Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge change 21044

Browse Source 
* changes:
  Add new API to compare certs of two UIDs.
This commit is contained in:
Android (Google) Code Review
2009-08-12 21:53:24 -07:00
parent 168173a698 766cbfe44b
commit d0fc3dded2
6 changed files with 119 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
api/current.xml
View File

@@ -37880,6 +37880,21 @@
<parameter name="pkg2" type="java.lang.String">
</parameter>
</method>
<method name="checkSignatures"
return="int"
abstract="true"
native="false"
synchronized="false"
static="false"
final="false"
deprecated="not deprecated"
visibility="public"
>
<parameter name="uid1" type="int">
</parameter>
<parameter name="uid2" type="int">
</parameter>
</method>
<method name="clearPackagePreferredActivities"
return="void"
abstract="true"
@@ -121998,6 +122013,21 @@
<parameter name="pkg2" type="java.lang.String">
</parameter>
</method>
<method name="checkSignatures"
return="int"
abstract="false"
native="false"
synchronized="false"
static="false"
final="false"
deprecated="not deprecated"
visibility="public"
>
<parameter name="uid1" type="int">
</parameter>
<parameter name="uid2" type="int">
</parameter>
</method>
<method name="clearPackagePreferredActivities"
return="void"
abstract="false"

9
core/java/android/app/ApplicationContext.java
View File

@@ -1663,6 +1663,15 @@ class ApplicationContext extends Context {
}
}
@Override
public int checkSignatures(int uid1, int uid2) {
try {
return mPM.checkUidSignatures(uid1, uid2);
} catch (RemoteException e) {
throw new RuntimeException("Package manager has died", e);
}
}
@Override
public String[] getPackagesForUid(int uid) {
try {

2
core/java/android/content/pm/IPackageManager.aidl
View File

@@ -75,6 +75,8 @@ interface IPackageManager {
int checkSignatures(String pkg1, String pkg2);
int checkUidSignatures(int uid1, int uid2);
String[] getPackagesForUid(int uid);
String getNameForUid(int uid);

29
core/java/android/content/pm/PackageManager.java
View File

@@ -865,6 +865,7 @@ public abstract class PackageManager {
* {@link #SIGNATURE_SECOND_NOT_SIGNED}, {@link #SIGNATURE_NO_MATCH},
* or {@link #SIGNATURE_UNKNOWN_PACKAGE}.
*
* @see #checkSignatures(int, int)
* @see #SIGNATURE_MATCH
* @see #SIGNATURE_NEITHER_SIGNED
* @see #SIGNATURE_FIRST_NOT_SIGNED
@@ -874,6 +875,34 @@ public abstract class PackageManager {
*/
public abstract int checkSignatures(String pkg1, String pkg2);
/**
* Like {@link #checkSignatures(String, String)}, but takes UIDs of
* the two packages to be checked. This can be useful, for example,
* when doing the check in an IPC, where the UID is the only identity
* available. It is functionally identical to determining the package
* associated with the UIDs and checking their signatures.
*
* @param pkg1 First UID whose signature will be compared.
* @param pkg2 Second UID whose signature will be compared.
* @return Returns an integer indicating whether there is a matching
* signature: the value is >= 0 if there is a match (or neither package
* is signed), or < 0 if there is not a match. The match result can be
* further distinguished with the success (>= 0) constants
* {@link #SIGNATURE_MATCH}, {@link #SIGNATURE_NEITHER_SIGNED}; or
* failure (< 0) constants {@link #SIGNATURE_FIRST_NOT_SIGNED},
* {@link #SIGNATURE_SECOND_NOT_SIGNED}, {@link #SIGNATURE_NO_MATCH},
* or {@link #SIGNATURE_UNKNOWN_PACKAGE}.
*
* @see #checkSignatures(int, int)
* @see #SIGNATURE_MATCH
* @see #SIGNATURE_NEITHER_SIGNED
* @see #SIGNATURE_FIRST_NOT_SIGNED
* @see #SIGNATURE_SECOND_NOT_SIGNED
* @see #SIGNATURE_NO_MATCH
* @see #SIGNATURE_UNKNOWN_PACKAGE
*/
public abstract int checkSignatures(int uid1, int uid2);
/**
* Retrieve the names of all packages that are associated with a particular
* user id. In most cases, this will be a single package name, the package

