Search in sources :

Example 11 with SignerConfig

use of com.android.apksig.SigningCertificateLineage.SignerConfig in project apksig by venshine.

the class SigningCertificateLineageTest method testFirstRotationWitNonDefaultCapabilitiesForSigners.

@Test
public void testFirstRotationWitNonDefaultCapabilitiesForSigners() throws Exception {
    SignerConfig oldSigner = Resources.toLineageSignerConfig(getClass(), FIRST_RSA_2048_SIGNER_RESOURCE_NAME);
    SignerConfig newSigner = Resources.toLineageSignerConfig(getClass(), SECOND_RSA_2048_SIGNER_RESOURCE_NAME);
    List<Boolean> oldSignerCapabilityValues = Arrays.asList(false, false, false, false, false);
    List<Boolean> newSignerCapabilityValues = Arrays.asList(false, true, false, false, false);
    SigningCertificateLineage lineage = new SigningCertificateLineage.Builder(oldSigner, newSigner).setOriginalCapabilities(buildSignerCapabilities(oldSignerCapabilityValues)).setNewCapabilities(buildSignerCapabilities(newSignerCapabilityValues)).build();
    SignerCapabilities oldSignerCapabilities = lineage.getSignerCapabilities(oldSigner);
    assertExpectedCapabilityValues(oldSignerCapabilities, oldSignerCapabilityValues);
    SignerCapabilities newSignerCapabilities = lineage.getSignerCapabilities(newSigner);
    assertExpectedCapabilityValues(newSignerCapabilities, newSignerCapabilityValues);
}
Also used : SignerConfig(com.android.apksig.SigningCertificateLineage.SignerConfig) SignerCapabilities(com.android.apksig.SigningCertificateLineage.SignerCapabilities) Test(org.junit.Test)

Example 12 with SignerConfig

use of com.android.apksig.SigningCertificateLineage.SignerConfig in project apksig by venshine.

the class SigningCertificateLineageTest method testLineageFromBytesContainsExpectedSigners.

@Test
public void testLineageFromBytesContainsExpectedSigners() throws Exception {
    // This file contains the lineage with the three rsa-2048 signers
    DataSource lineageDataSource = Resources.toDataSource(getClass(), "rsa-2048-lineage-3-signers");
    SigningCertificateLineage lineage = SigningCertificateLineage.readFromBytes(lineageDataSource.getByteBuffer(0, (int) lineageDataSource.size()).array());
    List<SignerConfig> signers = new ArrayList<>(3);
    signers.add(Resources.toLineageSignerConfig(getClass(), FIRST_RSA_2048_SIGNER_RESOURCE_NAME));
    signers.add(Resources.toLineageSignerConfig(getClass(), SECOND_RSA_2048_SIGNER_RESOURCE_NAME));
    signers.add(Resources.toLineageSignerConfig(getClass(), THIRD_RSA_2048_SIGNER_RESOURCE_NAME));
    assertLineageContainsExpectedSigners(lineage, signers);
}
Also used : SignerConfig(com.android.apksig.SigningCertificateLineage.SignerConfig) ArrayList(java.util.ArrayList) DataSource(com.android.apksig.util.DataSource) Test(org.junit.Test)

Example 13 with SignerConfig

use of com.android.apksig.SigningCertificateLineage.SignerConfig in project apksig by venshine.

the class SigningCertificateLineageTest method testRotationWithExistingLineageUsingNonParentSignerFails.

