diff options
| author | 2022-03-08 00:42:19 +0000 | |
|---|---|---|
| committer | 2022-03-08 00:42:19 +0000 | |
| commit | a64720dab3ab668d52a221d1dedda7341b471d8b (patch) | |
| tree | 40a281e0c44d5a262ccb9ec0b1f0c5ab8e2a39e9 | |
| parent | abee835c34c4bb0138f10582d400e916aeada13d (diff) | |
| parent | 26e383f664475395659ac360695917a725344086 (diff) | |
Merge "Revert "[automerge] [DO NOT MERGE]Revert "Relax minimum signatur..."" into sc-v2-dev-plus-aosp
3 files changed, 19 insertions, 13 deletions
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java index f54d9a76d02d..4ff26242dab2 100644 --- a/core/java/android/content/pm/PackageParser.java +++ b/core/java/android/content/pm/PackageParser.java @@ -1401,9 +1401,11 @@ public class PackageParser { } SigningDetails verified; if (skipVerify) { - // systemDir APKs are already trusted, save time by not verifying + // systemDir APKs are already trusted, save time by not verifying; since the signature + // is not verified and some system apps can have their V2+ signatures stripped allow + // pulling the certs from the jar signature. verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification( - apkPath, minSignatureScheme); + apkPath, SigningDetails.SignatureSchemeVersion.JAR); } else { verified = ApkSignatureVerifier.verify(apkPath, minSignatureScheme); } diff --git a/core/java/android/content/pm/parsing/ParsingPackageUtils.java b/core/java/android/content/pm/parsing/ParsingPackageUtils.java index e1d34dc3f622..dce242c9d87c 100644 --- a/core/java/android/content/pm/parsing/ParsingPackageUtils.java +++ b/core/java/android/content/pm/parsing/ParsingPackageUtils.java @@ -3038,9 +3038,11 @@ public class ParsingPackageUtils { SigningDetails verified; try { if (skipVerify) { - // systemDir APKs are already trusted, save time by not verifying + // systemDir APKs are already trusted, save time by not verifying; since the + // signature is not verified and some system apps can have their V2+ signatures + // stripped allow pulling the certs from the jar signature. verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification( - baseCodePath, minSignatureScheme); + baseCodePath, SigningDetails.SignatureSchemeVersion.JAR); } else { verified = ApkSignatureVerifier.verify(baseCodePath, minSignatureScheme); } diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index a0f3d66aac6d..94dd4beeab9b 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -15176,15 +15176,17 @@ public class PackageManagerService extends IPackageManager.Stub } } - // Ensure the package is signed with at least the minimum signature scheme version - // required for its target SDK. - int minSignatureSchemeVersion = - ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk( - pkg.getTargetSdkVersion()); - if (pkg.getSigningDetails().signatureSchemeVersion < minSignatureSchemeVersion) { - throw new PackageManagerException(INSTALL_PARSE_FAILED_NO_CERTIFICATES, - "No signature found in package of version " + minSignatureSchemeVersion - + " or newer for package " + pkg.getPackageName()); + // If the package is not on a system partition ensure it is signed with at least the + // minimum signature scheme version required for its target SDK. + if ((parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) == 0) { + int minSignatureSchemeVersion = + ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk( + pkg.getTargetSdkVersion()); + if (pkg.getSigningDetails().signatureSchemeVersion < minSignatureSchemeVersion) { + throw new PackageManagerException(INSTALL_PARSE_FAILED_NO_CERTIFICATES, + "No signature found in package of version " + minSignatureSchemeVersion + + " or newer for package " + pkg.getPackageName()); + } } } } |