Google Git
Sign in
android / platform / cts / 662e34cdeae / . / hostsidetests / appsecurity / src / android / appsecurity / cts / PkgInstallSignatureVerificationTest.java
blob: 4374efe2725b71fb00cdecca409868c334c7c323 [file] [log] [blame]
/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.appsecurity.cts;
import android.platform.test.annotations.AsbSecurityTest;
import com.android.compatibility.common.tradefed.build.CompatibilityBuildHelper;
import com.android.tradefed.build.IBuildInfo;
import com.android.tradefed.device.DeviceNotAvailableException;
import com.android.tradefed.testtype.DeviceTestCase;
import com.android.tradefed.testtype.IBuildReceiver;
import com.android.tradefed.util.FileUtil;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Locale;
/**
* Tests for APK signature verification during installation.
*/
public class PkgInstallSignatureVerificationTest extends DeviceTestCase implements IBuildReceiver {
private static final String TEST_PKG = "android.appsecurity.cts.tinyapp";
private static final String COMPANION_TEST_PKG = "android.appsecurity.cts.tinyapp_companion";
private static final String COMPANION2_TEST_PKG = "android.appsecurity.cts.tinyapp_companion2";
private static final String DEVICE_TESTS_APK = "CtsV3SigningSchemeRotationTest.apk";
private static final String DEVICE_TESTS_PKG = "android.appsecurity.cts.v3rotationtests";
private static final String DEVICE_TESTS_CLASS = DEVICE_TESTS_PKG + ".V3RotationTest";
private static final String SERVICE_PKG = "android.appsecurity.cts.keyrotationtest";
private static final String SERVICE_TEST_PKG = "android.appsecurity.cts.keyrotationtest.test";
private static final String SERVICE_TEST_CLASS =
SERVICE_TEST_PKG + ".SignatureQueryServiceInstrumentationTest";
private static final String TEST_APK_RESOURCE_PREFIX = "/pkgsigverify/";
private static final String INSTALL_ARG_FORCE_QUERYABLE = "--force-queryable";
private static final String[] DSA_KEY_NAMES = {"1024", "2048", "3072"};
private static final String[] EC_KEY_NAMES = {"p256", "p384", "p521"};
private static final String[] RSA_KEY_NAMES = {"1024", "2048", "3072", "4096", "8192", "16384"};
private static final String[] RSA_KEY_NAMES_2048_AND_LARGER =
{"2048", "3072", "4096", "8192", "16384"};
private IBuildInfo mCtsBuild;
@Override
public void setBuild(IBuildInfo buildInfo) {
mCtsBuild = buildInfo;
}
@Override
protected void setUp() throws Exception {
super.setUp();
Utils.prepareSingleUser(getDevice());
assertNotNull(mCtsBuild);
uninstallPackage();
uninstallCompanionPackages();
installDeviceTestPkg();
}
@Override
protected void tearDown() throws Exception {
try {
uninstallPackages();
} catch (DeviceNotAvailableException ignored) {
} finally {
super.tearDown();
}
}
public void testInstallOriginalSucceeds() throws Exception {
// APK signed with v1 and v2 schemes. Obtained by building
// cts/hostsidetests/appsecurity/test-apps/tinyapp.
assertInstallSucceeds("original.apk");
}
public void testInstallV1OneSignerMD5withRSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-md5-1.2.840.113549.1.1.1-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-md5-1.2.840.113549.1.1.4-%s.apk", RSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA1withRSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha1-1.2.840.113549.1.1.1-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha1-1.2.840.113549.1.1.5-%s.apk", RSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA224withRSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha224-1.2.840.113549.1.1.1-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha224-1.2.840.113549.1.1.14-%s.apk", RSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA256withRSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha256-1.2.840.113549.1.1.1-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha256-1.2.840.113549.1.1.11-%s.apk", RSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA384withRSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha384-1.2.840.113549.1.1.1-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha384-1.2.840.113549.1.1.12-%s.apk", RSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA512withRSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha512-1.2.840.113549.1.1.1-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-rsa-pkcs1-sha512-1.2.840.113549.1.1.13-%s.apk", RSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA1withECDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha1-1.2.840.10045.2.1-%s.apk", EC_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha1-1.2.840.10045.4.1-%s.apk", EC_KEY_NAMES);
}
public void testInstallV1OneSignerSHA224withECDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha224-1.2.840.10045.2.1-%s.apk", EC_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha224-1.2.840.10045.4.3.1-%s.apk", EC_KEY_NAMES);
}
public void testInstallV1OneSignerSHA256withECDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha256-1.2.840.10045.2.1-%s.apk", EC_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha256-1.2.840.10045.4.3.2-%s.apk", EC_KEY_NAMES);
}
public void testInstallV1OneSignerSHA384withECDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha384-1.2.840.10045.2.1-%s.apk", EC_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha384-1.2.840.10045.4.3.3-%s.apk", EC_KEY_NAMES);
}
public void testInstallV1OneSignerSHA512withECDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha512-1.2.840.10045.2.1-%s.apk", EC_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-ecdsa-sha512-1.2.840.10045.4.3.4-%s.apk", EC_KEY_NAMES);
}
public void testInstallV1OneSignerSHA1withDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-dsa-sha1-1.2.840.10040.4.1-%s.apk", DSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-dsa-sha1-1.2.840.10040.4.3-%s.apk", DSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA224withDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-dsa-sha224-1.2.840.10040.4.1-%s.apk", DSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-dsa-sha224-2.16.840.1.101.3.4.3.1-%s.apk", DSA_KEY_NAMES);
}
public void testInstallV1OneSignerSHA256withDSA() throws Exception {
// APK signed with v1 scheme only, one signer.
assertInstallSucceedsForEach(
"v1-only-with-dsa-sha256-1.2.840.10040.4.1-%s.apk", DSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v1-only-with-dsa-sha256-2.16.840.1.101.3.4.3.2-%s.apk", DSA_KEY_NAMES);
}
// Android platform doesn't support DSA with SHA-384 and SHA-512.
// public void testInstallV1OneSignerSHA384withDSA() throws Exception {
// // APK signed with v1 scheme only, one signer.
// assertInstallSucceedsForEach(
// "v1-only-with-dsa-sha384-2.16.840.1.101.3.4.3.3-%s.apk", DSA_KEY_NAMES);
// }
//
// public void testInstallV1OneSignerSHA512withDSA() throws Exception {
// // APK signed with v1 scheme only, one signer.
// assertInstallSucceedsForEach(
// "v1-only-with-dsa-sha512-2.16.840.1.101.3.4.3.3-%s.apk", DSA_KEY_NAMES);
// }
public void testInstallV2StrippedFails() throws Exception {
// APK signed with v1 and v2 schemes, but v2 signature was stripped from the file (by using
// zipalign).
// This should fail because the v1 signature indicates that the APK was supposed to be
// signed with v2 scheme as well, making the platform's anti-stripping protections reject
// the APK.
assertInstallFailsWithError("v2-stripped.apk", "Signature stripped");
// Similar to above, but the X-Android-APK-Signed anti-stripping header in v1 signature
// lists unknown signature schemes in addition to APK Signature Scheme v2. Unknown schemes
// should be ignored.
assertInstallFailsWithError(
"v2-stripped-with-ignorable-signing-schemes.apk", "Signature stripped");
}
public void testInstallV2OneSignerOneSignature() throws Exception {
// APK signed with v2 scheme only, one signer, one signature.
assertInstallSucceedsForEach("v2-only-with-dsa-sha256-%s.apk", DSA_KEY_NAMES);
assertInstallSucceedsForEach("v2-only-with-ecdsa-sha256-%s.apk", EC_KEY_NAMES);
assertInstallSucceedsForEach("v2-only-with-rsa-pkcs1-sha256-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach("v2-only-with-rsa-pss-sha256-%s.apk", RSA_KEY_NAMES);
// DSA with SHA-512 is not supported by Android platform and thus APK Signature Scheme v2
// does not support that either
// assertInstallSucceedsForEach("v2-only-with-dsa-sha512-%s.apk", DSA_KEY_NAMES);
assertInstallSucceedsForEach("v2-only-with-ecdsa-sha512-%s.apk", EC_KEY_NAMES);
assertInstallSucceedsForEach("v2-only-with-rsa-pkcs1-sha512-%s.apk", RSA_KEY_NAMES);
assertInstallSucceedsForEach(
"v2-only-with-rsa-pss-sha512-%s.apk",
RSA_KEY_NAMES_2048_AND_LARGER // 1024-bit key is too short for PSS with SHA-512
);
}
public void testInstallV1SignatureOnlyDoesNotVerify() throws Exception {
// APK signed with v1 scheme only, but not all digests match those recorded in
// META-INF/MANIFEST.MF.
