Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a4a01127 authored by Michael Groover's avatar Michael Groover
Browse files

Update PM#checkSignatures to support pre-key rotation behavior 

When key rotation was added in P all of the existing signature methods
were updated to support pre-key rotation behavior (eg GET_SIGNATURES
returns the first key in the signing lineage), but checkSignatures
was not updated to support similar behavior. This commit updates
checkSignatures to check the oldest signer in the lineage, if either
of the reqested packages has one, if the existing signature check fails.
This allows a developer to compare their app signed with a rotated key
against both an app signed with the previous key as well as an app
signed with only the new key.

Bug: 153910385
Test: atest PackageManagerTests
Test: atest PackageManagerTest
Change-Id: Id0af68bab2b85dc91643551b1f5934c2b8df317f
parent 0fcab06f

core/tests/coretests/res/raw/install_app1_cert5

0 → 100644
+12.5 KiB

File added.

No diff preview for this file type.

View file

core/tests/coretests/res/raw/install_app1_cert5_rotated_cert6

0 → 100644
+16.5 KiB

File added.

No diff preview for this file type.

View file

core/tests/coretests/res/raw/install_app1_cert6

0 → 100644
+12.5 KiB

File added.

No diff preview for this file type.

View file

core/tests/coretests/res/raw/install_app2_cert5_rotated_cert6

0 → 100644
+16.5 KiB

File added.

No diff preview for this file type.

View file

core/tests/coretests/src/android/content/pm/PackageManagerTests.java

+39 −11
Original line number Diff line number Diff line
@@ -1830,27 +1830,35 @@ public class PackageManagerTests extends AndroidTestCase { 
     * The following series of tests are related to upgrading apps with

     * different certificates.

     */

    private int APP1_UNSIGNED = R.raw.install_app1_unsigned;

    private static final int APP1_UNSIGNED = R.raw.install_app1_unsigned;



    private int APP1_CERT1 = R.raw.install_app1_cert1;

    private static final int APP1_CERT1 = R.raw.install_app1_cert1;



    private int APP1_CERT2 = R.raw.install_app1_cert2;

    private static final int APP1_CERT2 = R.raw.install_app1_cert2;



    private int APP1_CERT1_CERT2 = R.raw.install_app1_cert1_cert2;

    private static final int APP1_CERT1_CERT2 = R.raw.install_app1_cert1_cert2;



    private int APP1_CERT3_CERT4 = R.raw.install_app1_cert3_cert4;

    private static final int APP1_CERT3_CERT4 = R.raw.install_app1_cert3_cert4;



    private int APP1_CERT3 = R.raw.install_app1_cert3;

    private static final int APP1_CERT3 = R.raw.install_app1_cert3;



    private int APP2_UNSIGNED = R.raw.install_app2_unsigned;

    private static final int APP1_CERT5 = R.raw.install_app1_cert5;



    private int APP2_CERT1 = R.raw.install_app2_cert1;

    private static final int APP1_CERT5_ROTATED_CERT6 = R.raw.install_app1_cert5_rotated_cert6;



    private int APP2_CERT2 = R.raw.install_app2_cert2;

    private static final int APP1_CERT6 = R.raw.install_app1_cert6;



    private int APP2_CERT1_CERT2 = R.raw.install_app2_cert1_cert2;

    private static final int APP2_UNSIGNED = R.raw.install_app2_unsigned;



    private int APP2_CERT3 = R.raw.install_app2_cert3;

    private static final int APP2_CERT1 = R.raw.install_app2_cert1;



    private static final int APP2_CERT2 = R.raw.install_app2_cert2;



    private static final int APP2_CERT1_CERT2 = R.raw.install_app2_cert1_cert2;



    private static final int APP2_CERT3 = R.raw.install_app2_cert3;



    private static final int APP2_CERT5_ROTATED_CERT6 = R.raw.install_app2_cert5_rotated_cert6;



    private InstallParams replaceCerts(int apk1, int apk2, boolean cleanUp, boolean fail,

            int retCode) throws Exception {
@@ -2472,6 +2480,26 @@ public class PackageManagerTests extends AndroidTestCase { 
        }

    }



    @LargeTest

    public void testCheckSignaturesRotatedAgainstOriginal() throws Exception {

        // checkSignatures should be backwards compatible with pre-rotation behavior; this test

        // verifies that an app signed with a rotated key results in a signature match with an app

        // signed with the original key in the lineage.

        int apk1 = APP1_CERT5;

        int apk2 = APP2_CERT5_ROTATED_CERT6;

        checkSignatures(apk1, apk2, PackageManager.SIGNATURE_MATCH);

    }



    @LargeTest

    public void testCheckSignaturesRotatedAgainstRotated() throws Exception {

        // checkSignatures should be successful when both apps have been signed with the same

        // rotated key since the initial signature comparison between the two apps should

        // return a match.

        int apk1 = APP1_CERT5_ROTATED_CERT6;

        int apk2 = APP2_CERT5_ROTATED_CERT6;

        checkSignatures(apk1, apk2, PackageManager.SIGNATURE_MATCH);

    }



    @LargeTest

    public void testInstallNoCertificates() throws Exception {

        int apk1 = APP1_UNSIGNED;