commit 67096e08a72beea85979a3aa9fc5b376b2c2b5ad
author Daniel Cashman <dcashman@google.com> Thu Dec 28 12:46:33 2017 -0800
committer Dan Cashman <dcashman@google.com> Tue Jan 02 07:28:49 2018 -0800
tree 406ba2dd22e9a0b067e4f875c1d8799d5ede9938
parent dc4cb146315240441fc8d9c05fe8dd63370a7c57

Add APK Signature Scheme v3.

Add ApkSignatureSchemeV3Verifier to enable APKs to be signed with
the new signature scheme.  Update the ApkSignatureVerifier to process
the results, but only pass on what's needed for the existing interface.

In the process, move the ApkSignatureSchemeV2 code into a common
area for use by any scheme that makes use of the APK Signature Block.

The primary purpose of APK Signature Scheme v3 is to enable applications
to rotate their signing key.  This is accomplished by augmenting APK
Signature Scheme v2 to also include a new Proof-of-rotation struct, which
is fundamentally a singly linked list where each of the APK's signing
certificates is included in order, along with a signature over the next
certificate.  Thus, each certificate contains proof that the private key
corresponding to the previous one blessed it.  This provides evidence to
the platform that the new signing certificate should be as trusted as
the previously trusted one.  This structure also includes some flags for
each certificate to indicate to the platform how the APK itself would
like to interract/trust the old certificates.

Bug: 64686581
Test: Builds, boots, passes
      android.appsecurity.cts.PkgInstallSignatureVerificationTest
Change-Id: I0f98ff13950af78f5d9b269f80d13af8891f7a2d

core/java/android/util/jar/StrictJarVerifier.java

diff --git a/core/java/android/util/jar/StrictJarVerifier.java b/core/java/android/util/jar/StrictJarVerifier.java
index debc170..4525490 100644
--- a/core/java/android/util/jar/StrictJarVerifier.java
+++ b/core/java/android/util/jar/StrictJarVerifier.java
@@ -18,6 +18,8 @@
 package android.util.jar;
 
 import android.util.apk.ApkSignatureSchemeV2Verifier;
+import android.util.apk.ApkSignatureSchemeV3Verifier;
+
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.charset.StandardCharsets;
@@ -36,6 +38,7 @@
 import java.util.StringTokenizer;
 import java.util.jar.Attributes;
 import java.util.jar.JarFile;
+
 import sun.security.jca.Providers;
 import sun.security.pkcs.PKCS7;
 import sun.security.pkcs.SignerInfo;
@@ -56,6 +59,15 @@
  */
 class StrictJarVerifier {
     /**
+     * {@code .SF} file header section attribute indicating that the APK is signed not just with
+     * JAR signature scheme but also with APK Signature Scheme v2 or newer. This attribute
+     * facilitates v2 signature stripping detection.
+     *
+     * <p>The attribute contains a comma-separated set of signature scheme IDs.
+     */
+    private static final String SF_ATTRIBUTE_ANDROID_APK_SIGNED_NAME = "X-Android-APK-Signed";
+
+    /**
      * List of accepted digest algorithms. This list is in order from most
      * preferred to least preferred.
      */
@@ -373,17 +385,17 @@
             return;
         }
 
-        // If requested, check whether APK Signature Scheme v2 signature was stripped.
+        // If requested, check whether a newer APK Signature Scheme signature was stripped.
         if (signatureSchemeRollbackProtectionsEnforced) {
             String apkSignatureSchemeIdList =
-                    attributes.getValue(
-                            ApkSignatureSchemeV2Verifier.SF_ATTRIBUTE_ANDROID_APK_SIGNED_NAME);
+                    attributes.getValue(SF_ATTRIBUTE_ANDROID_APK_SIGNED_NAME);
             if (apkSignatureSchemeIdList != null) {
                 // This field contains a comma-separated list of APK signature scheme IDs which
                 // were used to sign this APK. If an ID is known to us, it means signatures of that
                 // scheme were stripped from the APK because otherwise we wouldn't have fallen back
                 // to verifying the APK using the JAR signature scheme.
                 boolean v2SignatureGenerated = false;
+                boolean v3SignatureGenerated = false;
                 StringTokenizer tokenizer = new StringTokenizer(apkSignatureSchemeIdList, ",");
                 while (tokenizer.hasMoreTokens()) {
                     String idText = tokenizer.nextToken().trim();
@@ -402,6 +414,12 @@
                         v2SignatureGenerated = true;
                         break;
                     }
+                    if (id == ApkSignatureSchemeV3Verifier.SF_ATTRIBUTE_ANDROID_APK_SIGNED_ID) {
+                        // This APK was supposed to be signed with APK Signature Scheme v3 but no
+                        // such signature was found.
+                        v3SignatureGenerated = true;
+                        break;
+                    }
                 }
 
                 if (v2SignatureGenerated) {
@@ -409,6 +427,11 @@
                             + " is signed using APK Signature Scheme v2, but no such signature was"
                             + " found. Signature stripped?");
                 }
+                if (v3SignatureGenerated) {
+                    throw new SecurityException(signatureFile + " indicates " + jarName
+                            + " is signed using APK Signature Scheme v3, but no such signature was"
+                            + " found. Signature stripped?");
+                }
             }
         }