Merge "Two API changes:"

  public abstract class IntegrityFormula {

    method @NonNull public static android.content.integrity.IntegrityFormula all(@NonNull android.content.integrity.IntegrityFormula...);

    method @NonNull public static android.content.integrity.IntegrityFormula any(@NonNull android.content.integrity.IntegrityFormula...);

    method @NonNull public android.content.integrity.IntegrityFormula equalTo(@NonNull String);

    method @NonNull public android.content.integrity.IntegrityFormula equalTo(boolean);

    method @NonNull public android.content.integrity.IntegrityFormula equalTo(long);

    method @NonNull public android.content.integrity.IntegrityFormula greaterThan(long);

    method @NonNull public android.content.integrity.IntegrityFormula greaterThanOrEquals(long);

    method @NonNull public static android.content.integrity.IntegrityFormula not(@NonNull android.content.integrity.IntegrityFormula);

    field @NonNull public static final android.content.integrity.IntegrityFormula APP_CERTIFICATE;

    field @NonNull public static final android.content.integrity.IntegrityFormula INSTALLER_CERTIFICATE;

    field @NonNull public static final android.content.integrity.IntegrityFormula INSTALLER_NAME;

    field @NonNull public static final android.content.integrity.IntegrityFormula PACKAGE_NAME;

    field @NonNull public static final android.content.integrity.IntegrityFormula PRE_INSTALLED;

    field @NonNull public static final android.content.integrity.IntegrityFormula VERSION_CODE;

  }

  public static final class IntegrityFormula.Application {

    method @NonNull public static android.content.integrity.IntegrityFormula certificatesContain(@NonNull String);

    method @NonNull public static android.content.integrity.IntegrityFormula isPreInstalled();

    method @NonNull public static android.content.integrity.IntegrityFormula packageNameEquals(@NonNull String);

    method @NonNull public static android.content.integrity.IntegrityFormula versionCodeEquals(@NonNull long);

    method @NonNull public static android.content.integrity.IntegrityFormula versionCodeGreaterThan(@NonNull long);

    method @NonNull public static android.content.integrity.IntegrityFormula versionCodeGreaterThanOrEqualTo(@NonNull long);

  }

  public static final class IntegrityFormula.Installer {

    method @NonNull public static android.content.integrity.IntegrityFormula certificatesContain(@NonNull String);

    method @NonNull public static android.content.integrity.IntegrityFormula notAllowedByManifest();

    method @NonNull public static android.content.integrity.IntegrityFormula packageNameEquals(@NonNull String);

  }

  public final class Rule implements android.os.Parcelable {

  public abstract class IntegrityFormula {

    method @NonNull public static android.content.integrity.IntegrityFormula all(@NonNull android.content.integrity.IntegrityFormula...);

    method @NonNull public static android.content.integrity.IntegrityFormula any(@NonNull android.content.integrity.IntegrityFormula...);

    method @NonNull public android.content.integrity.IntegrityFormula equalTo(@NonNull String);

    method @NonNull public android.content.integrity.IntegrityFormula equalTo(boolean);

    method @NonNull public android.content.integrity.IntegrityFormula equalTo(long);

    method @NonNull public android.content.integrity.IntegrityFormula greaterThan(long);

    method @NonNull public android.content.integrity.IntegrityFormula greaterThanOrEquals(long);

    method @NonNull public static android.content.integrity.IntegrityFormula not(@NonNull android.content.integrity.IntegrityFormula);

    field @NonNull public static final android.content.integrity.IntegrityFormula APP_CERTIFICATE;

    field @NonNull public static final android.content.integrity.IntegrityFormula INSTALLER_CERTIFICATE;

    field @NonNull public static final android.content.integrity.IntegrityFormula INSTALLER_NAME;

    field @NonNull public static final android.content.integrity.IntegrityFormula PACKAGE_NAME;

    field @NonNull public static final android.content.integrity.IntegrityFormula PRE_INSTALLED;

    field @NonNull public static final android.content.integrity.IntegrityFormula VERSION_CODE;

  }

  public static final class IntegrityFormula.Application {

    method @NonNull public static android.content.integrity.IntegrityFormula certificatesContain(@NonNull String);

    method @NonNull public static android.content.integrity.IntegrityFormula isPreInstalled();

    method @NonNull public static android.content.integrity.IntegrityFormula packageNameEquals(@NonNull String);

    method @NonNull public static android.content.integrity.IntegrityFormula versionCodeEquals(@NonNull long);

    method @NonNull public static android.content.integrity.IntegrityFormula versionCodeGreaterThan(@NonNull long);

    method @NonNull public static android.content.integrity.IntegrityFormula versionCodeGreaterThanOrEqualTo(@NonNull long);

