16.0+17.1: Extra July ASB backport from @MSe1969

Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2023-07-09 14:49:49 -04:00
parent fb0064ffbf
commit ad8e5b631a
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
6 changed files with 1620 additions and 70 deletions

View File

@ -0,0 +1,53 @@
From 011adec1a494974102930bf65a8d2fdfa8b375b5 Mon Sep 17 00:00:00 2001
From: Khaled Abdelmohsen <khelmy@google.com>
Date: Mon, 24 Feb 2020 16:59:21 +0000
Subject: [PATCH 1/2] Create source stamp verifier
Bug: 148005911
Test: gradlew test
Change-Id: I7008c9567ad5e8b63e7f6ba192d38b10c5c9a2dc
Merged-In: I7008c9567ad5e8b63e7f6ba192d38b10c5c9a2dc
(cherry picked from commit a3970357d65d59b70c6ccf2c5c55000cb4310953)
---
.../internal/apk/ApkSigningBlockUtils.java | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
index 2330f6d..f15597b 100644
--- a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
+++ b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
@@ -998,6 +998,20 @@ public class ApkSigningBlockUtils {
return false;
}
+ public boolean containsWarnings() {
+ if (!mWarnings.isEmpty()) {
+ return true;
+ }
+ if (!signers.isEmpty()) {
+ for (SignerInfo signer : signers) {
+ if (signer.containsWarnings()) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
public void addError(ApkVerifier.Issue msg, Object... parameters) {
mErrors.add(new ApkVerifier.IssueWithParams(msg, parameters));
}
@@ -1042,6 +1056,10 @@ public class ApkSigningBlockUtils {
return !mErrors.isEmpty();
}
+ public boolean containsWarnings() {
+ return !mWarnings.isEmpty();
+ }
+
public List<ApkVerifier.IssueWithParams> getErrors() {
return mErrors;
}
--
2.30.2

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,53 @@
From 011adec1a494974102930bf65a8d2fdfa8b375b5 Mon Sep 17 00:00:00 2001
From: Khaled Abdelmohsen <khelmy@google.com>
Date: Mon, 24 Feb 2020 16:59:21 +0000
Subject: [PATCH 1/2] Create source stamp verifier
Bug: 148005911
Test: gradlew test
Change-Id: I7008c9567ad5e8b63e7f6ba192d38b10c5c9a2dc
Merged-In: I7008c9567ad5e8b63e7f6ba192d38b10c5c9a2dc
(cherry picked from commit a3970357d65d59b70c6ccf2c5c55000cb4310953)
---
.../internal/apk/ApkSigningBlockUtils.java | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
index 2330f6d..f15597b 100644
--- a/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
+++ b/src/main/java/com/android/apksig/internal/apk/ApkSigningBlockUtils.java
@@ -998,6 +998,20 @@ public class ApkSigningBlockUtils {
return false;
}
+ public boolean containsWarnings() {
+ if (!mWarnings.isEmpty()) {
+ return true;
+ }
+ if (!signers.isEmpty()) {
+ for (SignerInfo signer : signers) {
+ if (signer.containsWarnings()) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
public void addError(ApkVerifier.Issue msg, Object... parameters) {
mErrors.add(new ApkVerifier.IssueWithParams(msg, parameters));
}
@@ -1042,6 +1056,10 @@ public class ApkSigningBlockUtils {
return !mErrors.isEmpty();
}
+ public boolean containsWarnings() {
+ return !mWarnings.isEmpty();
+ }
+
public List<ApkVerifier.IssueWithParams> getErrors() {
return mErrors;
}
--
2.30.2

