Example 16 with Signature
use of android.content.pm.Signature in project android_frameworks_base by ParanoidAndroid.
the class PackageManagerBackupAgent method readSignatureArray.
private static Signature[] readSignatureArray(DataInputStream in) {
try {
int num;
try {
num = in.readInt();
} catch (EOFException e) {
// clean termination
Slog.w(TAG, "Read empty signature block");
return null;
}
if (DEBUG)
Slog.v(TAG, " ... unflatten read " + num);
// Sensical?
if (num > 20) {
Slog.e(TAG, "Suspiciously large sig count in restore data; aborting");
throw new IllegalStateException("Bad restore state");
}
Signature[] sigs = new Signature[num];
for (int i = 0; i < num; i++) {
int len = in.readInt();
byte[] flatSig = new byte[len];
in.read(flatSig);
sigs[i] = new Signature(flatSig);
}
return sigs;
} catch (IOException e) {
Slog.e(TAG, "Unable to read signatures");
return null;
}
}
Also used :
Signature(android.content.pm.Signature)
EOFException(java.io.EOFException)
IOException(java.io.IOException)
Example 17 with Signature
use of android.content.pm.Signature in project android_frameworks_base by ParanoidAndroid.
the class PackageSignatures method writeXml.
void writeXml(XmlSerializer serializer, String tagName, ArrayList<Signature> pastSignatures) throws IOException {
if (mSignatures == null) {
return;
}
serializer.startTag(null, tagName);
serializer.attribute(null, "count", Integer.toString(mSignatures.length));
for (int i = 0; i < mSignatures.length; i++) {
serializer.startTag(null, "cert");
final Signature sig = mSignatures[i];
final int sigHash = sig.hashCode();
final int numPast = pastSignatures.size();
int j;
for (j = 0; j < numPast; j++) {
Signature pastSig = pastSignatures.get(j);
if (pastSig.hashCode() == sigHash && pastSig.equals(sig)) {
serializer.attribute(null, "index", Integer.toString(j));
break;
}
}
if (j >= numPast) {
pastSignatures.add(sig);
serializer.attribute(null, "index", Integer.toString(numPast));
serializer.attribute(null, "key", sig.toCharsString());
}
serializer.endTag(null, "cert");
}
serializer.endTag(null, tagName);
}
Also used :
Signature(android.content.pm.Signature)
Example 18 with Signature
use of android.content.pm.Signature in project android_frameworks_base by ParanoidAndroid.
the class PackageSignatures method readXml.
void readXml(XmlPullParser parser, ArrayList<Signature> pastSignatures) throws IOException, XmlPullParserException {
String countStr = parser.getAttributeValue(null, "count");
if (countStr == null) {
PackageManagerService.reportSettingsProblem(Log.WARN, "Error in package manager settings: <signatures> has" + " no count at " + parser.getPositionDescription());
XmlUtils.skipCurrentTag(parser);
}
final int count = Integer.parseInt(countStr);
mSignatures = new Signature[count];
int pos = 0;
int outerDepth = parser.getDepth();
int type;
while ((type = parser.next()) != XmlPullParser.END_DOCUMENT && (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
continue;
}
String tagName = parser.getName();
if (tagName.equals("cert")) {
if (pos < count) {
String index = parser.getAttributeValue(null, "index");
if (index != null) {
try {
int idx = Integer.parseInt(index);
String key = parser.getAttributeValue(null, "key");
if (key == null) {
if (idx >= 0 && idx < pastSignatures.size()) {
Signature sig = pastSignatures.get(idx);
if (sig != null) {
mSignatures[pos] = pastSignatures.get(idx);
pos++;
} else {