String error = "META-INF/MANIFEST.MF has invalid digest";
// Bitflip in classes.dex of otherwise good file.
assertInstallFailsWithError(
"v1-only-with-tampered-classes-dex.apk", error);
}
public void testInstallV2SignatureDoesNotVerify() throws Exception {
// APK signed with v2 scheme only, but the signature over signed-data does not verify.
String error = "signature did not verify";
// Bitflip in certificate field inside signed-data. Based on
// v2-only-with-dsa-sha256-1024.apk.
assertInstallFailsWithError("v2-only-with-dsa-sha256-1024-sig-does-not-verify.apk", error);
// Signature claims to be RSA PKCS#1 v1.5 with SHA-256, but is actually using SHA-512.
// Based on v2-only-with-rsa-pkcs1-sha256-2048.apk.
assertInstallFailsWithError(
"v2-only-with-rsa-pkcs1-sha256-2048-sig-does-not-verify.apk", error);
// Signature claims to be RSA PSS with SHA-256 and 32 bytes of salt, but is actually using 0
// bytes of salt. Based on v2-only-with-rsa-pkcs1-sha256-2048.apk. Obtained by modifying APK
// signer to use the wrong amount of salt.
assertInstallFailsWithError(
"v2-only-with-rsa-pss-sha256-2048-sig-does-not-verify.apk", error);
// Bitflip in the ECDSA signature. Based on v2-only-with-ecdsa-sha256-p256.apk.
assertInstallFailsWithError(
"v2-only-with-ecdsa-sha256-p256-sig-does-not-verify.apk", error);
}
public void testInstallV2ContentDigestMismatch() throws Exception {
// APK signed with v2 scheme only, but the digest of contents does not match the digest
// stored in signed-data.
String error = "digest of contents did not verify";
// Based on v2-only-with-rsa-pkcs1-sha512-4096.apk. Obtained by modifying APK signer to
// flip the leftmost bit in content digest before signing signed-data.
assertInstallFailsWithError(
"v2-only-with-rsa-pkcs1-sha512-4096-digest-mismatch.apk", error);
// Based on v2-only-with-ecdsa-sha256-p256.apk. Obtained by modifying APK signer to flip the
// leftmost bit in content digest before signing signed-data.
assertInstallFailsWithError(
"v2-only-with-ecdsa-sha256-p256-digest-mismatch.apk", error);
}
public void testInstallNoApkSignatureSchemeBlock() throws Exception {
// APK signed with v2 scheme only, but the rules for verifying APK Signature Scheme v2
// signatures say that this APK must not be verified using APK Signature Scheme v2.
// Obtained from v2-only-with-rsa-pkcs1-sha512-4096.apk by flipping a bit in the magic
// field in the footer of APK Signing Block. This makes the APK Signing Block disappear.
assertInstallFails("v2-only-wrong-apk-sig-block-magic.apk");
// Obtained by modifying APK signer to insert "GARBAGE" between ZIP Central Directory and
// End of Central Directory. The APK is otherwise fine and is signed with APK Signature
// Scheme v2. Based on v2-only-with-rsa-pkcs1-sha256.apk.
assertInstallFails("v2-only-garbage-between-cd-and-eocd.apk");
// Obtained by modifying APK signer to truncate the ZIP Central Directory by one byte. The
// APK is otherwise fine and is signed with APK Signature Scheme v2. Based on
// v2-only-with-rsa-pkcs1-sha256.apk
assertInstallFails("v2-only-truncated-cd.apk");
// Obtained by modifying the size in APK Signature Block header. Based on
// v2-only-with-ecdsa-sha512-p521.apk.
assertInstallFails("v2-only-apk-sig-block-size-mismatch.apk");
// Obtained by modifying the ID under which APK Signature Scheme v2 Block is stored in
// APK Signing Block and by modifying the APK signer to not insert anti-stripping
// protections into JAR Signature. The APK should appear as having no APK Signature Scheme
// v2 Block and should thus successfully verify using JAR Signature Scheme.
assertInstallSucceeds("v1-with-apk-sig-block-but-without-apk-sig-scheme-v2-block.apk");
}
public void testInstallV2UnknownPairIgnoredInApkSigningBlock() throws Exception {
// Obtained by modifying APK signer to emit an unknown ID-value pair into APK Signing Block
// before the ID-value pair containing the APK Signature Scheme v2 Block. The unknown
// ID-value should be ignored.
assertInstallSucceeds("v2-only-unknown-pair-in-apk-sig-block.apk");
}
public void testInstallV2IgnoresUnknownSignatureAlgorithms() throws Exception {
// APK is signed with a known signature algorithm and with a couple of unknown ones.
// Obtained by modifying APK signer to use "unknown" signature algorithms in addition to
// known ones.
assertInstallSucceeds("v2-only-with-ignorable-unsupported-sig-algs.apk");
}
public void testInstallV2RejectsMismatchBetweenSignaturesAndDigestsBlocks() throws Exception {
// APK is signed with a single signature algorithm, but the digests block claims that it is
// signed with two different signature algorithms. Obtained by modifying APK Signer to
// emit an additional digest record with signature algorithm 0x12345678.
assertInstallFailsWithError(
"v2-only-signatures-and-digests-block-mismatch.apk",
"Signature algorithms don't match between digests and signatures records");
}
public void testInstallV2RejectsMismatchBetweenPublicKeyAndCertificate() throws Exception {
// APK is signed with v2 only. The public key field does not match the public key in the
// leaf certificate. Obtained by modifying APK signer to write out a modified leaf
// certificate where the RSA modulus has a bitflip.
assertInstallFailsWithError(
"v2-only-cert-and-public-key-mismatch.apk",
"Public key mismatch between certificate and signature record");
}
public void testInstallV2RejectsSignerBlockWithNoCertificates() throws Exception {
// APK is signed with v2 only. There are no certificates listed in the signer block.
// Obtained by modifying APK signer to output no certificates.
assertInstallFailsWithError("v2-only-no-certs-in-sig.apk", "No certificates listed");
}
public void testInstallTwoSigners() throws Exception {
// APK signed by two different signers.
assertInstallSucceeds("two-signers.apk");
// Because the install attempt below is an update, it also tests that the signing
// certificates exposed by v2 signatures above are the same as the one exposed by v1
// signatures in this APK.
assertInstallSucceeds("v1-only-two-signers.apk");
assertInstallSucceeds("v2-only-two-signers.apk");
}
public void testInstallNegativeModulus() throws Exception {
// APK signed with a certificate that has a negative RSA modulus.
assertInstallSucceeds("v1-only-negative-modulus.apk");
assertInstallSucceeds("v2-only-negative-modulus.apk");
assertInstallSucceeds("v3-only-negative-modulus.apk");
}
public void testInstallV2TwoSignersRejectsWhenOneBroken() throws Exception {
// Bitflip in the ECDSA signature of second signer. Based on two-signers.apk.
