1b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra/* 2b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * Copyright (C) 2012 The Android Open Source Project 3b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * 4b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * Licensed under the Apache License, Version 2.0 (the "License"); 5b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * you may not use this file except in compliance with the License. 6b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * You may obtain a copy of the License at 7b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * 8b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * http://www.apache.org/licenses/LICENSE-2.0 9b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * 10b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * Unless required by applicable law or agreed to in writing, software 11b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * distributed under the License is distributed on an "AS IS" BASIS, 12b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * See the License for the specific language governing permissions and 14b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra * limitations under the License. 15b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra */ 16b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 17b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condrapackage com.android.server.updates; 18b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 19b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.content.BroadcastReceiver; 20b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.content.ContentResolver; 21b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.content.Context; 22b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.content.Intent; 23b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.provider.Settings; 24b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.os.FileUtils; 25b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.util.Base64; 267c65e39964a1aa8fffbd940c5ee9e77691aa9656Geremy Condraimport android.util.EventLog; 27b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport android.util.Slog; 28b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 297c65e39964a1aa8fffbd940c5ee9e77691aa9656Geremy Condraimport com.android.server.EventLogTags; 307c65e39964a1aa8fffbd940c5ee9e77691aa9656Geremy Condra 31b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.io.ByteArrayInputStream; 32b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.io.File; 33b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.io.FileNotFoundException; 34b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.io.FileOutputStream; 35b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.io.InputStream; 36b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.io.IOException; 37b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.cert.Certificate; 38b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.cert.CertificateException; 39b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.cert.CertificateFactory; 40b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.cert.X509Certificate; 41b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.MessageDigest; 42b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.NoSuchAlgorithmException; 43b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.Signature; 44b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport java.security.SignatureException; 45b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 46b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condraimport libcore.io.IoUtils; 47b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 48b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condrapublic class ConfigUpdateInstallReceiver extends BroadcastReceiver { 49b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 50b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private static final String TAG = "ConfigUpdateInstallReceiver"; 51b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 52b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private static final String EXTRA_CONTENT_PATH = "CONTENT_PATH"; 53b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private static final String EXTRA_REQUIRED_HASH = "REQUIRED_HASH"; 54b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private static final String EXTRA_SIGNATURE = "SIGNATURE"; 55b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private static final String EXTRA_VERSION_NUMBER = "VERSION"; 56b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 57b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private static final String UPDATE_CERTIFICATE_KEY = "config_update_certificate"; 58b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 59a2dffda3b3bc4f0bccb175ef4569e45a221d0eb2Geremy Condra protected final File updateDir; 60a2dffda3b3bc4f0bccb175ef4569e45a221d0eb2Geremy Condra protected final File updateContent; 61a2dffda3b3bc4f0bccb175ef4569e45a221d0eb2Geremy Condra protected final File updateVersion; 62b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 63b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra public ConfigUpdateInstallReceiver(String updateDir, String updateContentPath, 64b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String updateMetadataPath, String updateVersionPath) { 65b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra this.updateDir = new File(updateDir); 66b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra this.updateContent = new File(updateDir, updateContentPath); 67b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra File updateMetadataDir = new File(updateDir, updateMetadataPath); 68b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra this.updateVersion = new File(updateMetadataDir, updateVersionPath); 69b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 70b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 71b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra @Override 72b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra public void onReceive(final Context context, final Intent intent) { 73b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra new Thread() { 74b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra @Override 75b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra public void run() { 76b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra try { 77b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the certificate from Settings.Secure 78b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra X509Certificate cert = getCert(context.getContentResolver()); 79b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the content path from the extras 80ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra byte[] altContent = getAltContent(intent); 81b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the version from the extras 82b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra int altVersion = getVersionFromIntent(intent); 83b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the previous value from the extras 84b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String altRequiredHash = getRequiredHashFromIntent(intent); 85b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the signature from the extras 86b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String altSig = getSignatureFromIntent(intent); 87b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the version currently being used 88b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra int currentVersion = getCurrentVersion(); 89b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the hash of the currently used value 90b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String