Revert "[DO NOT MERGE]Revert "Relax minimum signature scheme ver..."
Revert submission 16943318-presubmit-am-bc566b73c1674298b82a1153c03313a1
Reason for revert: This change breaks Better Bug.
Reverted Changes:
I32a2db8c7:[automerge] [DO NOT MERGE]Revert "Relax minimum si...
Ic53d2a361:[DO NOT MERGE]Revert "Relax minimum signature sche...
Bug: 223079119
Change-Id: I987bda9df92543f082700936c20aad06f992bdb0
(cherry picked from commit 01c3d11b83bfca88d3fd382b1f51b41a8ffb1506)
Merged-In: I987bda9df92543f082700936c20aad06f992bdb0
diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
index f54d9a7..4ff2624 100644
--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
@@ -1401,9 +1401,11 @@
}
SigningDetails verified;
if (skipVerify) {
- // systemDir APKs are already trusted, save time by not verifying
+ // systemDir APKs are already trusted, save time by not verifying; since the signature
+ // is not verified and some system apps can have their V2+ signatures stripped allow
+ // pulling the certs from the jar signature.
verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification(
- apkPath, minSignatureScheme);
+ apkPath, SigningDetails.SignatureSchemeVersion.JAR);
} else {
verified = ApkSignatureVerifier.verify(apkPath, minSignatureScheme);
}
diff --git a/core/java/android/content/pm/parsing/ParsingPackageUtils.java b/core/java/android/content/pm/parsing/ParsingPackageUtils.java
index e1d34dc..dce242c 100644
--- a/core/java/android/content/pm/parsing/ParsingPackageUtils.java
+++ b/core/java/android/content/pm/parsing/ParsingPackageUtils.java
@@ -3038,9 +3038,11 @@
SigningDetails verified;
try {
if (skipVerify) {
- // systemDir APKs are already trusted, save time by not verifying
+ // systemDir APKs are already trusted, save time by not verifying; since the
+ // signature is not verified and some system apps can have their V2+ signatures
+ // stripped allow pulling the certs from the jar signature.
verified = ApkSignatureVerifier.unsafeGetCertsWithoutVerification(
- baseCodePath, minSignatureScheme);
+ baseCodePath, SigningDetails.SignatureSchemeVersion.JAR);
} else {
verified = ApkSignatureVerifier.verify(baseCodePath, minSignatureScheme);
}
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index b595705..c048644 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -15193,15 +15193,17 @@
}
}
- // Ensure the package is signed with at least the minimum signature scheme version
- // required for its target SDK.
- int minSignatureSchemeVersion =
- ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk(
- pkg.getTargetSdkVersion());
- if (pkg.getSigningDetails().signatureSchemeVersion < minSignatureSchemeVersion) {
- throw new PackageManagerException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
- "No signature found in package of version " + minSignatureSchemeVersion
- + " or newer for package " + pkg.getPackageName());
+ // If the package is not on a system partition ensure it is signed with at least the
+ // minimum signature scheme version required for its target SDK.
+ if ((parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) == 0) {
+ int minSignatureSchemeVersion =
+ ApkSignatureVerifier.getMinimumSignatureSchemeVersionForTargetSdk(
+ pkg.getTargetSdkVersion());
+ if (pkg.getSigningDetails().signatureSchemeVersion < minSignatureSchemeVersion) {
+ throw new PackageManagerException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
+ "No signature found in package of version " + minSignatureSchemeVersion
+ + " or newer for package " + pkg.getPackageName());
+ }
}
}
}