// This asserts that breakage in any signer leads to rejection of the APK.
assertInstallFailsWithError(
"two-signers-second-signer-v2-broken.apk", "signature did not verify");
}
public void testInstallV2TwoSignersRejectsWhenOneWithoutSignatures() throws Exception {
// APK v2-signed by two different signers. However, there are no signatures for the second
// signer.
assertInstallFailsWithError(
"v2-only-two-signers-second-signer-no-sig.apk", "No signatures");
}
public void testInstallV2TwoSignersRejectsWhenOneWithoutSupportedSignatures() throws Exception {
// APK v2-signed by two different signers. However, there are no supported signatures for
// the second signer.
assertInstallFailsWithError(
"v2-only-two-signers-second-signer-no-supported-sig.apk",
"No supported signatures");
}
public void testInstallV2RejectsWhenMissingCode() throws Exception {
// Obtained by removing classes.dex from original.apk and then signing with v2 only.
// Although this has nothing to do with v2 signature verification, package manager wants
// signature verification / certificate collection to reject APKs with missing code
// (classes.dex) unless requested otherwise.
assertInstallFailsWithError("v2-only-missing-classes.dex.apk", "code is missing");
}
public void testCorrectCertUsedFromPkcs7SignedDataCertsSet() throws Exception {
// Obtained by prepending the rsa-1024 certificate to the PKCS#7 SignedData certificates set
// of v1-only-with-rsa-pkcs1-sha1-1.2.840.113549.1.1.1-2048.apk META-INF/CERT.RSA. The certs
// (in the order of appearance in the file) are thus: rsa-1024, rsa-2048. The package's
// signing cert is rsa-2048.
assertInstallSucceeds("v1-only-pkcs7-cert-bag-first-cert-not-used.apk");
// Check that rsa-1024 was not used as the previously installed package's signing cert.
assertInstallFailsWithError(
"v1-only-with-rsa-pkcs1-sha1-1.2.840.113549.1.1.1-1024.apk",
"signatures do not match");
// Check that rsa-2048 was used as the previously installed package's signing cert.
assertInstallSucceeds("v1-only-with-rsa-pkcs1-sha1-1.2.840.113549.1.1.1-2048.apk");
}
public void testV1SchemeSignatureCertNotReencoded() throws Exception {
// Regression test for b/30148997 and b/18228011. When PackageManager does not preserve the
// original encoded form of signing certificates, bad things happen, such as rejection of
// completely valid updates to apps. The issue in b/30148997 and b/18228011 was that
// PackageManager started re-encoding signing certs into DER. This normally produces exactly
// the original form because X.509 certificates are supposed to be DER-encoded. However, a
// small fraction of Android apps uses X.509 certificates which are not DER-encoded. For
// such apps, re-encoding into DER changes the serialized form of the certificate, creating
// a mismatch with the serialized form stored in the PackageManager database, leading to the
// rejection of updates for the app.
//
// The signing certs of the two APKs differ only in how the cert's signature is encoded.
// From Android's perspective, these two APKs are signed by different entities and thus
// cannot be used to update one another. If signature verification code re-encodes certs
// into DER, both certs will be exactly the same and Android will accept these APKs as
// updates of each other. This test is thus asserting that the two APKs are not accepted as
// updates of each other.
//
// * v1-only-with-rsa-1024.apk cert's signature is DER-encoded
// * v1-only-with-rsa-1024-cert-not-der.apk cert's signature is not DER-encoded. It is
// BER-encoded, with length encoded as two bytes instead of just one.
// v1-only-with-rsa-1024-cert-not-der.apk META-INF/CERT.RSA was obtained from
// v1-only-with-rsa-1024.apk META-INF/CERT.RSA by manually modifying the ASN.1 structure.
assertInstallSucceeds("v1-only-with-rsa-1024.apk");
assertInstallFailsWithError(
"v1-only-with-rsa-1024-cert-not-der.apk", "signatures do not match");
uninstallPackage();
assertInstallSucceeds("v1-only-with-rsa-1024-cert-not-der.apk");
assertInstallFailsWithError("v1-only-with-rsa-1024.apk", "signatures do not match");
}
public void testV2SchemeSignatureCertNotReencoded() throws Exception {
// This test is here to catch something like b/30148997 and b/18228011 happening to the
// handling of APK Signature Scheme v2 signatures by PackageManager. When PackageManager
// does not preserve the original encoded form of signing certificates, bad things happen,
// such as rejection of completely valid updates to apps. The issue in b/30148997 and
// b/18228011 was that PackageManager started re-encoding signing certs into DER. This
// normally produces exactly the original form because X.509 certificates are supposed to be
// DER-encoded. However, a small fraction of Android apps uses X.509 certificates which are
// not DER-encoded. For such apps, re-encoding into DER changes the serialized form of the
// certificate, creating a mismatch with the serialized form stored in the PackageManager
// database, leading to the rejection of updates for the app.
//
// The signing certs of the two APKs differ only in how the cert's signature is encoded.
// From Android's perspective, these two APKs are signed by different entities and thus
// cannot be used to update one another. If signature verification code re-encodes certs
// into DER, both certs will be exactly the same and Android will accept these APKs as
// updates of each other. This test is thus asserting that the two APKs are not accepted as
// updates of each other.
//
// * v2-only-with-rsa-pkcs1-sha256-1024.apk cert's signature is DER-encoded
// * v2-only-with-rsa-pkcs1-sha256-1024-cert-not-der.apk cert's signature is not DER-encoded
// It is BER-encoded, with length encoded as two bytes instead of just one.
assertInstallSucceeds("v2-only-with-rsa-pkcs1-sha256-1024.apk");
assertInstallFailsWithError(
"v2-only-with-rsa-pkcs1-sha256-1024-cert-not-der.apk", "signatures do not match");
uninstallPackage();
assertInstallSucceeds("v2-only-with-rsa-pkcs1-sha256-1024-cert-not-der.apk");
assertInstallFailsWithError(
"v2-only-with-rsa-pkcs1-sha256-1024.apk", "signatures do not match");
}
public void testInstallMaxSizedZipEocdComment() throws Exception {
// Obtained by modifying apksigner to produce a max-sized (0xffff bytes long) ZIP End of
// Central Directory comment, and signing the original.apk using the modified apksigner.
assertInstallSucceeds("v1-only-max-sized-eocd-comment.apk");
assertInstallSucceeds("v2-only-max-sized-eocd-comment.apk");
}
public void testInstallEphemeralRequiresV2Signature() throws Exception {
assertInstallEphemeralFailsWithError("unsigned-ephemeral.apk",
"Failed to collect certificates");
assertInstallEphemeralFailsWithError("v1-only-ephemeral.apk",
"must be signed with APK Signature Scheme v2 or greater");
assertInstallEphemeralSucceeds("v2-only-ephemeral.apk");
assertInstallEphemeralSucceeds("v1-v2-ephemeral.apk"); // signed with both schemes
}
public void testInstallEmpty() throws Exception {
assertInstallFailsWithError("empty-unsigned.apk", "Unknown failure");
assertInstallFailsWithError("v1-only-empty.apk", "Unknown failure");
assertInstallFailsWithError("v2-only-empty.apk", "Unknown failure");
}
@AsbSecurityTest(cveBugId = 64211847)
public void testInstallApkWhichDoesNotStartWithZipLocalFileHeaderMagic() throws Exception {
// The APKs below are competely fine except they don't start with ZIP Local File Header
// magic. Thus, these APKs will install just fine unless Package Manager requires that APKs
// start with ZIP Local File Header magic.
