifier.verify(input, baseCodePath, minSignatureScheme); } Loading