PackageManagerService.reportSettingsProblem(Log.WARN, "Error in package manager settings: <cert> " + "index " + index + " is not defined at " + parser.getPositionDescription());
}
} else {
PackageManagerService.reportSettingsProblem(Log.WARN, "Error in package manager settings: <cert> " + "index " + index + " is out of bounds at " + parser.getPositionDescription());
}
} else {
while (pastSignatures.size() <= idx) {
pastSignatures.add(null);
}
Signature sig = new Signature(key);
pastSignatures.set(idx, sig);
mSignatures[pos] = sig;
pos++;
}
} catch (NumberFormatException e) {
PackageManagerService.reportSettingsProblem(Log.WARN, "Error in package manager settings: <cert> " + "index " + index + " is not a number at " + parser.getPositionDescription());
} catch (IllegalArgumentException e) {
PackageManagerService.reportSettingsProblem(Log.WARN, "Error in package manager settings: <cert> " + "index " + index + " has an invalid signature at " + parser.getPositionDescription() + ": " + e.getMessage());
}
} else {
PackageManagerService.reportSettingsProblem(Log.WARN, "Error in package manager settings: <cert> has" + " no index at " + parser.getPositionDescription());
}
} else {
PackageManagerService.reportSettingsProblem(Log.WARN, "Error in package manager settings: too " + "many <cert> tags, expected " + count + " at " + parser.getPositionDescription());
}
} else {
PackageManagerService.reportSettingsProblem(Log.WARN, "Unknown element under <cert>: " + parser.getName());
}
XmlUtils.skipCurrentTag(parser);
}
if (pos < count) {
// Should never happen -- there is an error in the written
// settings -- but if it does we don't want to generate
// a bad array.
Signature[] newSigs = new Signature[pos];
System.arraycopy(mSignatures, 0, newSigs, 0, pos);
mSignatures = newSigs;
}
}
Also used :
Signature(android.content.pm.Signature)
Example 19 with Signature
use of android.content.pm.Signature in project android_frameworks_base by ParanoidAndroid.
the class NetworkPolicyManager method isUidValidForPolicy.
/**
* Check if given UID can have a {@link #setUidPolicy(int, int)} defined,
* usually to protect critical system services.
*/
@Deprecated
public static boolean isUidValidForPolicy(Context context, int uid) {
// first, quick-reject non-applications
if (!UserHandle.isApp(uid)) {
return false;
}
if (!ALLOW_PLATFORM_APP_POLICY) {
final PackageManager pm = context.getPackageManager();
final HashSet<Signature> systemSignature;
try {
systemSignature = Sets.newHashSet(pm.getPackageInfo("android", GET_SIGNATURES).signatures);
} catch (NameNotFoundException e) {
throw new RuntimeException("problem finding system signature", e);
}
try {
// reject apps signed with platform cert
for (String packageName : pm.getPackagesForUid(uid)) {
final HashSet<Signature> packageSignature = Sets.newHashSet(pm.getPackageInfo(packageName, GET_SIGNATURES).signatures);
if (packageSignature.containsAll(systemSignature)) {
return false;
}
}
} catch (NameNotFoundException e) {
}
}
// nothing found above; we can apply policy to UID
return true;
}
Also used :
PackageManager(android.content.pm.PackageManager)
NameNotFoundException(android.content.pm.PackageManager.NameNotFoundException)
Signature(android.content.pm.Signature)
Example 20 with Signature
use of android.content.pm.Signature in project android_frameworks_base by ResurrectionRemix.
the class SystemConfig method readPermissionsFromXml.