String error = "Unknown failure";
// Obtained by modifying apksigner to output four unused 0x00 bytes at the start of the APK
assertInstallFailsWithError("v1-only-starts-with-00000000-magic.apk", error);
assertInstallFailsWithError("v2-only-starts-with-00000000-magic.apk", error);
// Obtained by modifying apksigner to output 8 unused bytes (DEX magic and version) at the
// start of the APK
assertInstallFailsWithError("v1-only-starts-with-dex-magic.apk", error);
assertInstallFailsWithError("v2-only-starts-with-dex-magic.apk", error);
}
public void testInstallV3KeyRotation() throws Exception {
// tests that a v3 signed APK with RSA key can rotate to a new key
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
}
public void testInstallV3KeyRotationToAncestor() throws Exception {
// tests that a v3 signed APK with RSA key cannot be upgraded by one of its past certs
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
assertInstallFails("v3-rsa-pkcs1-sha256-2048-1.apk");
}
public void testInstallV3KeyRotationToAncestorWithRollback() throws Exception {
// tests that a v3 signed APK with RSA key can be upgraded by one of its past certs if it
// has granted that cert the rollback capability
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-and-roll-caps.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1.apk");
}
public void testInstallV3KeyRotationMultipleHops() throws Exception {
// tests that a v3 signed APK with RSA key can rotate to a new key which is the result of
// multiple rotations from the original: APK signed with key 1 can be updated by key 3, when
// keys were: 1 -> 2 -> 3
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-3-with-por_1_2_3-full-caps.apk");
}
public void testInstallV3PorSignerMismatch() throws Exception {
// tests that an APK with a proof-of-rotation struct that doesn't include the current
// signing certificate fails to install
assertInstallFails("v3-rsa-pkcs1-sha256-2048-3-with-por_1_2-full-caps.apk");
}
public void testInstallV3KeyRotationWrongPor() throws Exception {
// tests that a valid APK with a proof-of-rotation record can't upgrade an APK with a
// signing certificate that isn't in the proof-of-rotation record
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1.apk");
assertInstallFails("v3-rsa-pkcs1-sha256-2048-3-with-por_2_3-full-caps.apk");
}
public void testInstallV3KeyRotationSharedUid() throws Exception {
// tests that a v3 signed sharedUid APK can still be sharedUid with apps with its older
// signing certificate, if it so desires
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-sharedUid.apk");
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps-sharedUid-companion.apk");
}
public void testInstallV3KeyRotationOlderSharedUid() throws Exception {
// tests that a sharedUid APK can still install with another app that is signed by a newer
// signing certificate, but which allows sharedUid with the older one
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps-sharedUid-companion.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-sharedUid.apk");
}
public void testInstallV3KeyRotationSharedUidNoCap() throws Exception {
// tests that a v3 signed sharedUid APK cannot be sharedUid with apps with its older
// signing certificate, when it has not granted that certificate the sharedUid capability
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-sharedUid.apk");
assertInstallFails(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-no-shUid-cap-sharedUid-companion.apk");
}
public void testInstallV3KeyRotationOlderSharedUidNoCap() throws Exception {
// tests that a sharedUid APK signed with an old certificate cannot install with
// an app having a proof-of-rotation structure that hasn't granted the older
// certificate the sharedUid capability
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-no-shUid-cap-sharedUid-companion.apk");
assertInstallFails("v3-rsa-pkcs1-sha256-2048-1-sharedUid.apk");
}
public void testInstallV3NoRotationSharedUid() throws Exception {
// tests that a sharedUid APK signed with a new certificate installs with
// an app having a proof-of-rotation structure that hasn't granted an older
// certificate the sharedUid capability
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-no-shUid-cap-sharedUid-companion.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-sharedUid.apk");
}
public void testInstallV3MultipleAppsOneDeniesOldKeySharedUid() throws Exception {
// If two apps are installed as part of a sharedUid, one granting access to the sharedUid
// to the previous key and the other revoking access to the sharedUid, then when an app
// signed with the old key attempts to join the sharedUid the installation should be blocked
assertInstallFromBuildSucceeds(
"v3-ec-p256-with-por_1_2-default-caps-sharedUid-companion.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-no-shUid-cap-sharedUid.apk");
assertInstallFromBuildFails("v3-ec-p256-1-sharedUid-companion2.apk");
}
public void testInstallV3MultipleAppsOneUpdatedToDenyOldKeySharedUid() throws Exception {
// Similar to the test above if two apps are installed as part of a sharedUid with both
// granting access to the sharedUid to the previous key then an app signed with the previous
// key should be allowed to install and join the sharedUid. If one of the first two apps
// is then updated with a lineage that denies access to the sharedUid for the old key the
// installation of this updated app should be blocked.
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-default-caps-sharedUid.apk");
assertInstallFromBuildSucceeds(
"v3-ec-p256-with-por_1_2-default-caps-sharedUid-companion.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-1-sharedUid-companion2.apk");
assertInstallFromBuildFails("v3-ec-p256-with-por_1_2-no-shUid-cap-sharedUid.apk");
}
public void testInstallV3FirstAppOnlySignedByNewKeyLastAppOldKey() throws Exception {
// This test verifies the following scenario:
// - First installed app in sharedUid only signed with new key without lineage.
// - Second installed app in sharedUid signed with new key and includes lineage granting
// access to the old key to join the sharedUid.
// - Last installed app in sharedUid signed with old key.
// The lineage should be updated when the second app is installed to allow the installation
// of the app signed with the old key.
assertInstallFromBuildSucceeds("v3-ec-p256-2-sharedUid-companion.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-default-caps-sharedUid.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-1-sharedUid-companion2.apk");
}
public void testInstallV3AppSignedWithOldKeyUpdatedLineageDeniesShUidCap() throws Exception {
// If an app is installed as part of a sharedUid, and then that app is signed with a new key
// that rejects the previous key in the lineage the update should be allowed to proceed
// as the app is being updated to the newly rotated key.
assertInstallFromBuildSucceeds("v3-ec-p256-1-sharedUid.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-no-shUid-cap-sharedUid.apk");
}
public void testInstallV3TwoSharedUidAppsWithDivergedLineages() throws Exception {
// Apps that are installed as part of the sharedUserId with a lineage must have common
// ancestors; the platform will allow the installation if the lineage of an app being
// installed as part of the sharedUserId is the same, a subset, or a superset of the
// existing lineage, but if the lineage diverges then the installation should be blocked.
assertInstallFromBuildSucceeds("v3-por_Y_1_2-default-caps-sharedUid.apk");
assertInstallFromBuildFails("v3-por_Z_1_2-default-caps-sharedUid-companion.apk");
}
public void testInstallV3UpdateAfterRotation() throws Exception {
// This test performs an end to end verification of the update of an app with a rotated
// key. The app under test exports a bound service that performs its own PackageManager key
// rotation API verification, and the instrumentation test binds to the service and invokes
// the verifySignatures method to verify that the key rotation APIs return the expected
// results. The instrumentation test app is signed with the same key and lineage as the
// app under test to also provide a second app that can be used for the checkSignatures
// verification.
// Install the initial versions of the apps; the test method verifies the app under test is
// signed with the original signing key.
assertInstallFromBuildSucceeds("CtsSignatureQueryService.apk");
assertInstallFromBuildSucceeds("CtsSignatureQueryServiceTest.apk");
Utils.runDeviceTests(getDevice(), SERVICE_TEST_PKG, SERVICE_TEST_CLASS,
"verifySignatures_noRotation_succeeds");
// Install the second version of the app signed with the rotated key. This test verifies the
// app still functions as expected after the update with the rotated key. The
// instrumentation test app is not updated here to allow verification of the pre-key
// rotation behavior for the checkSignatures APIs. These APIs should behave similar to the
// GET_SIGNATURES flag in that if one or both apps have a signing lineage if the oldest
// signers in the lineage match then the methods should return that the signatures match
// even if one is signed with a newer key in the lineage.
assertInstallFromBuildSucceeds("CtsSignatureQueryService_v2.apk");
Utils.runDeviceTests(getDevice(), SERVICE_TEST_PKG, SERVICE_TEST_CLASS,
"verifySignatures_withRotation_succeeds");
// Installs the third version of the app under test and the instrumentation test, both
// signed with the same rotated key and lineage. This test is intended to verify that the
// app can still be updated and function as expected after an update with a rotated key.
assertInstallFromBuildSucceeds("CtsSignatureQueryService_v3.apk");
assertInstallFromBuildSucceeds("CtsSignatureQueryServiceTest_v2.apk");
Utils.runDeviceTests(getDevice(), SERVICE_TEST_PKG, SERVICE_TEST_CLASS,
"verifySignatures_withRotation_succeeds");
}
public void testInstallV3KeyRotationSigPerm() throws Exception {
// tests that a v3 signed APK can still get a signature permission from an app with its
// older signing certificate.