@Test(expected = IllegalArgumentException.class)
public void testRotationWithExistingLineageUsingNonParentSignerFails() throws Exception {
    // When rotating the signing certificate the most recent signer must be provided to the
    // spawnDescendant method. This test ensures that using an ancestor of the most recent
    // signer will fail as expected.
    SigningCertificateLineage lineage = createLineageWithSignersFromResources(FIRST_RSA_2048_SIGNER_RESOURCE_NAME, SECOND_RSA_2048_SIGNER_RESOURCE_NAME);
    SignerConfig oldestSigner = mSigners.get(0);
    SignerConfig newSigner = Resources.toLineageSignerConfig(getClass(), THIRD_RSA_2048_SIGNER_RESOURCE_NAME);
    lineage.spawnDescendant(oldestSigner, newSigner);
}
Also used : SignerConfig(com.android.apksig.SigningCertificateLineage.SignerConfig) Test(org.junit.Test)

Example 14 with SignerConfig

use of com.android.apksig.SigningCertificateLineage.SignerConfig in project apksig by venshine.

the class SigningCertificateLineageTest method testLineageFromFileContainsExpectedSigners.

@Test
public void testLineageFromFileContainsExpectedSigners() throws Exception {
    // This file contains the lineage with the three rsa-2048 signers
    DataSource lineageDataSource = Resources.toDataSource(getClass(), "rsa-2048-lineage-3-signers");
    SigningCertificateLineage lineage = SigningCertificateLineage.readFromDataSource(lineageDataSource);
    List<SignerConfig> signers = new ArrayList<>(3);
    signers.add(Resources.toLineageSignerConfig(getClass(), FIRST_RSA_2048_SIGNER_RESOURCE_NAME));
    signers.add(Resources.toLineageSignerConfig(getClass(), SECOND_RSA_2048_SIGNER_RESOURCE_NAME));
    signers.add(Resources.toLineageSignerConfig(getClass(), THIRD_RSA_2048_SIGNER_RESOURCE_NAME));
    assertLineageContainsExpectedSigners(lineage, signers);
}
Also used : SignerConfig(com.android.apksig.SigningCertificateLineage.SignerConfig) ArrayList(java.util.ArrayList) DataSource(com.android.apksig.util.DataSource) Test(org.junit.Test)

Example 15 with SignerConfig

use of com.android.apksig.SigningCertificateLineage.SignerConfig in project apksig by venshine.

the class SigningCertificateLineageTest method testCapabilitiesAreNotUpdatedWithDefaultValues.

@Test
public void testCapabilitiesAreNotUpdatedWithDefaultValues() throws Exception {
    // This file contains the lineage with the first two rsa-2048 signers with the first signer
    // having all of the capabilities set to false.
    SigningCertificateLineage lineage = Resources.toSigningCertificateLineage(getClass(), "rsa-2048-lineage-no-capabilities-first-signer");
    List<Boolean> expectedCapabilityValues = Arrays.asList(false, false, false, false, false);
    SignerConfig oldSignerConfig = Resources.toLineageSignerConfig(getClass(), FIRST_RSA_2048_SIGNER_RESOURCE_NAME);
    SignerCapabilities oldSignerCapabilities = lineage.getSignerCapabilities(oldSignerConfig);
    assertExpectedCapabilityValues(oldSignerCapabilities, expectedCapabilityValues);
    // The builder is called directly to ensure all of the capabilities are set to the default
    // values and the caller configured flags are not modified in this SignerCapabilities.
    SignerCapabilities newCapabilities = new SignerCapabilities.Builder().build();
    lineage.updateSignerCapabilities(oldSignerConfig, newCapabilities);
    SignerCapabilities updatedCapabilities = lineage.getSignerCapabilities(oldSignerConfig);
    assertExpectedCapabilityValues(updatedCapabilities, expectedCapabilityValues);
}
Also used : SignerConfig(com.android.apksig.SigningCertificateLineage.SignerConfig) SignerCapabilities(com.android.apksig.SigningCertificateLineage.SignerCapabilities) Test(org.junit.Test)

Aggregations

SignerConfig (com.android.apksig.SigningCertificateLineage.SignerConfig)15 Test (org.junit.Test)12 SignerCapabilities (com.android.apksig.SigningCertificateLineage.SignerCapabilities)5 DataSource (com.android.apksig.util.DataSource)3 X509Certificate (java.security.cert.X509Certificate)2 ArrayList (java.util.ArrayList)2 File (java.io.File)1 PrivateKey (java.security.PrivateKey)1