Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c1b8da33 authored by Jay Thomas Sullivan's avatar Jay Thomas Sullivan
Browse files

[ECM] Strip colons from sha256-cert-digest 

Strip colons from the "sha256-cert-digest" XML attribute of the
recently introduced <enhanced-confirmation-trusted-package> and
<enhanced-confirmation-trusted-installer> SysConfig XML elements,
in effect making colons optional.

The reason for this is that, while we've documented this attribute to
be of the form:

    sha256-cert-digest="E9:7A:BC:2C:D1:..."

...the parsing code, android.content.pm.Signature, expects zero colons.

Fix: 323603510
Test: atest SystemConfigTest
Change-Id: Ida7a49ece110fa66de65fbe966e180a40f974a5e
parent de9c3b36

services/core/java/com/android/server/SystemConfig.java

+1 −1
Original line number Diff line number Diff line
@@ -1676,7 +1676,7 @@ public class SystemConfig { 
        }

        byte[] certificateDigest = null;

        try {

            certificateDigest = new Signature(certificateDigestStr).toByteArray();

            certificateDigest = new Signature(certificateDigestStr.replace(":", "")).toByteArray();

        } catch (IllegalArgumentException e) {

            Slog.w(TAG, "<" + elementName + "> with invalid sha256-cert-digest in "

                    + permFile + " at " + parser.getPositionDescription());

services/tests/servicestests/src/com/android/server/systemconfig/SystemConfigTest.java

+2 −3
Original line number Diff line number Diff line
@@ -39,7 +39,6 @@ import androidx.test.runner.AndroidJUnit4; 
import com.android.server.SystemConfig;



import org.junit.Before;

import org.junit.Ignore;

import org.junit.Rule;

import org.junit.Test;

import org.junit.rules.TemporaryFolder;
@@ -711,14 +710,14 @@ public class SystemConfigTest { 
    @Test

    @RequiresFlagsEnabled(

            android.permission.flags.Flags.FLAG_ENHANCED_CONFIRMATION_MODE_APIS_ENABLED)

    @Ignore("b/323603510")

    public void getEnhancedConfirmationTrustedInstallers_returnsTrustedInstallers()

            throws IOException {

        String pkgName = "com.example.app";

        String certificateDigestStr = "E9:7A:BC:2C:D1:CA:8D:58:6A:57:0B:8C:F8:60:AA:D2:"

                + "8D:13:30:2A:FB:C9:00:2C:5D:53:B2:6C:09:A4:85:A0";



        byte[] certificateDigest = new Signature(certificateDigestStr).toByteArray();

        byte[] certificateDigest = new Signature(certificateDigestStr.replace(":", ""))

                .toByteArray();

        String contents = "<config>"

                + "<" + "enhanced-confirmation-trusted-installer" + " "

                + "package=\"" + pkgName + "\""