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-permdef.apk");
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps-permcli-companion.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
}
public void testInstallV3KeyRotationOlderSigPerm() throws Exception {
// tests that an apk with an older signing certificate than the one which defines a
// signature permission it wants gets the permission if the defining APK grants the
// capability
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps-permdef.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-permcli-companion.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
}
public void testInstallV3KeyRotationSigPermNoCap() throws Exception {
// tests that an APK signed by an older signing certificate is unable to get a requested
// signature permission when the defining APK has rotated to a newer signing certificiate
// and does not grant the permission capability to the older cert
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-no-perm-cap-permdef.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-permcli-companion.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasNoPerm");
}
public void testInstallV3KeyRotationOlderSigPermNoCap() throws Exception {
// tests that an APK signed by a newer signing certificate than the APK which defines a
// signature permission is able to get that permission, even if the newer APK does not
// grant the permission capability to the older signing certificate.
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-permdef.apk");
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-no-perm-cap-permcli-companion.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
}
public void testInstallV3NoRotationSigPerm() throws Exception {
// make sure that an APK, which wants to use a signature permission defined by an APK, which
// has not granted that capability to older signing certificates, can still install
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-no-perm-cap-permdef.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-permcli-companion.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
}
public void testInstallV3CommonSignerInLineageWithPermCap() throws Exception {
// If an APK requesting a signature permission has a common signer in the lineage with the
// APK declaring the permission, and that signer is granted the permission capability in
// the declaring APK, then the permission should be granted to the requesting app even
// if their signers have diverged.
assertInstallFromBuildSucceeds(
"v3-ec-p256-with-por_1_2_3-1-no-caps-2-default-declperm.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2_4-companion-usesperm.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
}
public void testInstallV3CommonSignerInLineageNoCaps() throws Exception {
// If an APK requesting a signature permission has a common signer in the lineage with the
// APK declaring the permission, but the signer in the lineage has not been granted the
// permission capability the permission should not be granted to the requesting app.
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2_3-no-caps-declperm.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2_4-companion-usesperm.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasNoPerm");
}
public void testKnownSignerPermGrantedWhenCurrentSignerInResource() throws Exception {
// The knownSigner protection flag allows an app to declare other trusted signing
// certificates in an array resource; if a requesting app's current signer is in this array
// of trusted certificates then the permission should be granted.
assertInstallFromBuildSucceeds("v3-rsa-2048-decl-knownSigner-ec-p256-1-3.apk");
assertInstallFromBuildSucceeds("v3-ec-p256_3-companion-uses-knownSigner.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
// If the declaring app changes the trusted certificates on an update any requesting app
// that no longer meets the requirements based on its signing identity should have the
// permission revoked. This app update only trusts ec-p256_1 but the app that was previously
// granted the permission based on its signing identity is signed by ec-p256_3.
assertInstallFromBuildSucceeds("v3-rsa-2048-decl-knownSigner-str-res-ec-p256-1.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasNoPerm");
}
public void testKnownSignerPermCurrentSignerNotInResource() throws Exception {
// If an app requesting a knownSigner permission does not meet the requirements for a
// signature permission and is not signed by any of the trusted certificates then the
// permission should not be granted.
assertInstallFromBuildSucceeds("v3-rsa-2048-decl-knownSigner-ec-p256-1-3.apk");
assertInstallFromBuildSucceeds("v3-ec-p256_2-companion-uses-knownSigner.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasNoPerm");
}
public void testKnownSignerPermGrantedWhenSignerInLineageInResource() throws Exception {
// If an app requesting a knownSigner permission was previously signed by a certificate
// that is trusted by the declaring app then the permission should be granted.
assertInstallFromBuildSucceeds("v3-rsa-2048-decl-knownSigner-ec-p256-1-3.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-companion-uses-knownSigner.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
// If the declaring app changes the permission to no longer use the knownSigner flag then
// any app granted the permission based on a signing identity from the set of trusted
// certificates should have the permission revoked.
assertInstallFromBuildSucceeds("v3-rsa-2048-declperm.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasNoPerm");
}
public void testKnownSignerPermSignerInLineageMatchesStringResource() throws Exception {
// The knownSigner protection flag allows an app to declare a single known trusted
// certificate digest using a string resource instead of a string-array resource. This test
// verifies the knownSigner permission is granted to a requesting app if the single trusted
// cert is in the requesting app's lineage.
assertInstallFromBuildSucceeds("v3-rsa-2048-decl-knownSigner-str-res-ec-p256-1.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-companion-uses-knownSigner.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
}
public void testKnownSignerPermSignerInLineageMatchesStringConst() throws Exception {
// The knownSigner protection flag allows an app to declare a single known trusted
// certificate digest using a string constant as the knownCerts attribute value instead of a
// resource. This test verifies the knownSigner permission is granted to a requesting app if
// the single trusted cert is in the requesting app's lineage.
assertInstallFromBuildSucceeds("v3-rsa-2048-decl-knownSigner-str-const-ec-p256-1.apk");
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-companion-uses-knownSigner.apk");
Utils.runDeviceTests(getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testHasPerm");
}
public void testInstallV3SigPermDoubleDefNewerSucceeds() throws Exception {
// make sure that if an app defines a signature permission already defined by another app,
// it successfully installs if the other app's signing cert is in its past signing certs and
// the signature permission capability is granted
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-permdef.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with_por_1_2-permdef-companion.apk");
}
public void testInstallV3SigPermDoubleDefOlderSucceeds() throws Exception {
// make sure that if an app defines a signature permission already defined by another app,
// it successfully installs if it is in the other app's past signing certs and the signature
// permission capability is granted
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with_por_1_2-permdef-companion.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-permdef.apk");
}
public void testInstallV3SigPermDoubleDefNewerNoCapFails() throws Exception {
// make sure that if an app defines a signature permission already defined by another app,
// it fails to install if the other app's signing cert is in its past signing certs but the
// signature permission capability is not granted
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1-permdef.apk");
assertInstallFails(
"v3-rsa-pkcs1-sha256-2048-2-with_por_1_2-no-perm-cap-permdef-companion.apk");
}
public void testInstallV3SigPermDoubleDefOlderNoCapFails() throws Exception {
// make sure that if an app defines a signature permission already defined by another app,
// it fails to install if it is in the other app's past signing certs but the signature
// permission capability is not granted
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with_por_1_2-no-perm-cap-permdef-companion.apk");
assertInstallFails("v3-rsa-pkcs1-sha256-2048-1-permdef.apk");
}
public void testInstallV3SigPermDoubleDefSameNoCapSucceeds() throws Exception {
// make sure that if an app defines a signature permission already defined by another app,
// it installs successfully when signed by the same certificate, even if the original app
// does not grant signature capabilities to its past certs
assertInstallSucceeds(
"v3-rsa-pkcs1-sha256-2048-2-with_por_1_2-no-perm-cap-permdef-companion.apk");
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-permdef.apk");
}
public void testInstallV3KeyRotationGetSignatures() throws Exception {
// tests that a PackageInfo w/GET_SIGNATURES flag returns the older cert
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS, "testGetSignaturesShowsOld");
}
public void testInstallV3KeyRotationGetSigningCertificates() throws Exception {
// tests that a PackageInfo w/GET_SIGNING_CERTIFICATES flag returns the old and new certs
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
"testGetSigningCertificatesShowsAll");
}
public void testInstallV3KeyRotationGetApkContentsSigners() throws Exception {
// The GET_SIGNING_CERTIFICATES flag results in a PackageInfo object returned with a
// SigningInfo instance that can be used to query all certificates in the lineage or only
// the current signer(s) via getApkContentsSigners. This test verifies when a V3 signed
// package with a rotated key is queried getApkContentsSigners only returns the current
// signer.