private void readPermissionsFromXml(File permFile, int permissionFlag) {
FileReader permReader = null;
try {
permReader = new FileReader(permFile);
} catch (FileNotFoundException e) {
Slog.w(TAG, "Couldn't find or open permissions file " + permFile);
return;
}
final boolean lowRam = ActivityManager.isLowRamDeviceStatic();
try {
XmlPullParser parser = Xml.newPullParser();
parser.setInput(permReader);
int type;
while ((type = parser.next()) != parser.START_TAG && type != parser.END_DOCUMENT) {
;
}
if (type != parser.START_TAG) {
throw new XmlPullParserException("No start tag found");
}
if (!parser.getName().equals("permissions") && !parser.getName().equals("config")) {
throw new XmlPullParserException("Unexpected start tag in " + permFile + ": found " + parser.getName() + ", expected 'permissions' or 'config'");
}
boolean allowAll = permissionFlag == ALLOW_ALL;
boolean allowLibs = (permissionFlag & ALLOW_LIBS) != 0;
boolean allowFeatures = (permissionFlag & ALLOW_FEATURES) != 0;
boolean allowPermissions = (permissionFlag & ALLOW_PERMISSIONS) != 0;
boolean allowAppConfigs = (permissionFlag & ALLOW_APP_CONFIGS) != 0;
while (true) {
XmlUtils.nextElement(parser);
if (parser.getEventType() == XmlPullParser.END_DOCUMENT) {
break;
}
String name = parser.getName();
if ("group".equals(name) && allowAll) {
String gidStr = parser.getAttributeValue(null, "gid");
if (gidStr != null) {
int gid = android.os.Process.getGidForName(gidStr);
mGlobalGids = appendInt(mGlobalGids, gid);
} else {
Slog.w(TAG, "<group> without gid in " + permFile + " at " + parser.getPositionDescription());
}
XmlUtils.skipCurrentTag(parser);
continue;
} else if ("allow-permission".equals(name)) {
String perm = parser.getAttributeValue(null, "name");
if (perm == null) {
Slog.w(TAG, "<allow-permission> without name at " + parser.getPositionDescription());
XmlUtils.skipCurrentTag(parser);
continue;
}
String signature = parser.getAttributeValue(null, "signature");
if (signature == null) {
Slog.w(TAG, "<allow-permission> without signature at " + parser.getPositionDescription());
XmlUtils.skipCurrentTag(parser);
continue;
}
Signature sig = null;
try {
sig = new Signature(signature);
} catch (IllegalArgumentException e) {
// sig will be null so we will log it below
}
if (sig != null) {
ArraySet<String> perms = mSignatureAllowances.get(sig);
if (perms == null) {
perms = new ArraySet<String>();
mSignatureAllowances.put(sig, perms);
}
perms.add(perm);
} else {
Slog.w(TAG, "<allow-permission> with bad signature at " + parser.getPositionDescription());
}
XmlUtils.skipCurrentTag(parser);
} else if ("permission".equals(name) && allowPermissions) {
String perm = parser.getAttributeValue(null, "name");
if (perm == null) {
Slog.w(TAG, "<permission> without name in " + permFile + " at " + parser.getPositionDescription());
XmlUtils.skipCurrentTag(parser);
continue;
}
perm = perm.intern();
readPermission(parser, perm);
} else if ("assign-permission".equals(name) && allowPermissions) {
String perm = parser.getAttributeValue(null, "name");
if (perm == null) {
Slog.w(TAG, "<assign-permission> without name in " + permFile + " at " + parser.getPositionDescription());
XmlUtils.skipCurrentTag(parser);
continue;
}
String uidStr = parser.getAttributeValue(null, "uid");
if (uidStr == null) {
Slog.w(TAG, "<assign-permission> without uid in " + permFile + " at " + parser.getPositionDescription());
XmlUtils.skipCurrentTag(parser);
continue;
}
int uid = Process.getUidForName(uidStr);
if (uid < 0) {
Slog.w(TAG, "<assign-permission> with unknown uid \"" + uidStr + " in " + permFile + " at " + parser.getPositionDescription());
XmlUtils.skipCurrentTag(parser);
continue;
}
perm = perm.intern();
ArraySet<String> perms = mSystemPermissions.get(uid);
if (perms == null) {
perms = new ArraySet<String>();
