Merge "[ECM] Add ECM allowlist to SystemConfig" into main

    field public static final int MATCH_STATIC_SHARED_AND_SDK_LIBRARIES = 67108864; // 0x4000000

  }

  @FlaggedApi("android.permission.flags.enhanced_confirmation_mode_apis_enabled") public class SignedPackage {

    method @NonNull public byte[] getCertificateDigest();

    method @NonNull public String getPkgName();

  }

}

package android.hardware.usb {

  public class SystemConfigManager {

    method @NonNull public java.util.List<android.content.ComponentName> getEnabledComponentOverrides(@NonNull String);

    method @FlaggedApi("android.permission.flags.enhanced_confirmation_mode_apis_enabled") @NonNull @RequiresPermission(android.Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES) public java.util.Set<android.content.pm.SignedPackage> getEnhancedConfirmationTrustedInstallers();

    method @FlaggedApi("android.permission.flags.enhanced_confirmation_mode_apis_enabled") @NonNull @RequiresPermission(android.Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES) public java.util.Set<android.content.pm.SignedPackage> getEnhancedConfirmationTrustedPackages();

  }

  public final class Trace {

/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.content.pm;

import android.annotation.FlaggedApi;

import android.annotation.NonNull;

import android.annotation.SystemApi;

import java.util.Arrays;

import java.util.Objects;

/**

 * A data class representing a package and (SHA-256 hash of) a signing certificate.

 *

 * @hide

 */

@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)

@FlaggedApi(android.permission.flags.Flags.FLAG_ENHANCED_CONFIRMATION_MODE_APIS_ENABLED)

public class SignedPackage {

    @NonNull

    private final SignedPackageParcel mData;

    /** @hide */

    public SignedPackage(@NonNull String pkgName, @NonNull byte[] certificateDigest) {

        SignedPackageParcel data = new SignedPackageParcel();

        data.pkgName = pkgName;

        data.certificateDigest = certificateDigest;

        mData = data;

    }

    /** @hide */

    public SignedPackage(@NonNull SignedPackageParcel data) {

        mData = data;

    }

    /** @hide */

    public final @NonNull SignedPackageParcel getData() {

        return mData;

    }

    public @NonNull String getPkgName() {

        return mData.pkgName;

    }

    public @NonNull byte[] getCertificateDigest() {

        return mData.certificateDigest;

    }

    @Override

    public boolean equals(Object o) {

        if (this == o) return true;

        if (!(o instanceof SignedPackage that)) return false;

        return mData.pkgName.equals(that.mData.pkgName) && Arrays.equals(mData.certificateDigest,

                that.mData.certificateDigest);

    }

    @Override

    public int hashCode() {

        return Objects.hash(mData.pkgName, Arrays.hashCode(mData.certificateDigest));

    }

}

/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.content.pm;

import android.content.ComponentName;

/** @hide */

parcelable SignedPackageParcel {

    String pkgName;

    byte[] certificateDigest;

}

package android.os;

import android.content.ComponentName;

import android.os.Bundle;

import android.content.pm.SignedPackageParcel;

/**

  * Binder interface to query SystemConfig in the system server.

     * @see SystemConfigManager#getPreventUserDisablePackages

     */

    List<String> getPreventUserDisablePackages();

    /**

     * @see SystemConfigManager#getEnhancedConfirmationTrustedPackages

     */

    List<SignedPackageParcel> getEnhancedConfirmationTrustedPackages();

    /**

     * @see SystemConfigManager#getEnhancedConfirmationTrustedInstallers

     */

    List<SignedPackageParcel> getEnhancedConfirmationTrustedInstallers();

}

package android.os;

import android.Manifest;

import android.annotation.FlaggedApi;

import android.annotation.NonNull;

import android.annotation.RequiresPermission;

import android.annotation.SystemApi;

import android.annotation.SystemService;

import android.content.ComponentName;

import android.content.Context;

import android.content.pm.SignedPackage;

import android.content.pm.SignedPackageParcel;

import android.util.ArraySet;

import android.util.Log;

import java.util.List;

import java.util.Map;

import java.util.Set;

import java.util.stream.Collectors;

/**

            throw e.rethrowFromSystemServer();

        }

    }

    /**

     * Returns a set of signed packages, represented as (packageName, certificateDigest) pairs, that

     * should be considered "trusted packages" by ECM (Enhanced Confirmation Mode).

     *

     * <p>"Trusted packages" are exempt from ECM (i.e., they will never be considered "restricted").

     *

     * <p>A package will be considered "trusted package" if and only if it *matches* least one of

     * the (*packageName*, *certificateDigest*) pairs in this set, where *matches* means satisfying

     * both of the following:

     *

     * <ol>

     *   <li>The package's name equals *packageName*

     *   <li>The package is, or was ever, signed by *certificateDigest*, according to the package's

     *       {@link android.content.pm.SigningDetails}

     * </ol>

     *

     * @hide

     */

    @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)

    @FlaggedApi(android.permission.flags.Flags.FLAG_ENHANCED_CONFIRMATION_MODE_APIS_ENABLED)

    @RequiresPermission(Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES)

    @NonNull

    public Set<SignedPackage> getEnhancedConfirmationTrustedPackages() {

        try {

            List<SignedPackageParcel> parcels = mInterface.getEnhancedConfirmationTrustedPackages();

            return parcels.stream().map(SignedPackage::new).collect(Collectors.toSet());

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

    /**

     * Returns a set of signed packages, represented as (packageName, certificateDigest) pairs, that

     * should be considered "trusted installers" by ECM (Enhanced Confirmation Mode).

     *

     * <p>"Trusted installers", and all apps installed by a trusted installer, are exempt from ECM

     * (i.e., they will never be considered "restricted").

     *

     * <p>A package will be considered a "trusted installer" if and only if it *matches* least one

     * of the (*packageName*, *certificateDigest*) pairs in this set, where *matches* means

     * satisfying both of the following:

     *

     * <ol>

     *   <li>The package's name equals *packageName*

     *   <li>The package is, or was ever, signed by *certificateDigest*, according to the package's

     *       {@link android.content.pm.SigningDetails}

     * </ol>

     *

     * @hide

     */

    @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)

    @FlaggedApi(android.permission.flags.Flags.FLAG_ENHANCED_CONFIRMATION_MODE_APIS_ENABLED)

    @RequiresPermission(Manifest.permission.MANAGE_ENHANCED_CONFIRMATION_STATES)

    @NonNull

    public Set<SignedPackage> getEnhancedConfirmationTrustedInstallers() {

        try {

            List<SignedPackageParcel> parcels =

                    mInterface.getEnhancedConfirmationTrustedInstallers();

            return parcels.stream().map(SignedPackage::new).collect(Collectors.toSet());

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

}