View File

@ -1,7 +1,7 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From 9a80527425030dae7f962ab95eda500a720cde47 Mon Sep 17 00:00:00 2001
From: Michael Groover <mpgroover@google.com>
Date: Fri, 31 Mar 2023 14:30:21 -0500
Subject: [PATCH] Limit the number of supported v1 and v2 signers
Subject: [PATCH 2/2] Limit the number of supported v1 and v2 signers
The v1 and v2 APK Signature Schemes support multiple signers; this
was intended to allow multiple entities to sign an APK. Previously,
@ -15,29 +15,31 @@ Test: gradlew test
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ea0632935646f2f6bf5822a5e9c97885269780bd)
Merged-In: I77f4218599511ff4f9f3790e4942a329d5a18da4
Change-Id: I77f4218599511ff4f9f3790e4942a329d5a18da4
Change-Id: I604ce656e6dcd750e664adcb814c5c66f7b80ce1
---
.../java/com/android/apksig/ApkVerifier.java | 29 +++++
.../internal/apk/v1/V1SchemeSigner.java | 7 ++
.../internal/apk/v1/V1SchemeVerifier.java | 7 ++
.../internal/apk/v2/V2SchemeSigner.java | 8 ++
.../internal/apk/v2/V2SchemeVerifier.java | 5 +
.../internal/apk/v2/V2SchemeSigner.java | 6 ++
.../internal/apk/v2/V2SchemeVerifier.java | 4 +
.../com/android/apksig/ApkSignerTest.java | 100 ++++++++++++++++++
.../com/android/apksig/ApkVerifierTest.java | 31 ++++++
.../com/android/apksig/v1-only-10-signers.apk | Bin 0 -> 18389 bytes
.../com/android/apksig/v1-only-11-signers.apk | Bin 0 -> 22297 bytes
.../com/android/apksig/v2-only-10-signers.apk | Bin 0 -> 20688 bytes
.../com/android/apksig/v2-only-11-signers.apk | Bin 0 -> 24784 bytes
11 files changed, 187 insertions(+)
11 files changed, 184 insertions(+)
create mode 100644 src/test/resources/com/android/apksig/v1-only-10-signers.apk
create mode 100644 src/test/resources/com/android/apksig/v1-only-11-signers.apk
create mode 100644 src/test/resources/com/android/apksig/v2-only-10-signers.apk
create mode 100644 src/test/resources/com/android/apksig/v2-only-11-signers.apk
diff --git a/src/main/java/com/android/apksig/ApkVerifier.java b/src/main/java/com/android/apksig/ApkVerifier.java
index 3e1e7da..cfbc8d2 100644
index 5e458ef..62b132a 100644
--- a/src/main/java/com/android/apksig/ApkVerifier.java
+++ b/src/main/java/com/android/apksig/ApkVerifier.java
@@ -644,6 +644,15 @@ public class ApkVerifier {
@@ -620,6 +620,15 @@ public class ApkVerifier {
}
private void mergeFrom(ApkSigningBlockUtils.Result source) {
@ -53,7 +55,7 @@ index 3e1e7da..cfbc8d2 100644
switch (source.signatureSchemeVersion) {
case ApkSigningBlockUtils.VERSION_APK_SIGNATURE_SCHEME_V2:
mVerifiedUsingV2Scheme = source.verified;
@@ -921,6 +930,16 @@ public class ApkVerifier {
@@ -897,6 +906,16 @@ public class ApkVerifier {
*/
JAR_SIG_NO_SIGNATURES("No JAR signatures"),
@ -70,7 +72,7 @@ index 3e1e7da..cfbc8d2 100644
/**
* APK does not contain any entries covered by JAR signatures.
*/
@@ -1349,6 +1368,16 @@ public class ApkVerifier {
@@ -1325,6 +1344,16 @@ public class ApkVerifier {
"APK Signature Scheme v2 signature %1$s indicates the APK is signed using %2$s but "
+ "no such signature was found. Signature stripped?"),
@ -88,49 +90,52 @@ index 3e1e7da..cfbc8d2 100644
* APK Signature Scheme v2 signature contains no signers.
*/
diff --git a/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeSigner.java b/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeSigner.java
index f900211..6422af0 100644
index f900211..05721ed 100644
--- a/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeSigner.java
+++ b/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeSigner.java
@@ -16,6 +16,8 @@
package com.android.apksig.internal.apk.v1;
+//import static com.android.apksig.Constants.MAX_APK_SIGNERS;
@@ -246,9 +246,16 @@ public abstract class V1SchemeSigner {
String createdBy)
throws NoSuchAlgorithmException, ApkFormatException, InvalidKeyException,
CertificateException, SignatureException {
+
import com.android.apksig.apk.ApkFormatException;
import com.android.apksig.internal.asn1.Asn1DerEncoder;
import com.android.apksig.internal.asn1.Asn1EncodingException;
@@ -249,6 +251,11 @@ public abstract class V1SchemeSigner {
+ int MAX_APK_SIGNERS = 10;
if (signerConfigs.isEmpty()) {
throw new IllegalArgumentException("At least one signer config must be provided");
}
+ if (signerConfigs.size() > 10) {
+ if (signerConfigs.size() > MAX_APK_SIGNERS) {
+ throw new IllegalArgumentException(
+ "APK Signature Scheme v1 only supports a maximum of " + 10 + ", "
+ "APK Signature Scheme v1 only supports a maximum of " + MAX_APK_SIGNERS + ", "
+ + signerConfigs.size() + " provided");
+ }
OutputManifestFile manifest =
generateManifestFile(
jarEntryDigestAlgorithm, jarEntryDigests, sourceManifestBytes);
diff --git a/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java b/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java
index 47d5b01..615215c 100644
index a828bcc..8e49dd3 100644
--- a/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java
+++ b/src/main/java/com/android/apksig/internal/apk/v1/V1SchemeVerifier.java
@@ -16,6 +16,8 @@
@@ -16,6 +16,7 @@
package com.android.apksig.internal.apk.v1;
+//import static com.android.apksig.Constants.MAX_APK_SIGNERS;
+
import com.android.apksig.ApkVerifier.Issue;
import com.android.apksig.ApkVerifier.IssueWithParams;
import com.android.apksig.apk.ApkFormatException;
@@ -303,6 +305,11 @@ public abstract class V1SchemeVerifier {
@@ -249,6 +250,7 @@ public abstract class V1SchemeVerifier {
