diff options
| author | 2022-02-23 20:25:08 +0000 | |
|---|---|---|
| committer | 2022-02-23 20:25:08 +0000 | |
| commit | 5d018607f6d229563010c67a2c512af6bbf488b4 (patch) | |
| tree | 0894ccca6e9360bfac902d69ce917aeebee742ea | |
| parent | a89ff2a53a20f1e07a22a88fe7c193a7002198bf (diff) | |
| parent | f084f35b7a4cdccfa9bdd9605263bbecea7b3d00 (diff) | |
Merge "Fix the bug on APP_CERTIFICATE_LINEAGE rule as we forgot to modify the binary rule parser to support the new rule." into tm-dev am: f084f35b7a
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/16988947
Change-Id: I71182894aa2f20cbbb5b1a29fa97ed1ac5e683bb
| -rw-r--r-- | services/core/java/com/android/server/integrity/parser/RuleBinaryParser.java | 1 | ||||
| -rw-r--r-- | services/tests/servicestests/src/com/android/server/integrity/parser/RuleBinaryParserTest.java | 38 |
2 files changed, 38 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/integrity/parser/RuleBinaryParser.java b/services/core/java/com/android/server/integrity/parser/RuleBinaryParser.java index a290eb3a3e2f..ea3a3d5f1c60 100644 --- a/services/core/java/com/android/server/integrity/parser/RuleBinaryParser.java +++ b/services/core/java/com/android/server/integrity/parser/RuleBinaryParser.java @@ -168,6 +168,7 @@ public class RuleBinaryParser implements RuleParser { switch (key) { case AtomicFormula.PACKAGE_NAME: case AtomicFormula.APP_CERTIFICATE: + case AtomicFormula.APP_CERTIFICATE_LINEAGE: case AtomicFormula.INSTALLER_NAME: case AtomicFormula.INSTALLER_CERTIFICATE: case AtomicFormula.STAMP_CERTIFICATE_HASH: diff --git a/services/tests/servicestests/src/com/android/server/integrity/parser/RuleBinaryParserTest.java b/services/tests/servicestests/src/com/android/server/integrity/parser/RuleBinaryParserTest.java index ab21ab05ab5f..03363a100841 100644 --- a/services/tests/servicestests/src/com/android/server/integrity/parser/RuleBinaryParserTest.java +++ b/services/tests/servicestests/src/com/android/server/integrity/parser/RuleBinaryParserTest.java @@ -71,9 +71,11 @@ public class RuleBinaryParserTest { private static final String PACKAGE_NAME = getBits(AtomicFormula.PACKAGE_NAME, KEY_BITS); private static final String APP_CERTIFICATE = getBits(AtomicFormula.APP_CERTIFICATE, KEY_BITS); + private static final String APP_CERTIFICATE_LINEAGE = + getBits(AtomicFormula.APP_CERTIFICATE_LINEAGE, KEY_BITS); private static final String VERSION_CODE = getBits(AtomicFormula.VERSION_CODE, KEY_BITS); private static final String PRE_INSTALLED = getBits(AtomicFormula.PRE_INSTALLED, KEY_BITS); - private static final int INVALID_KEY_VALUE = 8; + private static final int INVALID_KEY_VALUE = 9; private static final String INVALID_KEY = getBits(INVALID_KEY_VALUE, KEY_BITS); private static final String EQ = getBits(AtomicFormula.EQ, OPERATOR_BITS); @@ -337,6 +339,40 @@ public class RuleBinaryParserTest { } @Test + public void testBinaryString_validAtomicFormulaWithCertificateLineage() throws Exception { + String appCertificate = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + String ruleBits = + START_BIT + + ATOMIC_FORMULA_START_BITS + + APP_CERTIFICATE_LINEAGE + + EQ + + IS_HASHED + + getBits(appCertificate.length(), VALUE_SIZE_BITS) + + getValueBits(appCertificate) + + DENY + + END_BIT; + byte[] ruleBytes = getBytes(ruleBits); + ByteBuffer rule = + ByteBuffer.allocate(DEFAULT_FORMAT_VERSION_BYTES.length + ruleBytes.length); + rule.put(DEFAULT_FORMAT_VERSION_BYTES); + rule.put(ruleBytes); + + RuleParser binaryParser = new RuleBinaryParser(); + Rule expectedRule = + new Rule( + new AtomicFormula.StringAtomicFormula( + AtomicFormula.APP_CERTIFICATE_LINEAGE, + IntegrityUtils.getHexDigest( + appCertificate.getBytes(StandardCharsets.UTF_8)), + /* isHashedValue= */ true), + Rule.DENY); + + List<Rule> rules = binaryParser.parse(rule.array()); + + assertThat(rules).isEqualTo(Collections.singletonList(expectedRule)); + } + + @Test public void testBinaryString_validAtomicFormula_integerValue_noIndexing() throws Exception { int versionCode = 1; String ruleBits = |