55
services/java/com/android/server/PackageManagerService.java
View File

@@ -1138,25 +1138,57 @@ class PackageManagerService extends IPackageManager.Stub {
|| p2 == null || p2.mExtras == null) {
return PackageManager.SIGNATURE_UNKNOWN_PACKAGE;
}
return checkSignaturesLP(p1, p2);
return checkSignaturesLP(p1.mSignatures, p2.mSignatures);
}
}
int checkSignaturesLP(PackageParser.Package p1, PackageParser.Package p2) {
if (p1.mSignatures == null) {
return p2.mSignatures == null
public int checkUidSignatures(int uid1, int uid2) {
synchronized (mPackages) {
Signature[] s1;
Signature[] s2;
Object obj = mSettings.getUserIdLP(uid1);
if (obj != null) {
if (obj instanceof SharedUserSetting) {
s1 = ((SharedUserSetting)obj).signatures.mSignatures;
} else if (obj instanceof PackageSetting) {
s1 = ((PackageSetting)obj).signatures.mSignatures;
} else {
return PackageManager.SIGNATURE_UNKNOWN_PACKAGE;
}
} else {
return PackageManager.SIGNATURE_UNKNOWN_PACKAGE;
}
obj = mSettings.getUserIdLP(uid2);
if (obj != null) {
if (obj instanceof SharedUserSetting) {
s2 = ((SharedUserSetting)obj).signatures.mSignatures;
} else if (obj instanceof PackageSetting) {
s2 = ((PackageSetting)obj).signatures.mSignatures;
} else {
return PackageManager.SIGNATURE_UNKNOWN_PACKAGE;
}
} else {
return PackageManager.SIGNATURE_UNKNOWN_PACKAGE;
}
return checkSignaturesLP(s1, s2);
}
}
int checkSignaturesLP(Signature[] s1, Signature[] s2) {
if (s1 == null) {
return s2 == null
? PackageManager.SIGNATURE_NEITHER_SIGNED
: PackageManager.SIGNATURE_FIRST_NOT_SIGNED;
}
if (p2.mSignatures == null) {
if (s2 == null) {
return PackageManager.SIGNATURE_SECOND_NOT_SIGNED;
}
final int N1 = p1.mSignatures.length;
final int N2 = p2.mSignatures.length;
final int N1 = s1.length;
final int N2 = s2.length;
for (int i=0; i<N1; i++) {
boolean match = false;
for (int j=0; j<N2; j++) {
if (p1.mSignatures[i].equals(p2.mSignatures[j])) {
if (s1[i].equals(s2[j])) {
match = true;
break;
}
@@ -2907,9 +2939,9 @@ class PackageManagerService extends IPackageManager.Stub {
allowed = true;
} else if (p.info.protectionLevel == PermissionInfo.PROTECTION_SIGNATURE
|| p.info.protectionLevel == PermissionInfo.PROTECTION_SIGNATURE_OR_SYSTEM) {
allowed = (checkSignaturesLP(p.owner, pkg)
allowed = (checkSignaturesLP(p.owner.mSignatures, pkg.mSignatures)
== PackageManager.SIGNATURE_MATCH)
|| (checkSignaturesLP(mPlatformPackage, pkg)
|| (checkSignaturesLP(mPlatformPackage.mSignatures, pkg.mSignatures)
== PackageManager.SIGNATURE_MATCH);
if (p.info.protectionLevel == PermissionInfo.PROTECTION_SIGNATURE_OR_SYSTEM) {
if ((pkg.applicationInfo.flags&ApplicationInfo.FLAG_SYSTEM) != 0) {
@@ -3556,7 +3588,8 @@ class PackageManagerService extends IPackageManager.Stub {
// First find the old package info and check signatures
synchronized(mPackages) {
oldPackage = mPackages.get(pkgName);
if(checkSignaturesLP(pkg, oldPackage) != PackageManager.SIGNATURE_MATCH) {
if(checkSignaturesLP(pkg.mSignatures, oldPackage.mSignatures)
!= PackageManager.SIGNATURE_MATCH) {
res.returnCode = PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES;
return;
}

5
test-runner/android/test/mock/MockPackageManager.java
View File

@@ -138,6 +138,11 @@ public class MockPackageManager extends PackageManager {
throw new UnsupportedOperationException();
}
@Override
public int checkSignatures(int uid1, int uid2) {
throw new UnsupportedOperationException();
}
@Override
public String[] getPackagesForUid(int uid) {
throw new UnsupportedOperationException();