// * All JAR entries listed in JAR manifest are present in the APK.
// Identify signers
+ int MAX_APK_SIGNERS = 10;
List<Signer> signers = new ArrayList<>(sigBlockEntries.size());
for (CentralDirectoryRecord sigBlockEntry : sigBlockEntries) {
String sigBlockEntryName = sigBlockEntry.getName();
@@ -277,6 +279,11 @@ public abstract class V1SchemeVerifier {
result.addError(Issue.JAR_SIG_NO_SIGNATURES);
return;
}
+ if (signers.size() > 10) {
+ result.addError(Issue.JAR_SIG_MAX_SIGNATURES_EXCEEDED, 10,
+ if (signers.size() > MAX_APK_SIGNERS) {
+ result.addError(Issue.JAR_SIG_MAX_SIGNATURES_EXCEEDED, MAX_APK_SIGNERS,
+ signers.size());
+ return;
+ }
@ -138,66 +143,49 @@ index 47d5b01..615215c 100644
// Verify each signer's signature block file .(RSA|DSA|EC) against the corresponding
// signature file .SF. Any error encountered for any signer terminates verification, to
diff --git a/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeSigner.java b/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeSigner.java
index d8e4723..03a0311 100644
index 6d001e7..375ff91 100644
--- a/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeSigner.java
+++ b/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeSigner.java
@@ -16,6 +16,7 @@
package com.android.apksig.internal.apk.v2;
+//import static com.android.apksig.Constants.MAX_APK_SIGNERS;
import static com.android.apksig.internal.apk.ApkSigningBlockUtils.encodeAsSequenceOfLengthPrefixedElements;
import static com.android.apksig.internal.apk.ApkSigningBlockUtils.encodeAsSequenceOfLengthPrefixedPairsOfIntAndLengthPrefixedBytes;
import static com.android.apksig.internal.apk.ApkSigningBlockUtils.encodeCertificates;
@@ -28,6 +29,7 @@ import com.android.apksig.internal.apk.SignatureAlgorithm;
import com.android.apksig.internal.util.Pair;
import com.android.apksig.util.DataSource;
import com.android.apksig.util.RunnablesExecutor;
+
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
@@ -163,6 +165,12 @@ public abstract class V2SchemeSigner {
@@ -161,6 +161,12 @@ public abstract class V2SchemeSigner {
throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
// FORMAT:
// * length-prefixed sequence of length-prefixed signer blocks.
+ if (signerConfigs.size() > 10) {
+ int MAX_APK_SIGNERS = 10;
+ if (signerConfigs.size() > MAX_APK_SIGNERS) {
+ throw new IllegalArgumentException(
+ "APK Signature Scheme v2 only supports a maximum of " + 10 + ", "
+ "APK Signature Scheme v2 only supports a maximum of " + MAX_APK_SIGNERS + ", "
+ + signerConfigs.size() + " provided");
+ }
+
List<byte[]> signerBlocks = new ArrayList<>(signerConfigs.size());
int signerNumber = 0;
for (SignerConfig signerConfig : signerConfigs) {
diff --git a/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeVerifier.java b/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeVerifier.java
index 51c40bd..651ed5d 100644
index e1be06e..39b205b 100644
--- a/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeVerifier.java
+++ b/src/main/java/com/android/apksig/internal/apk/v2/V2SchemeVerifier.java
@@ -16,6 +16,8 @@
package com.android.apksig.internal.apk.v2;
+//import static com.android.apksig.Constants.MAX_APK_SIGNERS;
+
import com.android.apksig.ApkVerifier.Issue;
import com.android.apksig.apk.ApkFormatException;
import com.android.apksig.apk.ApkUtils;
@@ -225,6 +227,9 @@ public abstract class V2SchemeVerifier {
@@ -180,6 +180,7 @@ public abstract class V2SchemeVerifier {
int maxSdkVersion,
ApkSigningBlockUtils.Result result) throws NoSuchAlgorithmException {
ByteBuffer signers;
+ int MAX_APK_SIGNERS = 10;
try {
signers = ApkSigningBlockUtils.getLengthPrefixedSlice(apkSignatureSchemeV2Block);
} catch (ApkFormatException e) {
@@ -221,6 +222,9 @@ public abstract class V2SchemeVerifier {
return;
}
}
+ if (signerCount > 10) {
+ result.addError(Issue.V2_SIG_MAX_SIGNATURES_EXCEEDED, 10, signerCount);
+ if (signerCount > MAX_APK_SIGNERS) {
+ result.addError(Issue.V2_SIG_MAX_SIGNATURES_EXCEEDED, MAX_APK_SIGNERS, signerCount);
+ }
}
/**
diff --git a/src/test/java/com/android/apksig/ApkSignerTest.java b/src/test/java/com/android/apksig/ApkSignerTest.java
index 1434017..729d96f 100644
index 80f35ba..ccdb02a 100644
--- a/src/test/java/com/android/apksig/ApkSignerTest.java
+++ b/src/test/java/com/android/apksig/ApkSignerTest.java
@@ -635,6 +635,106 @@ public class ApkSignerTest {
@@ -339,6 +339,106 @@ public class ApkSignerTest {
} catch (ApkFormatException expected) {}
}
@ -305,7 +293,7 @@ index 1434017..729d96f 100644
public void testWeirdZipCompressionMethod() throws Exception {
// Any ZIP compression method other than STORED is treated as DEFLATED by Android.
diff --git a/src/test/java/com/android/apksig/ApkVerifierTest.java b/src/test/java/com/android/apksig/ApkVerifierTest.java
index 351d0a8..2392b88 100644
index 6f6c04d..0546f0f 100644
--- a/src/test/java/com/android/apksig/ApkVerifierTest.java
+++ b/src/test/java/com/android/apksig/ApkVerifierTest.java
@@ -239,6 +239,20 @@ public class ApkVerifierTest {
@ -329,7 +317,7 @@ index 351d0a8..2392b88 100644
@Test
public void testV2StrippedRejected() throws Exception {
// APK signed with v1 and v2 schemes, but v2 signature was stripped from the file (by using
@@ -630,6 +644,23 @@ public class ApkVerifierTest {
@@ -471,6 +485,23 @@ public class ApkVerifierTest {
Issue.V2_SIG_NO_SUPPORTED_SIGNATURES);
}
@ -1454,3 +1442,6 @@ Tg9RFHk9CIzHQe49++O|{heuzh
literal 0
HcmV?d00001
--
2.30.2

