| /* |
| * Copyright (C) 2011 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package com.android.server.pm; |
| |
| import com.android.server.pm.PackageManagerService.InstallArgs; |
| |
| import android.content.pm.PackageManager; |
| import android.util.SparseBooleanArray; |
| |
| /** |
| * Tracks the package verification state for a particular package. Each package |
| * verification has a required verifier and zero or more sufficient verifiers. |
| * Only one of the sufficient verifier list must return affirmative to allow the |
| * package to be considered verified. If there are zero sufficient verifiers, |
| * then package verification is considered complete. |
| */ |
| class PackageVerificationState { |
| private final InstallArgs mArgs; |
| |
| private final SparseBooleanArray mSufficientVerifierUids; |
| |
| private final int mRequiredVerifierUid; |
| |
| private boolean mSufficientVerificationComplete; |
| |
| private boolean mSufficientVerificationPassed; |
| |
| private boolean mRequiredVerificationComplete; |
| |
| private boolean mRequiredVerificationPassed; |
| |
| private boolean mExtendedTimeout; |
| |
| /** |
| * Create a new package verification state where {@code requiredVerifierUid} |
| * is the user ID for the package that must reply affirmative before things |
| * can continue. |
| * |
| * @param requiredVerifierUid user ID of required package verifier |
| * @param args |
| */ |
| public PackageVerificationState(int requiredVerifierUid, InstallArgs args) { |
| mRequiredVerifierUid = requiredVerifierUid; |
| mArgs = args; |
| mSufficientVerifierUids = new SparseBooleanArray(); |
| mExtendedTimeout = false; |
| } |
| |
| public InstallArgs getInstallArgs() { |
| return mArgs; |
| } |
| |
| /** |
| * Add a verifier which is added to our sufficient list. |
| * |
| * @param uid user ID of sufficient verifier |
| */ |
| public void addSufficientVerifier(int uid) { |
| mSufficientVerifierUids.put(uid, true); |
| } |
| |
| /** |
| * Should be called when a verification is received from an agent so the |
| * state of the package verification can be tracked. |
| * |
| * @param uid user ID of the verifying agent |
| * @return {@code true} if the verifying agent actually exists in our list |
| */ |
| public boolean setVerifierResponse(int uid, int code) { |
| if (uid == mRequiredVerifierUid) { |
| mRequiredVerificationComplete = true; |
| switch (code) { |
| case PackageManager.VERIFICATION_ALLOW_WITHOUT_SUFFICIENT: |
| mSufficientVerifierUids.clear(); |
| // fall through |
| case PackageManager.VERIFICATION_ALLOW: |
| mRequiredVerificationPassed = true; |
| break; |
| default: |
| mRequiredVerificationPassed = false; |
| } |
| return true; |
| } else { |
| if (mSufficientVerifierUids.get(uid)) { |
| if (code == PackageManager.VERIFICATION_ALLOW) { |
| mSufficientVerificationComplete = true; |
| mSufficientVerificationPassed = true; |
| } |
| |
| mSufficientVerifierUids.delete(uid); |
| if (mSufficientVerifierUids.size() == 0) { |
| mSufficientVerificationComplete = true; |
| } |
| |
| return true; |
| } |
| } |
| |
| return false; |
| } |
| |
| /** |
| * Returns whether verification is considered complete. This means that the |
| * required verifier and at least one of the sufficient verifiers has |
| * returned a positive verification. |
| * |
| * @return {@code true} when verification is considered complete |
| */ |
| public boolean isVerificationComplete() { |
| if (!mRequiredVerificationComplete) { |
| return false; |
| } |
| |
| if (mSufficientVerifierUids.size() == 0) { |
| return true; |
| } |
| |
| return mSufficientVerificationComplete; |
| } |
| |
| /** |
| * Returns whether installation should be allowed. This should only be |
| * called after {@link #isVerificationComplete()} returns {@code true}. |
| * |
| * @return {@code true} if installation should be allowed |
| */ |
| public boolean isInstallAllowed() { |
| if (!mRequiredVerificationPassed) { |
| return false; |
| } |
| |
| if (mSufficientVerificationComplete) { |
| return mSufficientVerificationPassed; |
| } |
| |
| return true; |
| } |
| |
| /** |
| * Extend the timeout for this Package to be verified. |
| */ |
| public void extendTimeout() { |
| if (!mExtendedTimeout) { |
| mExtendedTimeout = true; |
| } |
| } |
| |
| /** |
| * Returns whether the timeout was extended for verification. |
| * |
| * @return {@code true} if a timeout was already extended. |
| */ |
| public boolean timeoutExtended() { |
| return mExtendedTimeout; |
| } |
| } |