commit 610d0967549a45b79ef6fdd01c004777c59c883b
author Mathew Inwood <mathewi@google.com> Tue Jan 15 11:50:28 2019 +0000
committer Mathew Inwood <mathewi@google.com> Tue Jan 15 11:54:18 2019 +0000
tree 00f60d88a8c277d54315bff5e84737f7cf87ee82
parent 45942518a5f7a94ae90c9e0204dc3cdc891fc7d7

Log the fact that we don't have a prod key.

Hopefully this will never happen, but better to know if it does.

Test: atest SignedConfigHostTest
Bug: 122579497
Change-Id: I4ecdf94f7963728aecf17a448c7bfbc7dbd5f39e

cmds/statsd/src/atoms.proto

diff --git a/cmds/statsd/src/atoms.proto b/cmds/statsd/src/atoms.proto
index f9828a2..0fa7cff 100644
--- a/cmds/statsd/src/atoms.proto
+++ b/cmds/statsd/src/atoms.proto
@@ -3884,6 +3884,7 @@
         OLD_CONFIG = 6;
         SIGNATURE_CHECK_FAILED = 7;
         NOT_APPLICABLE = 8;
+        SIGNATURE_CHECK_FAILED_PROD_KEY_ABSENT = 9;
     }
     optional Status status = 2;
 

services/core/java/com/android/server/signedconfig/SignatureVerifier.java

diff --git a/services/core/java/com/android/server/signedconfig/SignatureVerifier.java b/services/core/java/com/android/server/signedconfig/SignatureVerifier.java
index fcf40cf..56db32a 100644
--- a/services/core/java/com/android/server/signedconfig/SignatureVerifier.java
+++ b/services/core/java/com/android/server/signedconfig/SignatureVerifier.java
@@ -119,6 +119,8 @@
         }
         if (mProdKey ==  null) {
             Slog.e(TAG, "No prod key; construction failed?");
+            mEvent.status =
+                    StatsLog.SIGNED_CONFIG_REPORTED__STATUS__SIGNATURE_CHECK_FAILED_PROD_KEY_ABSENT;
             return false;
         }
         if (verifyWithPublicKey(mProdKey, data, signature)) {