View File

@ -371,6 +371,11 @@ if enterAndClear "system/nfc"; then
applyPatch "$DOS_PATCHES/android_system_nfc/360972.patch"; #R_asb_2023-07 OOBW in rw_i93_send_to_upper()
fi;
if enterAndClear "tools/apksig"; then
applyPatch "$DOS_PATCHES/android_tools_apksig/360973-backport-prereq.patch"; #R_asb_2023-07 Create source stamp verifier
applyPatch "$DOS_PATCHES/android_tools_apksig/360973-backport.patch"; #R_asb_2023-07 Limit the number of supported v1 and v2 signers
fi;
if enterAndClear "vendor/nxp/opensource/commonsys/external/libnfc-nci"; then
applyPatch "$DOS_PATCHES/android_vendor_nxp_opensource_commonsys_external_libnfc-nci/360974-backport.patch"; #R_asb_2023-07 OOBW in rw_i93_send_to_upper()
fi;

View File

@ -441,9 +441,10 @@ if enterAndClear "system/update_engine"; then
git revert --no-edit c68499e3ff10f2a31f913e14f66aafb4ed94d42d; #Do not skip payload signature verification
fi;
#if enterAndClear "tools/apksig"; then
#applyPatch "$DOS_PATCHES/android_tools_apksig/360973-backport.patch"; #R_asb_2023-07 Limit the number of supported v1 and v2 signers #TODO backport containsWarnings for SignerInfo
#fi;
if enterAndClear "tools/apksig"; then
applyPatch "$DOS_PATCHES/android_tools_apksig/360973-backport-prereq.patch"; #R_asb_2023-07 Create source stamp verifier
applyPatch "$DOS_PATCHES/android_tools_apksig/360973-backport.patch"; #R_asb_2023-07 Limit the number of supported v1 and v2 signers
fi;
if enterAndClear "vendor/lineage"; then
rm build/target/product/security/lineage.x509.pem; #Remove Lineage keys