Implement IntentFilter verification service.

This commit adds a verifier that verifies a host delegates permission for
an app to handle Url for the host using the Statement protocol.

- Implements the Statement protocol
-- The protocol defines a file format that represents statements.
-- The protocol defines where each asset type should put their statement
declaration. For web asset, the statement file should be hosted at
<scheme>://<host>:<port>/.well-known/associations.json.

- Implements IntentFilterVerificationReceiver, an interface between
StatementService and PackageManager. PackageManager will send a
broadcast with action Intent.ACTION_INTENT_FILTER_NEEDS_VERIFICATION.
The service will process the request and returns the results by calling
PackageManager.verifyIntentFilter().

To verify an IntentFilter like this defined in Android app com.test.app
<intent-filter>
  <data android:scheme="https" />
  <data android:host="www.test.com" />
  <data android:pathPattern=".*"/>
</intent-filter>

The service will try to retrieve the statement file from
https://www.test.com:443/.well-known/associations.json and try to find
a JSON object equivalent to
{'relation': ['delegate_permission/common.handle_all_urls'],
 'target': {'namespace': 'android_app',
            'package_name': 'com.test.app',
            'sha256_cert_fingerprints': [APP_CERT_FP]}}
The entry should have the correct relation, package name, and
certificate sha256 fingerprint.

Because this implementation will send a HTTP request for each host
specified in the intent-filter in AndroidManifest.xml, to avoid overwhelming
the network at app install time, we limit the maximum number of hosts we will
verify for a single app to 10. Any app with more than 10 hosts in the
autoVerify=true intent-filter won't be auto verified.

Change-Id: I787c9d176e4110aa441eb5fe4fa9651a071c6610
27 files changed