Add test to verify APK signing history returned in rotated order
SigningInfo#getSigningCertificateHistory should return an APKs signing
history in the order of rotation with the original signer at index 0
and the current signer at the last index. This commit adds a test to
verify getSigningCertificateHistory returns the signing lineage of
an APK signed with multiple signers in the history in the order of
rotation.
Bug: 193834256
Test: atest PkgInstallSignatureVerificationTest#
testInstallV3MultipleSignersInLineageGetSigningCertificateHistory
Change-Id: Id042602680c77e6a3a5a701953b5860d695501a7
diff --git a/hostsidetests/appsecurity/certs/pkgsigverify/Android.bp b/hostsidetests/appsecurity/certs/pkgsigverify/Android.bp
index 89e0925..2635114 100644
--- a/hostsidetests/appsecurity/certs/pkgsigverify/Android.bp
+++ b/hostsidetests/appsecurity/certs/pkgsigverify/Android.bp
@@ -39,6 +39,11 @@
}
android_app_certificate {
+ name: "ec-p256_5",
+ certificate: "ec-p256_5",
+}
+
+android_app_certificate {
name: "ec-p384",
certificate: "ec-p384",
}
@@ -121,6 +126,13 @@
}
filegroup {
+ name: "ec-p256-por-1_2_3_4_5-default-caps",
+ srcs: [
+ "ec-p256-por-1_2_3_4_5-default-caps",
+ ],
+}
+
+filegroup {
name: "ec-p256-por-1_2_3-no-caps",
srcs: [
"ec-p256-por-1_2_3-no-caps",
diff --git a/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256-por-1_2_3_4_5-default-caps b/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256-por-1_2_3_4_5-default-caps
new file mode 100644
index 0000000..02fa437
--- /dev/null
+++ b/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256-por-1_2_3_4_5-default-caps
Binary files differ
diff --git a/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256_5.pk8 b/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256_5.pk8
new file mode 100644
index 0000000..d766c13
--- /dev/null
+++ b/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256_5.pk8
Binary files differ
diff --git a/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256_5.x509.pem b/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256_5.x509.pem
new file mode 100644
index 0000000..b30f83b
--- /dev/null
+++ b/hostsidetests/appsecurity/certs/pkgsigverify/ec-p256_5.x509.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBeTCCASCgAwIBAgIUUOHuMdn5JZ6t01FKmI36S/DnFTowCgYIKoZIzj0EAwIw
+FDESMBAGA1UEAwwJZWMtcDI1Nl80MB4XDTIyMDMxNTAxMDUwOFoXDTMyMDMxMjAx
+MDUwOFowFDESMBAGA1UEAwwJZWMtcDI1Nl81MFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAEdXA8VKQy31gOhoSIF7SR7gKDJCV9wx6JH8Svk9m9S/Ams5x6FFITdTw0
+TCoSBWznzMIbQL6Pn60oY53K2+Y7TqNQME4wHQYDVR0OBBYEFOjMMttqIfhsdfPB
+lsCxmYhUmLc7MB8GA1UdIwQYMBaAFG54lwMyVUM2tu6JJOqnAjDjk/Z4MAwGA1Ud
+EwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgLe2X993NMimtJng0NhhvHnQkekQi
+uvmfHutxXf5+iVUCIHgUJIsbd0LzAJYCvclvZlKYhPxgWgcP8lyEZIyPzLRL
+-----END CERTIFICATE-----
diff --git a/hostsidetests/appsecurity/src/android/appsecurity/cts/PkgInstallSignatureVerificationTest.java b/hostsidetests/appsecurity/src/android/appsecurity/cts/PkgInstallSignatureVerificationTest.java
index 44262ab..5370a12 100644
--- a/hostsidetests/appsecurity/src/android/appsecurity/cts/PkgInstallSignatureVerificationTest.java
+++ b/hostsidetests/appsecurity/src/android/appsecurity/cts/PkgInstallSignatureVerificationTest.java
@@ -1004,6 +1004,17 @@
"testGetApkContentsSignersShowsMultipleSigners");
}
+ public void testInstallV3MultipleSignersInLineageGetSigningCertificateHistory()
+ throws Exception {
+ // The APK used for this test is signed with a lineage containing 5 keys in the signing
+ // history; this test verifies SigningInfo#getSigningCertificateHistory returns all of an
+ // APKs signers in their order of rotation.