currentHash = getCurrentHash(getCurrentContent()); 91b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (!verifyVersion(currentVersion, altVersion)) { 920967a9edfc29fe601c9242648b93448d710b7a97Geremy Condra Slog.i(TAG, "Not installing, new version is <= current version"); 93b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } else if (!verifyPreviousHash(currentHash, altRequiredHash)) { 94beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra EventLog.writeEvent(EventLogTags.CONFIG_INSTALL_FAILED, 95beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra "Current hash did not match required value"); 96b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } else if (!verifySignature(altContent, altVersion, altRequiredHash, altSig, 97b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra cert)) { 98beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra EventLog.writeEvent(EventLogTags.CONFIG_INSTALL_FAILED, 99beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra "Signature did not verify"); 100b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } else { 101b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // install the new content 102b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra Slog.i(TAG, "Found new update, installing..."); 103b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra install(altContent, altVersion); 104b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra Slog.i(TAG, "Installation successful"); 1054e7f7e839e6adb8986114ee5b619030696f910caGeremy Condra postInstall(context, intent); 106b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 107b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } catch (Exception e) { 108b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra Slog.e(TAG, "Could not update content!", e); 109beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra // keep the error message <= 100 chars 110beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra String errMsg = e.toString(); 111beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra if (errMsg.length() > 100) { 112beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra errMsg = errMsg.substring(0, 99); 113beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra } 114beb9d53971af42db178dfdf6bbcd28d3f823c5f8Geremy Condra EventLog.writeEvent(EventLogTags.CONFIG_INSTALL_FAILED, errMsg); 115b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 116b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 117b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra }.start(); 118b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 119b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 120b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private X509Certificate getCert(ContentResolver cr) { 121b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // get the cert from settings 122b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String cert = Settings.Secure.getString(cr, UPDATE_CERTIFICATE_KEY); 123b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // convert it into a real certificate 124b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra try { 125b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra byte[] derCert = Base64.decode(cert.getBytes(), Base64.DEFAULT); 126b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra InputStream istream = new ByteArrayInputStream(derCert); 127b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra CertificateFactory cf = CertificateFactory.getInstance("X.509"); 128b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return (X509Certificate) cf.generateCertificate(istream); 129b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } catch (CertificateException e) { 130c6fa237daeaae6107174a9b9d4f591ea8cd26d86Robert Greenwalt throw new IllegalStateException("Got malformed certificate from settings, ignoring"); 131b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 132b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 133b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 134b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private String getContentFromIntent(Intent i) { 135b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String extraValue = i.getStringExtra(EXTRA_CONTENT_PATH); 136b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (extraValue == null) { 137b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra throw new IllegalStateException("Missing required content path, ignoring."); 138b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 139b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return extraValue; 140b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 141b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 142b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private int getVersionFromIntent(Intent i) throws NumberFormatException { 143b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String extraValue = i.getStringExtra(EXTRA_VERSION_NUMBER); 144b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (extraValue == null) { 145b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra throw new IllegalStateException("Missing required version number, ignoring."); 146b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 147b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return Integer.parseInt(extraValue.trim()); 148b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 149b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 150b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private String getRequiredHashFromIntent(Intent i) { 151b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String extraValue = i.getStringExtra(EXTRA_REQUIRED_HASH); 152b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (extraValue == null) { 153b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra throw new IllegalStateException("Missing required previous hash, ignoring."); 154b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 155b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return extraValue.trim(); 156b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 157b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 158b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private String getSignatureFromIntent(Intent i) { 159b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String extraValue = i.getStringExtra(EXTRA_SIGNATURE); 160b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (extraValue == null) { 161b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra throw new IllegalStateException("Missing required signature, ignoring."); 162b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 163b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return extraValue.trim(); 164b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 165b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 166b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private int getCurrentVersion() throws NumberFormatException { 167b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra try { 168b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String strVersion = IoUtils.readFileAsString(updateVersion.getCanonicalPath()).trim(); 169b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return Integer.parseInt(strVersion); 170b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } catch (IOException e) { 171c6fa237daeaae6107174a9b9d4f591ea8cd26d86Robert Greenwalt Slog.i(TAG, "Couldn't find current metadata, assuming first update"); 172b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return 0; 173b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 174b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 175b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 176ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra private byte[] getAltContent(Intent i) throws IOException { 177ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra return IoUtils.readFileAsByteArray(getContentFromIntent(i)); 178b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 179b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 180ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra private byte[] getCurrentContent() { 181b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra try { 182ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra return IoUtils.readFileAsByteArray(updateContent.getCanonicalPath()); 183b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } catch (IOException e) { 184c6fa237daeaae6107174a9b9d4f591ea8cd26d86Robert Greenwalt Slog.i(TAG, "Failed to read current content, assuming first update!"); 185b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return null; 186b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 187b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 188b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 189ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra private static String getCurrentHash(byte[] content) { 190b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (content == null) { 191b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return "0"; 192b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 193b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra try { 194b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra MessageDigest dgst = MessageDigest.getInstance("SHA512"); 195ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra byte[] fingerprint = dgst.digest(content); 196b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return IntegralToString.bytesToHexString(fingerprint, false); 197b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } catch (NoSuchAlgorithmException e) { 198b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra throw new AssertionError(e); 199b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 200b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 201b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 202b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private boolean verifyVersion(int current, int alternative) { 203b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return (current < alternative); 204b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 205b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 206b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra private boolean verifyPreviousHash(String current, String required) { 207b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // this is an optional value- if the required field is NONE then we ignore it 208b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (required.equals("NONE")) { 209b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return true; 210b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 211b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // otherwise, verify that we match correctly 212b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return current.equals(required); 213b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 214b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 215ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra private boolean verifySignature(byte[] content, int version, String requiredPrevious, 216b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra String signature, X509Certificate cert) throws Exception { 217b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra Signature signer = Signature.getInstance("SHA512withRSA"); 218b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra signer.initVerify(cert); 219ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra signer.update(content); 220b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra signer.update(Long.toString(version).getBytes()); 221b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra signer.update(requiredPrevious.getBytes()); 222b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra return signer.verify(Base64.decode(signature.getBytes(), Base64.DEFAULT)); 223b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 224b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 225a2dffda3b3bc4f0bccb175ef4569e45a221d0eb2Geremy Condra protected void writeUpdate(File dir, File file, byte[] content) throws IOException { 226b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra FileOutputStream out = null; 227b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra File tmp = null; 228b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra try { 229755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra // create the parents for the destination file 230755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra File parent = file.getParentFile(); 231755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra parent.mkdirs(); 232755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra // check that they were created correctly 233755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra if (!parent.exists()) { 234755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra throw new IOException("Failed to create directory " + parent.getCanonicalPath()); 235755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra } 2369765f94ce7e5473c7e9a081f0e8ee7a07a153ecdGeremy Condra // create the temporary file 2379765f94ce7e5473c7e9a081f0e8ee7a07a153ecdGeremy Condra tmp = File.createTempFile("journal", "", dir); 238b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // mark tmp -rw-r--r-- 239b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra tmp.setReadable(true, false); 240b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // write to it 241b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra out = new FileOutputStream(tmp); 242ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra out.write(content); 243b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // sync to disk 244755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra out.getFD().sync(); 245b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra // atomic rename 246755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra if (!tmp.renameTo(file)) { 247755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra throw new IOException("Failed to atomically rename " + file.getCanonicalPath()); 248755b87742319a9ff689df08cea0137732a8f0b2dGeremy Condra } 249b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } finally { 250b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra if (tmp != null) { 251b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra tmp.delete(); 252b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 253b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra IoUtils.closeQuietly(out); 254b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 255b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 256b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra 25778a4c718e30b6af69fafa6c017af3b2719868631Geremy Condra protected void install(byte[] content, int version) throws IOException { 258b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra writeUpdate(updateDir, updateContent, content); 259ad462d2d1652eb9940aa95d1c4d757734aef508bGeremy Condra writeUpdate(updateDir, updateVersion, Long.toString(version).getBytes()); 260b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra } 2614e7f7e839e6adb8986114ee5b619030696f910caGeremy Condra 2624e7f7e839e6adb8986114ee5b619030696f910caGeremy Condra protected void postInstall(Context context, Intent intent) { 2634e7f7e839e6adb8986114ee5b619030696f910caGeremy Condra } 264b631084613e12e1c6a0ae2ad9446e1284b650ccbGeremy Condra} 265