Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / cts / 7db64a057729da5408b43f50d64539364ecdf04b
commit7db64a057729da5408b43f50d64539364ecdf04b[log] [tgz]
authorMichael Groover <mpgroover@google.com>Thu Feb 11 20:17:10 2021 -0800
committerMichael Groover <mpgroover@google.com>Fri Feb 12 20:16:53 2021 +0000
tree6af41147813850804dd468b33470c34cc182aa1e
parent88f60bd816fd82adf5cf7ebb8e03936b21f31481 [diff]
Assert knownSigner permission revoked when app no longer trusts cert

Android 12 introduced a new knownSigner permission protection flag
that allows an app to declare trusted signing certificates; if an
app requesting this permission is signed by one of the trusted
signing certs the permission will be granted to the app. However
if the declaring app is updated and the set of trusted certificates
is changed, or if the app no longer uses the knownSigner flag, then
the permission should be revoked from any requesting app that no
longer meets the signing identity requirements.

Bug: 172970984
Bug: 179727740
Test: atest PkgInstallSignatureVerificationTest
Change-Id: I7b7626c045458ededad0bde81aa51b5933457fd7
2 files changed
tree: 6af41147813850804dd468b33470c34cc182aa1e
  1. .prebuilt_info/
  2. apps/
  3. build/
  4. common/
  5. development/
  6. helpers/
  7. hostsidetests/
  8. libs/
  9. suite/
  10. tests/
  11. tools/
  12. .clang-format
  13. .gitignore
  14. Android.bp
  15. CleanSpec.mk
  16. error_prone_rules.mk
  17. error_prone_rules_tests.mk
  18. PREUPLOAD.cfg
  19. run_unit_tests.sh
  20. test_defs.sh