mSystemPermissions.put(uid, perms);
}
perms.add(perm);
XmlUtils.skipCurrentTag(parser);
} else if ("library".equals(name) && allowLibs) {
String lname = parser.getAttributeValue(null, "name");
String lfile = parser.getAttributeValue(null, "file");
if (lname == null) {
Slog.w(TAG, "<library> without name in " + permFile + " at " + parser.getPositionDescription());
} else if (lfile == null) {
Slog.w(TAG, "<library> without file in " + permFile + " at " + parser.getPositionDescription());
} else {
//Log.i(TAG, "Got library " + lname + " in " + lfile);
mSharedLibraries.put(lname, lfile);
}
XmlUtils.skipCurrentTag(parser);
continue;
} else if ("feature".equals(name) && allowFeatures) {
String fname = parser.getAttributeValue(null, "name");
int fversion = XmlUtils.readIntAttribute(parser, "version", 0);
boolean allowed;
if (!lowRam) {
allowed = true;
} else {
String notLowRam = parser.getAttributeValue(null, "notLowRam");
allowed = !"true".equals(notLowRam);
}
if (fname == null) {
Slog.w(TAG, "<feature> without name in " + permFile + " at " + parser.getPositionDescription());
} else if (allowed) {
addFeature(fname, fversion);
}
XmlUtils.skipCurrentTag(parser);
continue;
} else if ("unavailable-feature".equals(name) && allowFeatures) {
String fname = parser.getAttributeValue(null, "name");
if (fname == null) {
Slog.w(TAG, "<unavailable-feature> without name in " + permFile + " at " + parser.getPositionDescription());
} else {
mUnavailableFeatures.add(fname);
}
XmlUtils.skipCurrentTag(parser);
continue;
} else if ("allow-in-power-save-except-idle".equals(name) && allowAll) {
String pkgname = parser.getAttributeValue(null, "package");
if (pkgname == null) {
Slog.w(TAG, "<allow-in-power-save-except-idle> without package in " + permFile + " at " + parser.getPositionDescription());
} else {
mAllowInPowerSaveExceptIdle.add(pkgname);
}
XmlUtils.skipCurrentTag(parser);
continue;
} else if ("allow-in-power-save".equals(name) && allowAll) {
String pkgname = parser.getAttributeValue(null, "package");
if (pkgname == null) {
Slog.w(TAG, "<allow-in-power-save> without package in " + permFile + " at " + parser.getPositionDescription());
} else {
mAllowInPowerSave.add(pkgname);
}
XmlUtils.skipCurrentTag(parser);
continue;
} else if ("allow-in-data-usage-save".equals(name) && allowAll) {
String pkgname = parser.getAttributeValue(null, "package");
if (pkgname == null) {
Slog.w(TAG, "<allow-in-data-usage-save> without package in " + permFile + " at " + parser.getPositionDescription());
} else {
mAllowInDataUsageSave.add(pkgname);
}
XmlUtils.skipCurrentTag(parser);
continue;
} else if ("app-link".equals(name) && allowAppConfigs) {
String pkgname = parser.getAttributeValue(null, "package");
if (pkgname == null) {
Slog.w(TAG, "<app-link> without package in " + permFile + " at " + parser.getPositionDescription());
} else {
mLinkedApps.add(pkgname);
}
XmlUtils.skipCurrentTag(parser);
} else if ("system-user-whitelisted-app".equals(name) && allowAppConfigs) {
String pkgname = parser.getAttributeValue(null, "package");
if (pkgname == null) {
Slog.w(TAG, "<system-user-whitelisted-app> without package in " + permFile + " at " + parser.getPositionDescription());
} else {
mSystemUserWhitelistedApps.add(pkgname);
}
XmlUtils.skipCurrentTag(parser);
} else if ("system-user-blacklisted-app".equals(name) && allowAppConfigs) {
String pkgname = parser.getAttributeValue(null, "package");
if (pkgname == null) {
Slog.w(TAG, "<system-user-blacklisted-app without package in " + permFile + " at " + parser.getPositionDescription());
} else {
mSystemUserBlacklistedApps.add(pkgname);
}
XmlUtils.skipCurrentTag(parser);
} else if ("default-enabled-vr-app".equals(name) && allowAppConfigs) {
String pkgname = parser.getAttributeValue(null, "package");
String clsname = parser.getAttributeValue(null, "class");
