Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / 1dbe6d02849cb4af87bbd26b7537e11badead3b1
commit1dbe6d02849cb4af87bbd26b7537e11badead3b1[log] [tgz]
authorDan Cashman <dcashman@google.com>Tue Jan 23 11:18:28 2018 -0800
committerDan Cashman <dcashman@google.com>Tue Jan 30 16:59:31 2018 -0800
tree9e0f2ec09d4f7f35a564874515759fac8f894a25
parenta656b8bf9fddf18c506a4f59989d55b9eb6abaa8 [diff]
Add key rotation.

Change certificate checks to also consider the possibility of
signing certificate rotation by checking the
SigningDetails#pastSigningCertificates field.  In particular, add a
SigningDetails#checkCapability method which reports whether or not
the older SigningDetails is an ancestor of the current one, and
queries whether or not the old one has been granted capabilities,
such as being a sharedUser.

Bug: 64686581
Test: Builds, boots, browser and camera work, all with v3 signing.

Change-Id: I4199ff3f2d9ae959325b117b28e666ae31889800
9 files changed
tree: 9e0f2ec09d4f7f35a564874515759fac8f894a25
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. telecomm/
  26. telephony/
  27. test-base/
  28. test-mock/
  29. test-runner/
  30. tests/
  31. tools/
  32. vr/
  33. wifi/
  34. Android.bp
  35. Android.mk
  36. CleanSpec.mk
  37. MODULE_LICENSE_APACHE2
  38. NOTICE
  39. pathmap.mk
  40. PREUPLOAD.cfg