Signature policy for overlayable items Add encoding/decoding of new policy for overlays. Signature enforces that an overlay package is signed with the same key as the actor of the target resource, so that an overlay can be installed by the user as a normal app but restricted to those built by the author of the actor (which can be the same as the target). This also enforces that a valid policy is specified. This doesn't implement the actors nor the signature check. Bug: 119402606 Test: ResourceParserTest ParseOverlayablePolicy Test: ProtoSerializerTest SerializeAndDeserializeOverlayable Test: aapt2_tests Change-Id: I8495ad790c2ebd51759bc6eba81149680c209475

commit: b2d7f5343d341c86887d20c61e10fdf8975150de [log] [tgz]
author: Winson <chiuwinson@google.com> Mon Feb 04 16:32:43 2019 -0800
committer: Winson <chiuwinson@google.com> Thu Feb 14 10:07:13 2019 -0800
tree: 8510de4a0261af65514bb61ba3d8f4328385d518
parent: c20de15455a9551cf290722c502dd3f7d8fb27cb [diff] [blame]
diff --git a/tools/aapt2/ResourceTable.h b/tools/aapt2/ResourceTable.h
index 7ca99ea..32dfd26 100644
--- a/tools/aapt2/ResourceTable.h
+++ b/tools/aapt2/ResourceTable.h

@@ -92,6 +92,9 @@
 
     // The resource can be overlaid by any overlay on the product partition.
     kProduct = 0x08,
+
+    // The resource can be overlaid by any overlay signed with the same signature as its actor.
+    kSignature = 0x010,
   };
 
   std::shared_ptr<Overlayable> overlayable;
commit	b2d7f5343d341c86887d20c61e10fdf8975150de	[log] [tgz]
author	Winson <chiuwinson@google.com>	Mon Feb 04 16:32:43 2019 -0800
committer	Winson <chiuwinson@google.com>	Thu Feb 14 10:07:13 2019 -0800
tree	8510de4a0261af65514bb61ba3d8f4328385d518
parent	c20de15455a9551cf290722c502dd3f7d8fb27cb [diff] [blame]