Android/frameworks_base - frameworks_base - BlackGit

Android/frameworks_base

Go to file

Victor Hsieh 2f2ced93e3 Verify best signature algorithms of all signers

The previous implementation does not verify signature algorithms of all
signers.  It's possible that the attacker can take an old apk (with
digest and signature of old algorithm) and add their own signer block
with new/P digest and signature.  In this case, the old implementation
only verifies the attacker's signature, thus the attacker can change apk
content easily.

The solution here is to verify digests of all best signature algorithms
by all signers.

It is expected to increase verification time, if the apk does have
multiple signers with different type of digests.

Test: apks still install
Bug: 78359754
Change-Id: I607edf219c25a2a7adfa27a21a94e9bfefbb6cec

2018-04-20 15:45:37 -07:00

apct-tests/perftests

Add memory usage tests for various scripts

2018-04-13 14:11:28 -07:00

Merge "Give CTS a way to force-poll network stats." into pi-dev am: 46e58e1b40

2018-04-20 14:07:19 -07:00

Merge "Migrate android_uiautomator generation to Soong."

2018-04-18 14:51:30 -07:00

Merge "Add intrinsics on light greylist" into pi-dev am: 9aa2a33cf3

2018-04-20 04:10:43 -07:00

Verify best signature algorithms of all signers

2018-04-20 15:45:37 -07:00

Merge "Protect usage data with OP_GET_USAGE_STATS." into pi-dev

2018-04-17 00:04:53 +00:00

Merge "Camera: update tonemap image in html doc"

2018-04-03 13:42:15 +00:00

…

graphics/java/android

Merge "Defer resizing invisible stacks while drag resizing" into pi-dev am: 5e12ebfffd

2018-04-20 08:07:53 -07:00

Merge "AttestationUtils: Request MEID explicitly" into pi-dev

2018-04-13 10:07:36 +00:00

Merge "AAPT2: Support id reference chaining from AAPT" into pi-dev am: 247ecfa498

2018-04-19 15:20:51 -07:00

Merge "Exempt tests for hidden APIs." into pi-dev am: 0e675bd901

2018-04-10 10:11:10 -07:00

Merge "Remove duplicate definitions of utility variables" am: 8d5a39ac62

2018-04-04 17:56:57 -07:00

Merge "ExifInterface: Prevent infinite loop" into pi-dev am: 6cc4575ced

2018-04-19 20:24:36 -07:00

Update native/webview OWNERS.

2018-04-16 17:29:00 -04:00

…

…

…

Merge ""Guest" icon should be a default user icon." into pi-dev am: e44eb9201f

2018-04-20 10:44:51 -07:00

Merge "Add proto constants for hidden API logging." into pi-dev am: 8182e354d8

2018-04-19 00:42:01 -07:00

Merge "docs: fixing bug 36982027 and 30636712, typos" into oc-mr1-dev

2018-03-23 22:11:38 +00:00

samples/training/network-usage

…

frameworks/base: Set LOCAL_SDK_VERSION where possible.

2018-02-28 17:15:21 +00:00

Merge "Give CTS a way to force-poll network stats." into pi-dev am: 46e58e1b40

2018-04-20 14:07:19 -07:00

Merge "Update Javadoc to clarify which calls are logged." into pi-dev am: 55399733a5

2018-04-06 09:12:18 -07:00

Merge "Cherry-pick 'Fix a tiny bug in NetworkScanRequest'"

2018-04-19 19:23:58 +00:00

Migrate android.test.base.stubs generation to Soong.

2018-04-13 14:55:16 -07:00

…

Make android.test.mock.stubs in Android.bp

2018-04-13 11:21:54 +09:00

Make android.test.mock.stubs in Android.bp

2018-04-13 11:21:54 +09:00

Merge "Add the list of private DNS addresses to LinkProperties" into pi-dev am: f12a2130a4

2018-04-20 04:59:52 -07:00

Merge "Fix fraction and dimension type in Resource.proto" into pi-dev am: 1a12311433

2018-04-20 12:39:11 -07:00

…

Merge "Exempt tests for hidden APIs." into pi-dev

2018-04-10 09:56:52 -07:00

Android.bp

Merge "Add stats logging to ServiceManager and NPMS" into pi-dev

2018-04-11 18:39:53 -07:00

Android.mk

Merge "Update docs 'since' for API 28." into pi-dev

2018-04-19 08:42:56 -07:00

CleanSpec.mk

Enforce dump permission in stats service

2018-04-16 15:04:28 -07:00

MODULE_LICENSE_APACHE2

…

NOTICE

…

pathmap.mk

…

PREUPLOAD.cfg

Merge "Add linter for strings.xml." into pi-dev

2018-03-27 01:06:54 +00:00

Languages

Java 73.7%

Kotlin 14%

PowerBuilder 5.8%

C++ 5.2%

AIDL 1%