  }

  public static final class IntegrityFormula.Installer {

    method @NonNull public static android.content.integrity.IntegrityFormula certificatesContain(@NonNull String);

    method @NonNull public static android.content.integrity.IntegrityFormula notAllowedByManifest();

    method @NonNull public static android.content.integrity.IntegrityFormula packageNameEquals(@NonNull String);

  }

  public final class Rule implements android.os.Parcelable {

import android.annotation.NonNull;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

import java.util.Objects;

/**

    private final List<String> mInstallerCertificates;

    private final long mVersionCode;

    private final boolean mIsPreInstalled;

    private final Map<String, String> mAllowedInstallersAndCertificates;

    private AppInstallMetadata(Builder builder) {

        this.mPackageName = builder.mPackageName;

        this.mInstallerCertificates = builder.mInstallerCertificates;

        this.mVersionCode = builder.mVersionCode;

        this.mIsPreInstalled = builder.mIsPreInstalled;

        this.mAllowedInstallersAndCertificates = builder.mAllowedInstallersAndCertificates;

    }

    @NonNull

        return mIsPreInstalled;

    }

    /**

     * Get the allowed installers and their corresponding cert.

     */

    public Map<String, String> getAllowedInstallersAndCertificates() {

        return mAllowedInstallersAndCertificates;

    }

    @Override

    public String toString() {

        return String.format(

        private List<String> mInstallerCertificates;

        private long mVersionCode;

        private boolean mIsPreInstalled;

        private Map<String, String> mAllowedInstallersAndCertificates;

        public Builder() {

            mAllowedInstallersAndCertificates = new HashMap<>();

        }

        /**

         * Add allowed installers and cert.

         *

         * @see AppInstallMetadata#getAllowedInstallersAndCertificates()

         */

        @NonNull

        public Builder setAllowedInstallersAndCert(

                @NonNull Map<String, String> allowedInstallersAndCertificates) {

            this.mAllowedInstallersAndCertificates = allowedInstallersAndCertificates;

            return this;

        }

        /**

         * Set package name of the app to be installed.

                    PRE_INSTALLED,

            })

    @Retention(RetentionPolicy.SOURCE)

    public @interface Key {

    }

    public @interface Key {}

    /** @hide */

    @IntDef(value = {EQ, GT, GTE})

    @Retention(RetentionPolicy.SOURCE)

    public @interface Operator {

    }

    public @interface Operator {}

    /**

     * Package name of the app.

                            "Key %s cannot be used with StringAtomicFormula", keyToString(key)));

            mValue = hashValue(key, value);

            mIsHashedValue =

                    key == APP_CERTIFICATE || key == INSTALLER_CERTIFICATE

                    key == APP_CERTIFICATE

                            || key == INSTALLER_CERTIFICATE

                            ? true

                            : !mValue.equals(value);

        }

/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.content.integrity;

import java.util.Map;

/**

 * An atomic formula that evaluates to true if the installer of the current install is specified in

 * the "allowed installer" field in the android manifest. Note that an empty "allowed installer" by

 * default means containing all possible installers.

 *

 * @hide

 */

public class InstallerAllowedByManifestFormula extends IntegrityFormula {

    @Override

    public int getTag() {

        return IntegrityFormula.INSTALLER_ALLOWED_BY_MANIFEST_FORMULA_TAG;

    }

    @Override

    public boolean matches(AppInstallMetadata appInstallMetadata) {

        Map<String, String> allowedInstallersAndCertificates =

                appInstallMetadata.getAllowedInstallersAndCertificates();

        return allowedInstallersAndCertificates.isEmpty()

                || installerInAllowedInstallersFromManifest(

                appInstallMetadata, allowedInstallersAndCertificates);

    }

    @Override

    public boolean isAppCertificateFormula() {

        return false;

    }

    @Override

    public boolean isInstallerFormula() {

        return true;

    }

    private static boolean installerInAllowedInstallersFromManifest(

            AppInstallMetadata appInstallMetadata,

            Map<String, String> allowedInstallersAndCertificates) {

        return allowedInstallersAndCertificates.containsKey(appInstallMetadata.getInstallerName())

                && appInstallMetadata.getInstallerCertificates()

                .contains(

                        allowedInstallersAndCertificates

                        .get(appInstallMetadata.getInstallerName()));

    }

}