diff options
| author | 2020-06-18 16:13:30 +0000 | |
|---|---|---|
| committer | 2020-06-18 16:13:30 +0000 | |
| commit | 67cb3a610d404a0248113ef70c3066a1c82ec15c (patch) | |
| tree | 1ff33096476eaa82bfea9a37820ca660e859bbaf | |
| parent | 9040427ff8d9f7df97792264622b16526637286c (diff) | |
| parent | b71e39893596a7aa6a8733b9add83452c57b7df9 (diff) | |
Merge "Relax minimum signature scheme version for apps on system partition" into rvc-dev
3 files changed, 19 insertions, 13 deletions
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java index 885ffbac3d30..70e4e6cbf622 100644 --- a/core/java/android/content/pm/PackageParser.java +++ b/core/java/android/content/pm/PackageParser.java @@ -1377,9 +1377,11 @@ public class PackageParser { } SigningDetails verified; if (skipVerify) { - // systemDir APKs are already trusted, save time by not verifying + // systemDir APKs are already trusted, save time by not verifying; since the signature + // is not verified and some system apps can have their V2+ signatures stripped allow + // pulling the certs from the jar signature. verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification( - apkPath, minSignatureScheme); + apkPath, SigningDetails.SignatureSchemeVersion.JAR); } else { verified = ApkSignatureVerifier.verify(apkPath, minSignatureScheme); } diff --git a/core/java/android/content/pm/parsing/ParsingPackageUtils.java b/core/java/android/content/pm/parsing/ParsingPackageUtils.java index 317107829623..bc9c71e7a68e 100644 --- a/core/java/android/content/pm/parsing/ParsingPackageUtils.java +++ b/core/java/android/content/pm/parsing/ParsingPackageUtils.java @@ -2748,9 +2748,11 @@ public class ParsingPackageUtils { SigningDetails verified; try { if (skipVerify) { - // systemDir APKs are already trusted, save time by not verifying + // systemDir APKs are already trusted, save time by not verifying; since the + // signature is not verified and some system apps can have their V2+ signatures + // stripped allow pulling the certs from the jar signature. verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification( - baseCodePath, minSignatureScheme); + baseCodePath, SigningDetails.SignatureSchemeVersion.JAR); } else { verified = ApkSignatureVerifier.verify(baseCodePath, minSignatureScheme); } diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 13145d00274f..5125c491cf2b 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -12148,15 +12148,17 @@ public class PackageManagerService extends IPackageManager.Stub } } - // Ensure the package is signed with at least the minimum signature scheme version - // required for its target SDK. - int minSignatureSchemeVersion = - ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk( - pkg.getTargetSdkVersion()); - if (pkg.getSigningDetails().signatureSchemeVersion < minSignatureSchemeVersion) { - throw new PackageManagerException(INSTALL_PARSE_FAILED_NO_CERTIFICATES, - "No signature found in package of version " + minSignatureSchemeVersion - + " or newer for package " + pkg.getPackageName()); + // If the package is not on a system partition ensure it is signed with at least the + // minimum signature scheme version required for its target SDK. + if ((parseFlags & PackageParser.PARSE_IS_SYSTEM_DIR) == 0) { + int minSignatureSchemeVersion = + ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk( + pkg.getTargetSdkVersion()); + if (pkg.getSigningDetails().signatureSchemeVersion < minSignatureSchemeVersion) { + throw new PackageManagerException(INSTALL_PARSE_FAILED_NO_CERTIFICATES, + "No signature found in package of version " + minSignatureSchemeVersion + + " or newer for package " + pkg.getPackageName()); + } } } } |