1/* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 18package com.android.server.security; 19 20import android.content.Context; 21import android.content.pm.PackageInfo; 22import android.content.pm.PackageManager; 23import android.content.pm.PackageManager.NameNotFoundException; 24import android.os.Binder; 25import android.os.RemoteException; 26import android.os.UserHandle; 27import android.security.keymaster.KeyAttestationPackageInfo; 28import android.security.keymaster.KeyAttestationApplicationId; 29import android.security.keymaster.IKeyAttestationApplicationIdProvider; 30 31/** 32 * @hide 33 * The KeyAttestationApplicationIdProviderService provides information describing the possible 34 * applications identified by a UID. Due to UID sharing, this KeyAttestationApplicationId can 35 * comprise information about multiple packages. The Information is used by keystore to describe 36 * the initiating application of a key attestation procedure. 37 */ 38public class KeyAttestationApplicationIdProviderService 39 extends IKeyAttestationApplicationIdProvider.Stub { 40 41 public KeyAttestationApplicationIdProviderService(Context context) { 42 mPackageManager = context.getPackageManager(); 43 } 44 45 private PackageManager mPackageManager; 46 47 public KeyAttestationApplicationId getKeyAttestationApplicationId(int uid) 48 throws RemoteException { 49 if (Binder.getCallingUid() != android.os.Process.KEYSTORE_UID) { 50 throw new SecurityException("This service can only be used by Keystore"); 51 } 52 KeyAttestationPackageInfo[] keyAttestationPackageInfos = null; 53 final long token = Binder.clearCallingIdentity(); 54 try { 55 String[] packageNames = mPackageManager.getPackagesForUid(uid); 56 if (packageNames == null) { 57 throw new RemoteException("No packages for uid"); 58 } 59 int userId = UserHandle.getUserId(uid); 60 keyAttestationPackageInfos = new KeyAttestationPackageInfo[packageNames.length]; 61 62 for (int i = 0; i < packageNames.length; ++i) { 63 PackageInfo packageInfo = mPackageManager.getPackageInfoAsUser(packageNames[i], 64 PackageManager.GET_SIGNATURES, userId); 65 keyAttestationPackageInfos[i] = new KeyAttestationPackageInfo(packageNames[i], 66 packageInfo.versionCode, packageInfo.signatures); 67 } 68 } catch (NameNotFoundException nnfe) { 69 throw new RemoteException(nnfe.getMessage()); 70 } finally { 71 Binder.restoreCallingIdentity(token); 72 } 73 return new KeyAttestationApplicationId(keyAttestationPackageInfos); 74 } 75} 76