assertInstallFromBuildSucceeds("v3-ec-p256-with-por_1_2-default-caps.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
"testGetApkContentsSignersShowsCurrent");
}
public void testInstallV2MultipleSignersGetApkContentsSigners() throws Exception {
// Similar to the above test, but verifies when an APK is signed with two V2 signers
// getApkContentsSigners returns both of the V2 signers.
assertInstallFromBuildSucceeds("v1v2-ec-p256-two-signers-targetSdk-30.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
"testGetApkContentsSignersShowsMultipleSigners");
}
public void testInstallV3KeyRotationHasSigningCertificate() throws Exception {
// tests that hasSigningCertificate() recognizes past and current signing certs
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
"testHasSigningCertificate");
}
public void testInstallV3KeyRotationHasSigningCertificateSha256() throws Exception {
// tests that hasSigningCertificate() recognizes past and current signing certs by sha256
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
"testHasSigningCertificateSha256");
}
public void testInstallV3KeyRotationHasSigningCertificateByUid() throws Exception {
// tests that hasSigningCertificate() recognizes past and current signing certs by uid
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
"testHasSigningCertificateByUid");
}
public void testInstallV3KeyRotationHasSigningCertificateByUidSha256() throws Exception {
// tests that hasSigningCertificate() recognizes past and current signing certs by uid
// and sha256
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
Utils.runDeviceTests(
getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
"testHasSigningCertificateByUidSha256");
}
public void testInstallV3KeyRotationHasDuplicateSigningCertificateHistory() throws Exception {
// tests that an app's proof-of-rotation signing history cannot contain the same certificate
// more than once.
assertInstallFails("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2_2-full-caps.apk");
}
public void testInstallV3HasMultipleSigners() throws Exception {
// tests that an app can't be signed by multiple signers when using v3 signature scheme
assertInstallFails("v3-rsa-pkcs1-sha256-2048-1_and_2.apk");
}
public void testInstallV3HasMultiplePlatformSigners() throws Exception {
// tests that an app can be signed by multiple v3 signers if they target different platform
// versions
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-1_P_and_2_Qplus.apk");
}
public void testInstallTargetSdk30WithV1Signers() throws Exception {
// An app targeting SDK version >= 30 must have at least a V2 signature; this test verifies
// an app targeting SDK version 30 with only a V1 signature fails to install.
assertInstallFails("v1-ec-p256-two-signers-targetSdk-30.apk");
}
public void testInstallTargetSdk30WithV1V2Signers() throws Exception {
// An app targeting SDK version >= 30 must have at least a V2 signature; this test verifies
// that an app targeting SDK version 30 with both a V1 and V2 signature installs
// successfully.
installApkFromBuild("v1v2-ec-p256-two-signers-targetSdk-30.apk");
}
public void testInstallV4WithV2Signer() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APK generated with:
// apksigner sign --v2-signing-enabled true --v3-signing-enabled false --v4-signing-enabled
assertInstallV4Succeeds("v4-digest-v2.apk");
}
public void testInstallV4WithV3Signer() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APK generated with:
// apksigner sign --v2-signing-enabled false --v3-signing-enabled true --v4-signing-enabled
assertInstallV4Succeeds("v4-digest-v3.apk");
}
public void testInstallV4WithV2V3Signer() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APK generated with:
// apksigner sign --v2-signing-enabled true --v3-signing-enabled true --v4-signing-enabled
assertInstallV4Succeeds("v4-digest-v2v3.apk");
}
public void testInstallV4WithV2NoVeritySigner() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APK generated with:
// --v2-signing-enabled true --v3-signing-enabled false --v4-signing-enabled
// Full commands in generate-apks.sh
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha256withDSA.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha256withEC.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha256withRSA.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha512withEC.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha512withRSA.apk");
}
public void testInstallV4WithV2VeritySigner() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APK generated with:
// --v2-signing-enabled true --v3-signing-enabled false
// --v4-signing-enabled --verity-enabled
// Full commands in generate-apks.sh
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha256withDSA-Verity.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha256withEC-Verity.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v2-Sha256withRSA-Verity.apk");
}
public void testInstallV4WithV3NoVeritySigner() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APK generated with:
// --v2-signing-enabled false --v3-signing-enabled true --v4-signing-enabled
// Full commands in generate-apks.sh
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha256withDSA.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha256withEC.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha256withRSA.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha512withEC.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha512withRSA.apk");
}
public void testInstallV4WithV3VeritySigner() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APK generated with:
// --v2-signing-enabled false --v3-signing-enabled true
// --v4-signing-enabled --verity-enabled
// Full commands in generate-apks.sh
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha256withDSA-Verity.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha256withEC-Verity.apk");
assertInstallV4SucceedsAndUninstall("v4-digest-v3-Sha256withRSA-Verity.apk");
}
public void testInstallV4WithV2SignerDoesNotVerify() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APKs generated with:
// apksigner sign -v2-signing-enabled true --v3-signing-enabled false --v4-signing-enabled
// Malformed v4 signature - first byte of v4 signing_info.signature is flipped
assertInstallV4FailsWithError("v4-digest-v2-badv4signature.apk", "did not verify");
// Malformed digest - first byte of v4 signing_info.apk_digest is flipped
assertInstallV4FailsWithError("v4-digest-v2-badv2digest.apk", "did not verify");
}
public void testInstallV4WithV3SignerDoesNotVerify() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APKs generated with:
// apksigner sign -v2-signing-enabled false --v3-signing-enabled true --v4-signing-enabled
// Malformed v4 signature - first byte of v4 signing_info.signature is flipped
assertInstallV4FailsWithError("v4-digest-v3-badv4signature.apk", "did not verify");
// Malformed digest - first byte of v4 signing_info.apk_digest is flipped
assertInstallV4FailsWithError("v4-digest-v3-badv3digest.apk", "did not verify");
}
public void testInstallV4WithV2V3SignerDoesNotVerify() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// APKs generated with:
// apksigner sign -v2-signing-enabled true --v3-signing-enabled true --v4-signing-enabled
// Malformed v4 signature - first byte of v4 signing_info.signature is flipped
assertInstallV4FailsWithError("v4-digest-v2v3-badv4signature.apk", "did not verify");
// Malformed digest - first byte of v4 signing_info.apk_digest is flipped
assertInstallV4FailsWithError("v4-digest-v2v3-badv2v3digest.apk", "did not verify");
}
public void testInstallV4With128BytesAdditionalDataSucceeds() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner to fill additional data of size 128 bytes.
assertInstallV4Succeeds("v4-digest-v3-128bytes-additional-data.apk");
}
public void testInstallV4With256BytesAdditionalDataFails() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner to fill additional data of size 256 bytes.
assertInstallV4FailsWithError("v4-digest-v3-256bytes-additional-data.apk",
"additionalData has to be at most 128 bytes");
}
public void testInstallV4With10MBytesAdditionalDataFails() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner to fill additional data of size 10 * 1024 * 1024 bytes.
assertInstallV4FailsWithError("v4-digest-v3-10mbytes-additional-data.apk",
"Failure");
}
public void testInstallV4WithWrongBlockSize() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner with the wrong block size in the v4 signature.
assertInstallV4FailsWithError("v4-digest-v3-wrong-block-size.apk",
"did not verify");
}
public void testInstallV4WithDifferentBlockSize() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner with the different block size (2048 instead of 4096).
assertInstallV4FailsWithError("v4-digest-v3-merkle-tree-different-block-size.apk",
"Unsupported log2BlockSize: 11");
}
public void testInstallV4WithWrongRawRootHash() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner with the wrong raw root hash in the v4 signature.
