Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b631084613e12e1c6a0ae2ad9446e1284b650ccb
frameworks_base/services/java/com/android/server/updatable/ConfigUpdateInstallReceiver.java
Geremy Condra b631084613 DO NOT MERGE Add components for the Android Config Updater to system server. 
This adds the necessary bits to verify and install configuration
updates using system server. It also includes the cert pinning
updater as the first user.

Change-Id: I42307f58074157b33b6e01216aab10022340d449
2012-09-12 17:53:53 -07:00

245 lines
9.6 KiB
Java
Raw Blame History

/*
* Copyright (C) 2012 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.server.updates;
import android.content.BroadcastReceiver;
import android.content.ContentResolver;
import android.content.Context;
import android.content.Intent;
import android.provider.Settings;
import android.os.FileUtils;
import android.util.Base64;
import android.util.Slog;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import libcore.io.IoUtils;
public class ConfigUpdateInstallReceiver extends BroadcastReceiver {
private static final String TAG = "ConfigUpdateInstallReceiver";
private static final String EXTRA_CONTENT_PATH = "CONTENT_PATH";
private static final String EXTRA_REQUIRED_HASH = "REQUIRED_HASH";
private static final String EXTRA_SIGNATURE = "SIGNATURE";
private static final String EXTRA_VERSION_NUMBER = "VERSION";
private static final String UPDATE_CERTIFICATE_KEY = "config_update_certificate";
private final File updateDir;
private final File updateContent;
private final File updateVersion;
public ConfigUpdateInstallReceiver(String updateDir, String updateContentPath,
String updateMetadataPath, String updateVersionPath) {
this.updateDir = new File(updateDir);
this.updateContent = new File(updateDir, updateContentPath);
File updateMetadataDir = new File(updateDir, updateMetadataPath);
this.updateVersion = new File(updateMetadataDir, updateVersionPath);
}
@Override
public void onReceive(final Context context, final Intent intent) {
new Thread() {
@Override
public void run() {
try {
// get the certificate from Settings.Secure
X509Certificate cert = getCert(context.getContentResolver());
// get the content path from the extras
String altContent = getAltContent(intent);
// get the version from the extras
int altVersion = getVersionFromIntent(intent);
// get the previous value from the extras
String altRequiredHash = getRequiredHashFromIntent(intent);
// get the signature from the extras
String altSig = getSignatureFromIntent(intent);
// get the version currently being used
int currentVersion = getCurrentVersion();
// get the hash of the currently used value
String currentHash = getCurrentHash(getCurrentContent());
if (!verifyVersion(currentVersion, altVersion)) {
Slog.e(TAG, "New version is not greater than current version, aborting!");
} else if (!verifyPreviousHash(currentHash, altRequiredHash)) {
Slog.e(TAG, "Current hash did not match required value, aborting!");
} else if (!verifySignature(altContent, altVersion, altRequiredHash, altSig,
cert)) {
Slog.e(TAG, "Signature did not verify, aborting!");
} else {
// install the new content
Slog.i(TAG, "Found new update, installing...");
install(altContent, altVersion);
Slog.i(TAG, "Installation successful");
}
} catch (Exception e) {
Slog.e(TAG, "Could not update content!", e);
}
}
}.start();
}
private X509Certificate getCert(ContentResolver cr) {
// get the cert from settings
String cert = Settings.Secure.getString(cr, UPDATE_CERTIFICATE_KEY);
// convert it into a real certificate
try {
byte[] derCert = Base64.decode(cert.getBytes(), Base64.DEFAULT);
InputStream istream = new ByteArrayInputStream(derCert);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509Certificate) cf.generateCertificate(istream);
} catch (CertificateException e) {
throw new IllegalStateException("Got malformed certificate from settings, ignoring", e);
}
}
private String getContentFromIntent(Intent i) {
String extraValue = i.getStringExtra(EXTRA_CONTENT_PATH);
if (extraValue == null) {
throw new IllegalStateException("Missing required content path, ignoring.");
}
return extraValue;
}
private int getVersionFromIntent(Intent i) throws NumberFormatException {
String extraValue = i.getStringExtra(EXTRA_VERSION_NUMBER);
if (extraValue == null) {
throw new IllegalStateException("Missing required version number, ignoring.");
}
return Integer.parseInt(extraValue.trim());
}
private String getRequiredHashFromIntent(Intent i) {
String extraValue = i.getStringExtra(EXTRA_REQUIRED_HASH);
if (extraValue == null) {
throw new IllegalStateException("Missing required previous hash, ignoring.");
}
return extraValue.trim();
}
private String getSignatureFromIntent(Intent i) {
String extraValue = i.getStringExtra(EXTRA_SIGNATURE);
if (extraValue == null) {
throw new IllegalStateException("Missing required signature, ignoring.");
}
return extraValue.trim();
}
private int getCurrentVersion() throws NumberFormatException {
try {
String strVersion = IoUtils.readFileAsString(updateVersion.getCanonicalPath()).trim();
return Integer.parseInt(strVersion);
} catch (IOException e) {
Slog.i(TAG, "Couldn't find current metadata, assuming first update", e);
return 0;
}
}
private String getAltContent(Intent i) throws IOException {
String contents = IoUtils.readFileAsString(getContentFromIntent(i));
return contents.trim();
}
private String getCurrentContent() {
try {
return IoUtils.readFileAsString(updateContent.getCanonicalPath()).trim();
} catch (IOException e) {
Slog.i(TAG, "Failed to read current content, assuming first update!", e);
return null;
}
}
private static String getCurrentHash(String content) {
if (content == null) {
return "0";
}
try {
MessageDigest dgst = MessageDigest.getInstance("SHA512");
byte[] encoded = content.getBytes();
byte[] fingerprint = dgst.digest(encoded);
return IntegralToString.bytesToHexString(fingerprint, false);
} catch (NoSuchAlgorithmException e) {
throw new AssertionError(e);
}
}
private boolean verifyVersion(int current, int alternative) {
return (current < alternative);
}
private boolean verifyPreviousHash(String current, String required) {
// this is an optional value- if the required field is NONE then we ignore it
if (required.equals("NONE")) {
return true;
}
// otherwise, verify that we match correctly
return current.equals(required);
}
private boolean verifySignature(String content, int version, String requiredPrevious,
String signature, X509Certificate cert) throws Exception {
Signature signer = Signature.getInstance("SHA512withRSA");
signer.initVerify(cert);
signer.update(content.getBytes());
signer.update(Long.toString(version).getBytes());
signer.update(requiredPrevious.getBytes());
return signer.verify(Base64.decode(signature.getBytes(), Base64.DEFAULT));
}
private void writeUpdate(File dir, File file, String content) {
FileOutputStream out = null;
File tmp = null;
try {
// create the temporary file
tmp = File.createTempFile("journal", "", dir);
// mark tmp -rw-r--r--
tmp.setReadable(true, false);
// write to it
out = new FileOutputStream(tmp);
out.write(content.getBytes());
// sync to disk
FileUtils.sync(out);
// atomic rename
tmp.renameTo(file);
} catch (IOException e) {
Slog.e(TAG, "Failed to write update", e);
} finally {
if (tmp != null) {
tmp.delete();
}
IoUtils.closeQuietly(out);
}
}
private void install(String content, int version) {
writeUpdate(updateDir, updateContent, content);
writeUpdate(updateDir, updateVersion, Long.toString(version));
}
}
Reference in New Issue View Git Blame Copy Permalink