Cross Reference: /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java

History log of /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
9694657967c7fb62a74c187d01e1aaed1f2db7ac	19-Dec-2016	Alex Klyubin <klyubin@google.com>	Permit 65535 byte ZIP comments and empty Central Directory This fixes two cosmetic issues in APK Signature Scheme v2 signature verifier in Android Package Manager: * Accept APKs with ZIP End of Central Directory comment of length 65535. Previously, only comments of length 65534 were accepted due to a off by one bug. * Accept APKs with empty ZIP Central Directory. These issues should not affect actual APKs because they cannot have an empty ZIP Central Directory (they must contain at least the AndroidManifest.xml entry) and shouldn't contain any comments in ZIP End of Central Directory. Test: cts-tradefed run singleCommand cts --skip-device-info --skip-preconditions --skip-connectivity-check --abi arm64-v8a --module CtsAppSecurityHostTestCases -t android.appsecurity.cts.PkgInstallSignatureVerificationTest Change-Id: I461c43472fa97c04e7579d129a6053e44233adb7 /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
dfb57724474d5688e29a11ea16af068218fb1398	31-Mar-2016	Alex Klyubin <klyubin@google.com>	Remove support for DSA with SHA-512 from v2 sig verification. Android platform does not support DSA with SHA-512. Thus, it does not make sense to support this unsupported algorithm in APK Signature Scheme v2. Bug: 24331392 Change-Id: Ie90b3dd8dd67bad65c64dfb7f6bf427e8ed282ba /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
0722ffcd0699406efe21d2bd69cc8c1708fe858c	19-Mar-2016	Alex Klyubin <klyubin@google.com>	Unbreak verifying v2 signatures of large APKs. The original implementation of APK Signature Scheme v2 verification mmapped the whole APK. This does not work on devices with limited amount of contiguous free logical memory, especially on 32-bit devices where logical address space is relatively small. For example, a 500 MB APK is unlikely to mmap on a Nexus 6. This commit fixes the issue by switching the verification strategy to mmapping each individual 1 MB chunk of the APK, digesting it, and then immediately munmapping. This is about 5-10% slower than mmapping the whole APK in one go. Bug: 27613575 Change-Id: I4167d5a7720c1bb87a0edad5d4f2607f7d554b56 /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
005c7caa611fa15f04a8d1968d3a8aa38f3f4730	11-Mar-2016	Alex Klyubin <klyubin@google.com>	Workaround for verifying large APKs. When an APK is verifier during installation, the recently added APK Signature Scheme v2 code uncondionally memory-maps the whole file. This fails for very large APKs, even those which are not signed with APK Signature Scheme, thus preventing installation of such APKs. This temporary workaround pretends that the APK is not signed with APK Signature Scheme v2 if the APK cannot be memory-mapped because there's insufficient memory. This workaround will be removed soon, once APK Signature Scheme v2 APK verification logic can handle very large APKs. Bug: 27613575 Change-Id: I27bad534855fe4bf3e09b1087398ffdd7f98f482 /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
66c5553c2e418724ea20b2234a8590e889f0ffe4	27-Feb-2016	Todd Kennedy <toddke@google.com>	dump apk signing version bug: 26905579 Change-Id: I5c2682904f2fb83ffce572fe2eb35c38e1b72f01 /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
3a0095f6ddfbf4f397d952cc15b334b6045ea82b	16-Feb-2016	Alex Klyubin <klyubin@google.com>	Use production ID for v2 signing scheme. Bug: 24331392 Change-Id: I89401e8239ad706ca0c184aea0194f4df4d5a7d4 /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
e415718502897a4e5385af47d3bbe8c8257c2e5d	05-Jan-2016	Alex Klyubin <klyubin@google.com>	Verify APKs using APK Signature Scheme v2. This makes Package Manager check whether an APK is signed using APK Signature Scheme v2 and, if it is, verify the APK's signatures using that scheme rather than the usual JAR signature scheme. APK Signature Scheme v2 is a whole-file signature scheme which aims to protect every single bit of the APK as opposed to the JAR signature scheme which protects only the names and uncompressed contents of ZIP entries. The two main goals of APK Signature Scheme v2 are: 1. Detect any unauthorized modifications to the APK. This is achieved by making the signature cover every byte of the APK being signed. 2. Enable much faster signature and integrity verification. This is achieved by requiring only a minimal amount of APK parsing before the signature is verified, thus completely bypassing ZIP entry decompression and by making integrity verification parallelizable by employing a hash tree. Bug: 25794543 Change-Id: If59fe013f2e62bac7677bb20e65f6061b91eec2e /frameworks/base/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java