if (pkgname == null) {
Slog.w(TAG, "<default-enabled-vr-app without package in " + permFile + " at " + parser.getPositionDescription());
} else if (clsname == null) {
Slog.w(TAG, "<default-enabled-vr-app without class in " + permFile + " at " + parser.getPositionDescription());
} else {
mDefaultVrComponents.add(new ComponentName(pkgname, clsname));
}
XmlUtils.skipCurrentTag(parser);
} else if ("backup-transport-whitelisted-service".equals(name) && allowFeatures) {
String serviceName = parser.getAttributeValue(null, "service");
if (serviceName == null) {
Slog.w(TAG, "<backup-transport-whitelisted-service> without service in " + permFile + " at " + parser.getPositionDescription());
} else {
ComponentName cn = ComponentName.unflattenFromString(serviceName);
if (cn == null) {
Slog.w(TAG, "<backup-transport-whitelisted-service> with invalid service name " + serviceName + " in " + permFile + " at " + parser.getPositionDescription());
} else {
mBackupTransportWhitelist.add(cn);
}
}
XmlUtils.skipCurrentTag(parser);
} else if ("disabled-until-used-preinstalled-carrier-associated-app".equals(name) && allowAppConfigs) {
String pkgname = parser.getAttributeValue(null, "package");
String carrierPkgname = parser.getAttributeValue(null, "carrierAppPackage");
if (pkgname == null || carrierPkgname == null) {
Slog.w(TAG, "<disabled-until-used-preinstalled-carrier-associated-app" + " without package or carrierAppPackage in " + permFile + " at " + parser.getPositionDescription());
} else {
List<String> associatedPkgs = mDisabledUntilUsedPreinstalledCarrierAssociatedApps.get(carrierPkgname);
if (associatedPkgs == null) {
associatedPkgs = new ArrayList<>();
mDisabledUntilUsedPreinstalledCarrierAssociatedApps.put(carrierPkgname, associatedPkgs);
}
associatedPkgs.add(pkgname);
}
XmlUtils.skipCurrentTag(parser);
} else {
XmlUtils.skipCurrentTag(parser);
continue;
}
}
} catch (XmlPullParserException e) {
Slog.w(TAG, "Got exception parsing permissions.", e);
} catch (IOException e) {
Slog.w(TAG, "Got exception parsing permissions.", e);
} finally {
IoUtils.closeQuietly(permReader);
}
// those features if not already defined by the static config
if (StorageManager.isFileEncryptedNativeOnly()) {
addFeature(PackageManager.FEATURE_FILE_BASED_ENCRYPTION, 0);
addFeature(PackageManager.FEATURE_SECURELY_REMOVES_USERS, 0);
}
for (String featureName : mUnavailableFeatures) {
removeFeature(featureName);
}
}
Also used :
ArraySet(android.util.ArraySet)
FileNotFoundException(java.io.FileNotFoundException)
XmlPullParser(org.xmlpull.v1.XmlPullParser)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
Signature(android.content.pm.Signature)
FileReader(java.io.FileReader)
XmlPullParserException(org.xmlpull.v1.XmlPullParserException)
ComponentName(android.content.ComponentName)
ArrayList(java.util.ArrayList)
List(java.util.List)
Aggregations
Signature (android.content.pm.Signature)97
PackageManager (android.content.pm.PackageManager)34
NameNotFoundException (android.content.pm.PackageManager.NameNotFoundException)31
PackageInfo (android.content.pm.PackageInfo)26
ArrayList (java.util.ArrayList)16
MessageDigest (java.security.MessageDigest)13
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)13
ArraySet (android.util.ArraySet)11
IOException (java.io.IOException)8
PublicKey (java.security.PublicKey)8
File (java.io.File)7
Intent (android.content.Intent)6
CertificateException (java.security.cert.CertificateException)6
HashSet (java.util.HashSet)6
ResolveInfo (android.content.pm.ResolveInfo)5
INetworkManagementEventObserver (android.net.INetworkManagementEventObserver)5
IActivityManager (android.app.IActivityManager)4
INotificationManager (android.app.INotificationManager)4
IProcessObserver (android.app.IProcessObserver)4
PackageParser (android.content.pm.PackageParser)4