assertInstallV4FailsWithError("v4-digest-v3-wrong-raw-root-hash.apk", "Failure");
}
public void testInstallV4WithWrongSignatureBytes() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner with the wrong signature bytes in the v4 signature.
assertInstallV4FailsWithError("v4-digest-v3-wrong-sig-bytes.apk",
"did not verify");
}
public void testInstallV4WithWrongSignatureBytesSize() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner with the wrong signature byte size in the v4 signature.
assertInstallV4FailsWithError("v4-digest-v3-wrong-sig-bytes-size.apk",
"Failure");
}
public void testInstallV4WithNoMerkleTree() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner to not include the Merkle tree.
assertInstallV4FailsWithError("v4-digest-v3-no-merkle-tree.apk",
"Failure");
}
public void testInstallV4WithWithTrailingDataInMerkleTree() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner to add trailing data after the Merkle tree
assertInstallV4FailsWithError("v4-digest-v3-merkle-tree-1mb-trailing-data.apk",
"Failure");
}
public void testInstallV4WithMerkleTreeBitsFlipped() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// Editing apksigner to flip few bits in the only node of the Merkle tree of a small app.
assertInstallV4FailsWithError("v4-digest-v3-merkle-tree-bit-flipped.apk",
"Failed to parse");
}
public void testV4IncToV3NonIncSameKeyUpgradeSucceeds() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// See cts/hostsidetests/appsecurity/res/pkgsigverify/generate-apks.sh for the command
// to generate the apks
assertInstallV4Succeeds("v4-inc-to-v3-noninc-ec-p256-appv1.apk");
// non-incremental upgrade with the same key.
assertInstallSucceeds("v4-inc-to-v3-noninc-ec-p256-appv2.apk");
}
public void testV4IncToV3NonIncMismatchingKeyUpgradeFails() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// See cts/hostsidetests/appsecurity/res/pkgsigverify/generate-apks.sh for the command
// to generate the apks
assertInstallV4Succeeds("v4-inc-to-v3-noninc-ec-p256-appv1.apk");
// non-incremental upgrade with a mismatching key.
assertInstallFailsWithError("v4-inc-to-v3-noninc-ec-p384-appv2.apk",
"signatures do not match previously installed version");
}
public void testV4IncToV3NonIncRotatedKeyUpgradeSucceeds() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// See cts/hostsidetests/appsecurity/res/pkgsigverify/generate-apks.sh for the command
// to generate the apks
assertInstallV4Succeeds("v4-inc-to-v3-noninc-ec-p256-appv1.apk");
// non-incremental upgrade with key rotation.
assertInstallSucceeds("v4-inc-to-v3-noninc-ec-p384-rotated-ec-p256-appv2.apk");
}
public void testV4IncToV3NonIncMismatchedRotatedKeyUpgradeFails() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// See cts/hostsidetests/appsecurity/res/pkgsigverify/generate-apks.sh for the command
// to generate the apks
assertInstallV4Succeeds("v4-inc-to-v3-noninc-dsa-3072-appv1.apk");
// non-incremental upgrade with key rotation mismatch with key used in app v1.
assertInstallFailsWithError("v4-inc-to-v3-noninc-ec-p384-rotated-ec-p256-appv2.apk",
"signatures do not match previously installed version");
}
public void testV4IncToV2NonIncSameKeyUpgradeSucceeds() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// See cts/hostsidetests/appsecurity/res/pkgsigverify/generate-apks.sh for the command
// to generate the apks
assertInstallV4Succeeds("v4-inc-to-v2-noninc-ec-p256-appv1.apk");
// non-incremental upgrade with the same key.
assertInstallSucceeds("v4-inc-to-v2-noninc-ec-p256-appv2.apk");
}
public void testV4IncToV2NonIncMismatchingKeyUpgradeFails() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// See cts/hostsidetests/appsecurity/res/pkgsigverify/generate-apks.sh for the command
// to generate the apks
assertInstallV4Succeeds("v4-inc-to-v2-noninc-ec-p256-appv1.apk");
// non-incremental upgrade with a mismatching key.
assertInstallFailsWithError("v4-inc-to-v2-noninc-ec-p384-appv2.apk",
"signatures do not match previously installed version");
}
public void testInstallV4UpdateAfterRotation() throws Exception {
// V4 is only enabled on devices with Incremental feature
if (!hasIncrementalFeature()) {
return;
}
// This test performs an end to end verification of the update of an app with a rotated
// key. The app under test exports a bound service that performs its own PackageManager key
// rotation API verification, and the instrumentation test binds to the service and invokes
// the verifySignatures method to verify that the key rotation APIs return the expected
// results. The instrumentation test app is signed with the same key and lineage as the
// app under test to also provide a second app that can be used for the checkSignatures
// verification.
// Install the initial versions of the apps; the test method verifies the app under test is
// signed with the original signing key.
assertInstallV4FromBuildSucceeds("CtsSignatureQueryService.apk");
assertInstallV4FromBuildSucceeds("CtsSignatureQueryServiceTest.apk");
Utils.runDeviceTests(getDevice(), SERVICE_TEST_PKG, SERVICE_TEST_CLASS,
"verifySignatures_noRotation_succeeds");
// Install the second version of the app signed with the rotated key. This test verifies the
// app still functions as expected after the update with the rotated key. The
// instrumentation test app is not updated here to allow verification of the pre-key
// rotation behavior for the checkSignatures APIs. These APIs should behave similar to the
// GET_SIGNATURES flag in that if one or both apps have a signing lineage if the oldest
// signers in the lineage match then the methods should return that the signatures match
// even if one is signed with a newer key in the lineage.
assertInstallV4FromBuildSucceeds("CtsSignatureQueryService_v2.apk");
Utils.runDeviceTests(getDevice(), SERVICE_TEST_PKG, SERVICE_TEST_CLASS,
"verifySignatures_withRotation_succeeds");
// Installs the third version of the app under test and the instrumentation test, both
// signed with the same rotated key and lineage. This test is intended to verify that the
// app can still be updated and function as expected after an update with a rotated key.