+ assertInstallFromBuildSucceeds("v3-ec-p256-with-por-1_2_3_4_5-default-caps.apk");
+ Utils.runDeviceTests(
+ getDevice(), DEVICE_TESTS_PKG, DEVICE_TESTS_CLASS,
+ "testGetSigningCertificateHistoryReturnsSignersInOrder");
+ }
+
public void testInstallV3KeyRotationHasSigningCertificate() throws Exception {
// tests that hasSigningCertificate() recognizes past and current signing certs
assertInstallSucceeds("v3-rsa-pkcs1-sha256-2048-2-with-por_1_2-full-caps.apk");
diff --git a/hostsidetests/appsecurity/test-apps/V3SigningSchemeRotation/src/android/appsecurity/cts/v3rotationtests/V3RotationTest.java b/hostsidetests/appsecurity/test-apps/V3SigningSchemeRotation/src/android/appsecurity/cts/v3rotationtests/V3RotationTest.java
index d617251..c8d82cf 100644
--- a/hostsidetests/appsecurity/test-apps/V3SigningSchemeRotation/src/android/appsecurity/cts/v3rotationtests/V3RotationTest.java
+++ b/hostsidetests/appsecurity/test-apps/V3SigningSchemeRotation/src/android/appsecurity/cts/v3rotationtests/V3RotationTest.java
@@ -16,6 +16,8 @@
package android.appsecurity.cts.v3rotationtests;
+import static org.junit.Assert.assertArrayEquals;
+
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
@@ -116,6 +118,51 @@
+ "99c63011022100d260fb1d1f176cf9b7fa60098bfd24319f4905a3e5fda1"
+ "00a6fe1a2ab19ff09e";
+ private static final String EC_P256_THIRD_CERT_HEX =
+ "3082016e30820115a0030201020209008394f5cad16a89a7300a06082a86"
+ + "48ce3d04030230143112301006035504030c0965632d703235365f32301e"
+ + "170d3138303731343030303532365a170d3238303731313030303532365a"
+ + "30143112301006035504030c0965632d703235365f333059301306072a86"
+ + "48ce3d020106082a8648ce3d03010703420004f31e62430e9db6fc5928d9"
+ + "75fc4e47419bacfcb2e07c89299e6cd7e344dd21adfd308d58cb49a1a2a3"
+ + "fecacceea4862069f30be1643bcc255040d8089dfb3743a350304e301d06"
+ + "03551d0e041604146f8d0828b13efaf577fc86b0e99fa3e54bcbcff0301f"
+ + "0603551d230418301680147991d92b0208fc448bf506d4efc9fff428cb5e"
+ + "5f300c0603551d13040530030101ff300a06082a8648ce3d040302034700"
+ + "30440220256bdaa2784c273e4cc291a595a46779dee9de9044dc9f7ab820"
+ + "309567df9fe902201a4ad8c69891b5a8c47434fe9540ed1f4979b5fad348"
+ + "3f3fa04d5677355a579e";
+
+ private static final String EC_P256_FOURTH_CERT_HEX =
+ "3082017b30820120a00302010202146c8cb8a818433c1e6431fb16fb3ae0"
+ + "fb5ad60aa7300a06082a8648ce3d04030230143112301006035504030c09"
+ + "65632d703235365f33301e170d3230303531333139313532385a170d3330"
+ + "303531313139313532385a30143112301006035504030c0965632d703235"
+ + "365f343059301306072a8648ce3d020106082a8648ce3d03010703420004"
+ + "db4a60031e79ad49cb759007d6855d4469b91c8bab065434f2fba971ade7"
+ + "e4d19599a0f67b5e708cfda7543e5630c3769d37e093640d7c768a15144c"
+ + "d0e5dcf4a350304e301d0603551d0e041604146e78970332554336b6ee89"
+ + "24eaa70230e393f678301f0603551d230418301680146f8d0828b13efaf5"
+ + "77fc86b0e99fa3e54bcbcff0300c0603551d13040530030101ff300a0608"
+ + "2a8648ce3d0403020349003046022100ce786e79ec7547446082e9caf910"
+ + "614ff80758f9819fb0f148695067abe0fcd4022100a4881e332ddec2116a"
+ + "d2b59cf891d0f331ff7e27e77b7c6206c7988d9b539330";
+
+ private static final String EC_P256_FIFTH_CERT_HEX =
+ "3082017930820120a003020102021450e1ee31d9f9259eadd3514a988dfa"
