Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / 036864b62c26a623b5ba5c4fed6d9c957da1d206
commit036864b62c26a623b5ba5c4fed6d9c957da1d206[log] [tgz]
authorAlex Buynytskyy <alexbuy@google.com>Sat Feb 08 14:26:45 2020 -0800
committerAlex Buynytskyy <alexbuy@google.com>Wed Feb 12 09:46:06 2020 -0800
tree43eefe99e174d5167271b774db8fb03e82c16cad
parentbe020f681f577e704ea113274bf4d09783129cf4 [diff]
v4 signing schema parsing and verification.

v4 is a streaming add-on to the existing v2/v3 schemas.

Flow:
- APK is signed with v2/v3 and v4 signature blocks,
- on installation, v4 signature bytes are stored next to the APK in
hidden block,
- on each read from APK, kernel verifies the v4 signature using
fs-verity-like code,
- on parsing/verification, we extract certificates from kernel and
compare them with certificates extracted from v2/v3 signature block.

By doing this we are making sure that v4 signature is produced by developer and original APK bytes are not changed.

Test: atest PkgInstallSignatureVerificationTest
Bug: b/136132412 b/133435829
Change-Id: Ia2a56c82c9864bf65e1338700dfe51abf6800deb
3 files changed
tree: 43eefe99e174d5167271b774db8fb03e82c16cad
  1. apct-tests/
  2. apex/
  3. api/
  4. cmds/
  5. config/
  6. core/
  7. data/
  8. docs/
  9. drm/
  10. graphics/
  11. identity/
  12. keystore/
  13. libs/
  14. location/
  15. lowpan/
  16. media/
  17. mime/
  18. mms/
  19. native/
  20. nfc-extras/
  21. obex/
  22. opengl/
  23. packages/
  24. proto/
  25. rs/
  26. samples/
  27. sax/
  28. services/
  29. startop/
  30. telecomm/
  31. telephony/
  32. test-base/
  33. test-legacy/
  34. test-mock/
  35. test-runner/
  36. tests/
  37. tools/
  38. wifi/
  39. .clang-format
  40. .gitignore
  41. .mailmap
  42. Android.bp
  43. Android.mk
  44. ApiDocs.bp
  45. CleanSpec.mk
  46. framework-jarjar-rules.txt
  47. MODULE_LICENSE_APACHE2
  48. NOTICE
  49. pathmap.mk
  50. PREUPLOAD.cfg
  51. StubLibraries.bp
  52. TEST_MAPPING