Merge "InstantAppRegistry: adjust backwards compat cookie sig check." into pi-dev

am: 4a17a574f6

Change-Id: I8e45fcfec81859be5a7e19dba4a82e505827b958

1 files changed, 6 insertions, 4 deletions

diff --git a/services/core/java/com/android/server/pm/InstantAppRegistry.java b/services/core/java/com/android/server/pm/InstantAppRegistry.java
index fb81ebfec67e..fde13acb8f38 100644
--- a/services/core/java/com/android/server/pm/InstantAppRegistry.java
+++ b/services/core/java/com/android/server/pm/InstantAppRegistry.java
@@ -312,12 +312,14 @@ class InstantAppRegistry {
                 return;
             }
 
-            // For backwards compatibility we accept match based on first signature only in the case
-            // of multiply-signed packagse
+            // For backwards compatibility we accept match based on any signature, since we may have
+            // recorded only the first for multiply-signed packages
             final String[] signaturesSha256Digests =
                     PackageUtils.computeSignaturesSha256Digests(pkg.mSigningDetails.signatures);
-            if (signaturesSha256Digests[0].equals(currentCookieSha256)) {
-                return;
+            for (String s : signaturesSha256Digests) {
+                if (s.equals(currentCookieSha256)) {
+                    return;
+                }
             }
 
             // Sorry, you are out of luck - different signatures - nuke data