+ + "4bf0e7153a300a06082a8648ce3d04030230143112301006035504030c09"
+ + "65632d703235365f34301e170d3232303331353031303530385a170d3332"
+ + "303331323031303530385a30143112301006035504030c0965632d703235"
+ + "365f353059301306072a8648ce3d020106082a8648ce3d03010703420004"
+ + "75703c54a432df580e86848817b491ee028324257dc31e891fc4af93d9bd"
+ + "4bf026b39c7a145213753c344c2a12056ce7ccc21b40be8f9fad28639dca"
+ + "dbe63b4ea350304e301d0603551d0e04160414e8cc32db6a21f86c75f3c1"
+ + "96c0b199885498b73b301f0603551d230418301680146e78970332554336"
+ + "b6ee8924eaa70230e393f678300c0603551d13040530030101ff300a0608"
+ + "2a8648ce3d040302034700304402202ded97f7ddcd3229ad26783436186f"
+ + "1e74247a4422baf99f1eeb715dfe7e895502207814248b1b7742f3009602"
+ + "bdc96f66529884fc605a070ff25c84648c8fccb44b";
+
public void testHasPerm() throws Exception {
PackageManager pm = getContext().getPackageManager();
assertTrue(PERMISSION_NAME + " not granted to " + COMPANION_PKG,
@@ -199,6 +246,28 @@
EC_P256_SECOND_CERT_HEX);
}
+ public void testGetSigningCertificateHistoryReturnsSignersInOrder() throws Exception {
+ // The test package used for this should be signed with five keys in the signing lineage,
+ // and the signatures returned from SigningInfo#getSigningCertificateHistory should be
+ // returned in their rotated order.
+ final String[] expectedSignatures = new String[]{
+ EC_P256_FIRST_CERT_HEX,
+ EC_P256_SECOND_CERT_HEX,
+ EC_P256_THIRD_CERT_HEX,
+ EC_P256_FOURTH_CERT_HEX,
+ EC_P256_FIFTH_CERT_HEX,
+ };
+
+ PackageManager pm = getContext().getPackageManager();
+ PackageInfo pi = pm.getPackageInfo(PKG, PackageManager.GET_SIGNING_CERTIFICATES);
+ assertNotNull("Failed to get signatures in PackageInfo of " + PKG,
+ pi.signingInfo);
+ String[] actualSignatures = Arrays.stream(pi.signingInfo.getSigningCertificateHistory())
+ .map(Signature::toCharsString)
+ .toArray(String[]::new);
+ assertArrayEquals(expectedSignatures, actualSignatures);
+ }
+
public void testHasSigningCertificate() throws Exception {
// make sure that hasSigningCertificate() reports that both certificates in the signing
// history are present
diff --git a/hostsidetests/appsecurity/test-apps/tinyapp/Android.bp b/hostsidetests/appsecurity/test-apps/tinyapp/Android.bp
index 1b7cc0e..1c98103 100644
--- a/hostsidetests/appsecurity/test-apps/tinyapp/Android.bp
+++ b/hostsidetests/appsecurity/test-apps/tinyapp/Android.bp
@@ -98,6 +98,23 @@
}
// This is the test package signed using the V3 signature scheme with
+// a rotated key and multiple signers in the lineage with default
+// capabilities.
+android_test_helper_app {
+ name: "v3-ec-p256-with-por-1_2_3_4_5-default-caps",
+ certificate: ":ec-p256_5",
+ additional_certificates: [":ec-p256"],
+ lineage: ":ec-p256-por-1_2_3_4_5-default-caps",
+ srcs: ["src/**/*.java"],
+ // resource_dirs is the default value: ["res"]
+ test_suites: [
+ "cts",
+ "general-tests",
+ ],
+ sdk_version: "current",
+}
+
+// This is the test package signed using the V3 signature scheme with
// a rotated key and part of a shareduid. The capabilities of this lineage
// grant access to the previous key in the lineage to join the sharedUid.
android_test_helper_app {