assertInstallV4FromBuildSucceeds("CtsSignatureQueryService_v3.apk");
assertInstallV4FromBuildSucceeds("CtsSignatureQueryServiceTest_v2.apk");
Utils.runDeviceTests(getDevice(), SERVICE_TEST_PKG, SERVICE_TEST_CLASS,
"verifySignatures_withRotation_succeeds");
}
private boolean hasIncrementalFeature() throws Exception {
return "true\n".equals(getDevice().executeShellCommand(
"pm has-feature android.software.incremental_delivery"));
}
private void assertInstallSucceeds(String apkFilenameInResources) throws Exception {
String installResult = installPackageFromResource(apkFilenameInResources);
if (installResult != null) {
fail("Failed to install " + apkFilenameInResources + ": " + installResult);
}
}
private void assertInstallEphemeralSucceeds(String apkFilenameInResources) throws Exception {
String installResult = installEphemeralPackageFromResource(apkFilenameInResources);
if (installResult != null) {
fail("Failed to install " + apkFilenameInResources + ": " + installResult);
}
}
private void assertInstallSucceedsForEach(
String apkFilenamePatternInResources, String[] args) throws Exception {
for (String arg : args) {
String apkFilenameInResources =
String.format(Locale.US, apkFilenamePatternInResources, arg);
String installResult = installPackageFromResource(apkFilenameInResources);
if (installResult != null) {
fail("Failed to install " + apkFilenameInResources + ": " + installResult);
}
try {
uninstallPackage();
} catch (Exception e) {
throw new RuntimeException(
"Failed to uninstall after installing " + apkFilenameInResources, e);
}
}
}
private void assertInstallV4Succeeds(String apkFilenameInResources) throws Exception {
String installResult = installV4PackageFromResource(apkFilenameInResources);
if (!installResult.equals("Success\n")) {
fail("Failed to install " + apkFilenameInResources + ": " + installResult);
}
}
private void assertInstallV4FromBuildSucceeds(String apkName) throws Exception {
String installResult = installV4PackageFromBuild(apkName);
if (!installResult.equals("Success\n")) {
fail("Failed to install " + apkName + ": " + installResult);
}
}
private void assertInstallV4SucceedsAndUninstall(String apkFilenameInResources)
throws Exception {
assertInstallV4Succeeds(apkFilenameInResources);
try {
uninstallPackage();
} catch (Exception e) {
throw new RuntimeException(
"Failed to uninstall after installing " + apkFilenameInResources, e);
}
}
private void assertInstallV4FailsWithError(String apkFilenameInResources, String errorSubstring)
throws Exception {
String installResult = installV4PackageFromResource(apkFilenameInResources);
if (installResult.equals("Success\n")) {
fail("Install of " + apkFilenameInResources + " succeeded but was expected to fail"
+ " with \"" + errorSubstring + "\"");
}
assertContains(
"Install failure message of " + apkFilenameInResources,
errorSubstring,
installResult);
}
private void assertInstallFailsWithError(
String apkFilenameInResources, String errorSubstring) throws Exception {
String installResult = installPackageFromResource(apkFilenameInResources);
if (installResult == null) {
fail("Install of " + apkFilenameInResources + " succeeded but was expected to fail"
+ " with \"" + errorSubstring + "\"");
}
assertContains(
"Install failure message of " + apkFilenameInResources,
errorSubstring,
installResult);
}
private void assertInstallEphemeralFailsWithError(
String apkFilenameInResources, String errorSubstring) throws Exception {
String installResult = installEphemeralPackageFromResource(apkFilenameInResources);
if (installResult == null) {
fail("Install of " + apkFilenameInResources + " succeeded but was expected to fail"
+ " with \"" + errorSubstring + "\"");
}
assertContains(
"Install failure message of " + apkFilenameInResources,
errorSubstring,
installResult);
}
private void assertInstallFails(String apkFilenameInResources) throws Exception {
String installResult = installPackageFromResource(apkFilenameInResources);
if (installResult == null) {
fail("Install of " + apkFilenameInResources + " succeeded but was expected to fail");
}
}
private static void assertContains(String message, String expectedSubstring, String actual) {
String errorPrefix = ((message != null) && (message.length() > 0)) ? (message + ": ") : "";
if (actual == null) {
fail(errorPrefix + "Expected to contain \"" + expectedSubstring + "\", but was null");
}
if (!actual.contains(expectedSubstring)) {
fail(errorPrefix + "Expected to contain \"" + expectedSubstring + "\", but was \""
+ actual + "\"");
}
}
private void installDeviceTestPkg() throws Exception {
assertInstallFromBuildSucceeds(DEVICE_TESTS_APK);
}
private void assertInstallFromBuildSucceeds(String apkName) throws Exception {
String result = installApkFromBuild(apkName);
assertNull("failed to install " + apkName + ", Reason: " + result, result);
}
private void assertInstallFromBuildFails(String apkName) throws Exception {
String result = installApkFromBuild(apkName);
assertNotNull("Successfully installed " + apkName + " when failure was expected", result);
}
private String installApkFromBuild(String apkName) throws Exception {
CompatibilityBuildHelper buildHelper = new CompatibilityBuildHelper(mCtsBuild);
File apk = buildHelper.getTestFile(apkName);
return getDevice().installPackage(apk, true, INSTALL_ARG_FORCE_QUERYABLE);
}
private String installPackageFromResource(String apkFilenameInResources, boolean ephemeral)
throws IOException, DeviceNotAvailableException {
// ITestDevice.installPackage API requires the APK to be install to be a File. We thus
// copy the requested resource into a temporary file, attempt to install it, and delete the
// file during cleanup.
File apkFile = null;
try {
apkFile = getFileFromResource(apkFilenameInResources);
if (ephemeral) {
return getDevice().installPackage(apkFile, true, "--ephemeral",
INSTALL_ARG_FORCE_QUERYABLE);
} else {
return getDevice().installPackage(apkFile, true, INSTALL_ARG_FORCE_QUERYABLE);
}
} finally {
cleanUpFile(apkFile);
}
}
private String installV4PackageFromResource(String apkFilenameInResources)
throws IOException, DeviceNotAvailableException {
File apkFile = null;
File v4SignatureFile = null;
try {
apkFile = getFileFromResource(apkFilenameInResources);
v4SignatureFile = getFileFromResource(apkFilenameInResources + ".idsig");
String remoteApkFilePath = pushFileToRemote(apkFile);
pushFileToRemote(v4SignatureFile);
return installV4Package(remoteApkFilePath);
} finally {
cleanUpFile(apkFile);
cleanUpFile(v4SignatureFile);
}
}
private String installV4PackageFromBuild(String apkName)
throws IOException, DeviceNotAvailableException {
CompatibilityBuildHelper buildHelper = new CompatibilityBuildHelper(mCtsBuild);
File apkFile = buildHelper.getTestFile(apkName);
File v4SignatureFile = buildHelper.getTestFile(apkName + ".idsig");
String remoteApkFilePath = pushFileToRemote(apkFile);
pushFileToRemote(v4SignatureFile);
return installV4Package(remoteApkFilePath);
}
private String pushFileToRemote(File localFile) throws DeviceNotAvailableException {
String remotePath = "/data/local/tmp/pkginstalltest-" + localFile.getName();
getDevice().pushFile(localFile, remotePath);
return remotePath;
}
private String installV4Package(String remoteApkPath)
throws DeviceNotAvailableException {
String command = "pm install-incremental --force-queryable -t -g " + remoteApkPath;
return getDevice().executeShellCommand(command);
}
private File getFileFromResource(String filenameInResources)
throws IOException, IllegalArgumentException {
String fullResourceName = TEST_APK_RESOURCE_PREFIX + filenameInResources;
File tempDir = FileUtil.createTempDir("pkginstalltest");
File file = new File(tempDir, filenameInResources);
InputStream in = getClass().getResourceAsStream(fullResourceName);
if (in == null) {
throw new IllegalArgumentException("Resource not found: " + fullResourceName);
}
OutputStream out = new BufferedOutputStream(new FileOutputStream(file));
byte[] buf = new byte[65536];
int chunkSize;
while ((chunkSize = in.read(buf)) != -1) {
out.write(buf, 0, chunkSize);
}
out.close();
return file;
}
private void cleanUpFile(File file) {
if (file != null && file.exists()) {
file.delete();
}
}
private String installPackageFromResource(String apkFilenameInResources)
throws IOException, DeviceNotAvailableException {
return installPackageFromResource(apkFilenameInResources, false);
}
private String installEphemeralPackageFromResource(String apkFilenameInResources)
throws IOException, DeviceNotAvailableException {
return installPackageFromResource(apkFilenameInResources, true);
}
private String uninstallPackage() throws DeviceNotAvailableException {
return getDevice().uninstallPackage(TEST_PKG);
}
private String uninstallCompanionPackages() throws DeviceNotAvailableException {
String result1 = getDevice().uninstallPackage(COMPANION_TEST_PKG);
String result2 = getDevice().uninstallPackage(COMPANION2_TEST_PKG);
return result1 != null ? result1 : result2;
}
private String uninstallDeviceTestPackage() throws DeviceNotAvailableException {
return getDevice().uninstallPackage(DEVICE_TESTS_PKG);
}
private void uninstallServicePackages() throws DeviceNotAvailableException {
getDevice().uninstallPackage(SERVICE_PKG);
getDevice().uninstallPackage(SERVICE_TEST_PKG);
}
private void uninstallPackages() throws DeviceNotAvailableException {
uninstallPackage();
uninstallCompanionPackages();
uninstallDeviceTestPackage();
uninstallServicePackages();
}
}