Merge changes from topic "verification_service_implementation" into main

    method @NonNull public java.util.List<android.content.pm.PackageInstaller.SessionInfo> getMySessions();

    method @Nullable public android.content.pm.PackageInstaller.SessionInfo getSessionInfo(int);

    method @NonNull public java.util.List<android.content.pm.PackageInstaller.SessionInfo> getStagedSessions();

    method @FlaggedApi("android.content.pm.verification_service") @Nullable public final String getVerificationServiceProvider();

    method @RequiresPermission(allOf={android.Manifest.permission.INSTALL_PACKAGES, "com.android.permission.INSTALL_EXISTING_PACKAGES"}) public void installExistingPackage(@NonNull String, int, @Nullable android.content.IntentSender);

    method @FlaggedApi("android.content.pm.archiving") @RequiresPermission(android.Manifest.permission.INSTALL_PACKAGES) public void installPackageArchived(@NonNull android.content.pm.ArchivedPackageInfo, @NonNull android.content.pm.PackageInstaller.SessionParams, @NonNull android.content.IntentSender);

    method @NonNull public android.content.pm.PackageInstaller.Session openSession(int) throws java.io.IOException;

    field @FlaggedApi("android.content.pm.archiving") public static final String EXTRA_UNARCHIVE_ID = "android.content.pm.extra.UNARCHIVE_ID";

    field @FlaggedApi("android.content.pm.archiving") public static final String EXTRA_UNARCHIVE_PACKAGE_NAME = "android.content.pm.extra.UNARCHIVE_PACKAGE_NAME";

    field @FlaggedApi("android.content.pm.archiving") public static final String EXTRA_UNARCHIVE_STATUS = "android.content.pm.extra.UNARCHIVE_STATUS";

    field @FlaggedApi("android.content.pm.verification_service") public static final String EXTRA_VERIFICATION_EXTENSION_RESPONSE = "android.content.pm.extra.VERIFICATION_EXTENSION_RESPONSE";

    field @FlaggedApi("android.content.pm.verification_service") public static final String EXTRA_VERIFICATION_FAILURE_REASON = "android.content.pm.extra.VERIFICATION_FAILURE_REASON";

    field public static final int PACKAGE_SOURCE_DOWNLOADED_FILE = 4; // 0x4

    field public static final int PACKAGE_SOURCE_LOCAL_FILE = 3; // 0x3

    field public static final int PACKAGE_SOURCE_OTHER = 1; // 0x1

    field @FlaggedApi("android.content.pm.archiving") public static final int UNARCHIVAL_ERROR_USER_ACTION_NEEDED = 1; // 0x1

    field @FlaggedApi("android.content.pm.archiving") public static final int UNARCHIVAL_GENERIC_ERROR = 100; // 0x64

    field @FlaggedApi("android.content.pm.archiving") public static final int UNARCHIVAL_OK = 0; // 0x0

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_NETWORK_UNAVAILABLE = 1; // 0x1

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED = 2; // 0x2

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_UNKNOWN = 0; // 0x0

  }

  public static final class PackageInstaller.InstallConstraints implements android.os.Parcelable {

    method @FlaggedApi("android.content.pm.sdk_dependency_installer") public void setAutoInstallDependenciesEnabled(boolean);

    method @Deprecated public void setAutoRevokePermissionsMode(boolean);

    method public void setDontKillApp(boolean);

    method @FlaggedApi("android.content.pm.verification_service") public void setExtensionParams(@NonNull android.os.PersistableBundle);

    method public void setInstallLocation(int);

    method public void setInstallReason(int);

    method public void setInstallScenario(int);

    field @FlaggedApi("android.content.pm.archiving") public static final String EXTRA_DELETE_FLAGS = "android.content.pm.extra.DELETE_FLAGS";

    field public static final String EXTRA_LEGACY_STATUS = "android.content.pm.extra.LEGACY_STATUS";

    field @Deprecated public static final String EXTRA_RESOLVED_BASE_PATH = "android.content.pm.extra.RESOLVED_BASE_PATH";

    field @FlaggedApi("android.content.pm.verification_service") public static final String EXTRA_VERIFICATION_FAILURE_REASON = "android.content.pm.extra.VERIFICATION_FAILURE_REASON";

    field public static final int LOCATION_DATA_APP = 0; // 0x0

    field public static final int LOCATION_MEDIA_DATA = 2; // 0x2

    field public static final int LOCATION_MEDIA_OBB = 1; // 0x1

    field public static final int REASON_CONFIRM_PACKAGE_CHANGE = 0; // 0x0

    field public static final int REASON_OWNERSHIP_CHANGED = 1; // 0x1

    field public static final int REASON_REMIND_OWNERSHIP = 2; // 0x2

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_NETWORK_UNAVAILABLE = 1; // 0x1

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED = 2; // 0x2

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_FAILED_REASON_UNKNOWN = 0; // 0x0

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_POLICY_BLOCK_FAIL_CLOSED = 3; // 0x3

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_POLICY_BLOCK_FAIL_OPEN = 1; // 0x1

    field @FlaggedApi("android.content.pm.verification_service") public static final int VERIFICATION_POLICY_BLOCK_FAIL_WARN = 2; // 0x2

    @EnforcePermission("VERIFICATION_AGENT")

    int getVerificationPolicy(int userId);

    @EnforcePermission("VERIFICATION_AGENT")

    boolean setVerificationPolicy(int policy, int userId);

    String getVerificationServiceProvider();

}

     * {@link Session#commit(IntentSender)}. This extra is provided only when the installation has

     * failed. Installers can use this extra to check if the installation failure was caused by a

     * verification failure.

     *

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final String EXTRA_VERIFICATION_FAILURE_REASON =

            "android.content.pm.extra.VERIFICATION_FAILURE_REASON";

    /**

     * An extra containing the response provided by the verifier to any extension

     * params provided by the installer. It will be of type {@link PersistableBundle}.

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    public static final String EXTRA_VERIFICATION_EXTENSION_RESPONSE =

            "android.content.pm.extra.VERIFICATION_EXTENSION_RESPONSE";

    /**

     * Streaming installation pending.

     * Caller should make sure DataLoader is able to prepare image and reinitiate the operation.

     * be connected. It can also corresponds to the status of

     * {@link VerificationSession#VERIFICATION_INCOMPLETE_UNKNOWN} reported by the verifier via

     * {@link VerificationSession#reportVerificationIncomplete(int)}.

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_FAILED_REASON_UNKNOWN = 0;

    /**

     * Verification failed because the network is unavailable. This corresponds to the status of

     * {@link VerificationSession#VERIFICATION_INCOMPLETE_NETWORK_UNAVAILABLE} reported by the

     * verifier via {@link VerificationSession#reportVerificationIncomplete(int)}.

     *

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_FAILED_REASON_NETWORK_UNAVAILABLE = 1;

    /**

     * Verification failed because the package is blocked, as reported by the verifier via

     * {@link VerificationSession#reportVerificationComplete(VerificationStatus)} or

     * {@link VerificationSession#reportVerificationComplete(VerificationStatus, PersistableBundle)}

     * @hide

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    @SystemApi

    public static final int VERIFICATION_FAILED_REASON_PACKAGE_BLOCKED = 2;

    /**

        }

    }

    /**

     *  Return the package name of the verification service provider, for the

     *  purpose of interacting with the specific verifier in relation to

     *  extension parameters and response structure.  Return null if the system

     *  verifier service provider is not available to the caller, or if there is no

     *  such provider specified by the system.

     */

    @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

    public final @Nullable String getVerificationServiceProvider() {

        try {

            return mInstaller.getVerificationServiceProvider();

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

    }

    /**

     * An installation that is being actively staged. For an install to succeed,

     * all existing and new packages must have identical package names, version

        public boolean forceVerification;

        /** {@hide} */

        public boolean isAutoInstallDependenciesEnabled = true;

        /** {@hide} */

        @Nullable

        public PersistableBundle extensionParams;

        private final ArrayMap<String, Integer> mPermissionStates;

            dexoptCompilerFilter = source.readString();

            forceVerification = source.readBoolean();

            isAutoInstallDependenciesEnabled = source.readBoolean();

            extensionParams = source.readPersistableBundle();

        }

        /** {@hide} */

            ret.dexoptCompilerFilter = dexoptCompilerFilter;

            ret.forceVerification = forceVerification;

            ret.isAutoInstallDependenciesEnabled = isAutoInstallDependenciesEnabled;

            ret.extensionParams = extensionParams;

            return ret;

        }

            isAutoInstallDependenciesEnabled = enableAutoInstallDependencies;

        }

        /**

         * Optionally called to provide a set of parameters to pass directly

         * to the verification service provider (a.k.a., the verifier) to

         * provide any additional context regarding the pending verification.

         * The structure of this bundle will be specific to the implementation

         * of the verifier, so callers can determine the verifier by calling

         * {@link PackageInstaller#getVerificationServiceProvider()}.

         */

        @FlaggedApi(Flags.FLAG_VERIFICATION_SERVICE)

        public void setExtensionParams(@NonNull PersistableBundle extensionParams) {

            this.extensionParams = extensionParams;

        }

        /** {@hide} */

        public void dump(IndentingPrintWriter pw) {

            pw.printPair("mode", mode);

            pw.printPair("dexoptCompilerFilter", dexoptCompilerFilter);

            pw.printPair("forceVerification", forceVerification);

            pw.printPair("isAutoInstallDependenciesEnabled", isAutoInstallDependenciesEnabled);

            pw.printPair("extensionParams", extensionParams);

            pw.println();

        }

            dest.writeString(dexoptCompilerFilter);

            dest.writeBoolean(forceVerification);

            dest.writeBoolean(isAutoInstallDependenciesEnabled);

            dest.writePersistableBundle(extensionParams);

        }

        public static final Parcelable.Creator<SessionParams>

            return mUserActionIntent;

        }

    }

}

package android.content.pm.verify.pkg;

import android.annotation.CurrentTimeMillisLong;

import android.annotation.DurationMillisLong;

import android.annotation.FlaggedApi;

import android.annotation.IntDef;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.SystemApi;

import android.content.pm.Flags;

import android.content.pm.PackageInstaller;

    private final SigningInfo mSigningInfo;

    @NonNull

    private final List<SharedLibraryInfo> mDeclaredLibraries;

    @NonNull

    @Nullable

    private final PersistableBundle mExtensionParams;

    @NonNull

    private final IVerificationSessionInterface mSession;

    public VerificationSession(int id, int installSessionId, @NonNull String packageName,

            @NonNull Uri stagedPackageUri, @NonNull SigningInfo signingInfo,

            @NonNull List<SharedLibraryInfo> declaredLibraries,

            @NonNull PersistableBundle extensionParams,

            @Nullable PersistableBundle extensionParams,

            @PackageInstaller.VerificationPolicy int defaultPolicy,

            @NonNull IVerificationSessionInterface session) {

        mId = id;

    /**

     * Returns a mapping of any shared libraries declared in the manifest

     * to the {@link SharedLibraryInfo.Type} that is declared. This will be an empty

     * map if no shared libraries are declared by the package.

     * to the {@link SharedLibraryInfo.Type} that is declared.

     * <p>This will be an empty map if no shared libraries are declared by the package.</p>

     */

    @NonNull

    public List<SharedLibraryInfo> getDeclaredLibraries() {

     */

    @NonNull

    public PersistableBundle getExtensionParams() {

        if (mExtensionParams == null) {

            return PersistableBundle.EMPTY;

        }

        return mExtensionParams;

    }

     * Get the value of Clock.elapsedRealtime() at which time this verification

     * will timeout as incomplete if no other verification response is provided.

     * @throws SecurityException if the caller is not the current verifier bound by the system.

     * @throws IllegalStateException if this is called after the session has finished, because

     * the {@link #reportVerificationComplete} or {@link #reportVerificationIncomplete} have

     * been called, or because the session has timed out.

     */

    public long getTimeoutTime() {

    public @CurrentTimeMillisLong long getTimeoutTime() {

        try {

            return mSession.getTimeoutTime(mId);

        } catch (RemoteException e) {

     * Override the verification policy for this session.

     * @return True if the override was successful, False otherwise.

     * @throws SecurityException if the caller is not the current verifier bound by the system.

     * @throws IllegalStateException if this is called after the session has finished, because

     * the {@link #reportVerificationComplete} or {@link #reportVerificationIncomplete} have

     * been called, or because the session has timed out, unless the new policy value is the same

     * as the existing one.

     */

    public boolean setVerificationPolicy(@PackageInstaller.VerificationPolicy int policy) {

        if (mVerificationPolicy == policy) {

    /**

     * Extend the timeout for this session by the provided additionalMs to

     * fetch relevant information over the network or wait for the network.

     * <p>

     * This may be called multiple times. If the request would bypass any max

     * duration by the system, the method will return a lower value than the

     * requested amount that indicates how much the time was extended.

     * </p>

     * @throws SecurityException if the caller is not the current verifier bound by the system.

     */

    public long extendTimeRemaining(long additionalMs) {

    public @DurationMillisLong long extendTimeRemaining(@DurationMillisLong long additionalMs) {

        try {

            return mSession.extendTimeRemaining(mId, additionalMs);

        } catch (RemoteException e) {

    /**

     * Report to the system that verification could not be completed along

     * with an approximate reason to pass on to the installer.]

     * with an approximate reason to pass on to the installer.

     * @throws SecurityException if the caller is not the current verifier bound by the system.

     * @throws IllegalStateException if this is called after the session has finished, because

     * this API or {@link #reportVerificationComplete} have already been called once, or because the

     * session has timed out.

     */

    public void reportVerificationIncomplete(@VerificationIncompleteReason int reason) {

        try {

     * install process may act on that status to either block in the case

     * of failure or continue to process the install in the case of success.

     * @throws SecurityException if the caller is not the current verifier bound by the system.

     * @throws IllegalStateException if this is called after the session has finished, because

     * this API or {@link #reportVerificationIncomplete} have already been called once, or because

     * the session has timed out.

     */

    public void reportVerificationComplete(@NonNull VerificationStatus status) {

        try {

     * a result to the extension params provided in the request, which will be passed to the

     * installer in the installation result.

     * @throws SecurityException if the caller is not the current verifier bound by the system.

     * @throws IllegalStateException if this is called after the session has finished, because

     * this API or {@link #reportVerificationIncomplete} have already been called once, or because

     * the session has timed out.

     */

    public void reportVerificationComplete(@NonNull VerificationStatus status,

            @NonNull PersistableBundle extensionResponse) {