mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
59bf3b75c7
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/353117 https://review.lineageos.org/q/topic:Q_asb_2023-03 https://review.lineageos.org/q/topic:Q_asb_2023-04 https://review.lineageos.org/q/topic:Q_asb_2023-05 https://review.lineageos.org/q/topic:Q_asb_2023-06 https://review.lineageos.org/q/topic:Q_asb_2023-07 https://review.lineageos.org/q/topic:Q_asb_2023-08 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376560 https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376561 https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376562 https://review.lineageos.org/q/topic:Q_asb_2023-09 https://review.lineageos.org/q/topic:Q_asb_2023-10 https://review.lineageos.org/q/topic:Q_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376563 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_webp/+/376568 https://review.lineageos.org/q/topic:Q_asb_2023-12 https://review.lineageos.org/q/topic:Q_asb_2024-01 https://review.lineageos.org/q/topic:Q_asb_2024-02 https://review.lineageos.org/q/topic:Q_asb_2024-03 Signed-off-by: Tavi <tavi@divested.dev>
85 lines
3.7 KiB
Diff
85 lines
3.7 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Michael Groover <mpgroover@google.com>
|
|
Date: Fri, 31 Mar 2023 21:31:22 +0000
|
|
Subject: [PATCH] Limit the number of supported v1 and v2 signers
|
|
|
|
The v1 and v2 APK Signature Schemes support multiple signers; this
|
|
was intended to allow multiple entities to sign an APK. Previously,
|
|
the platform had no limits placed on the number of signers supported
|
|
in an APK, but this commit sets a hard limit of 10 supported signers
|
|
for these signature schemes to ensure a large number of signers
|
|
does not place undue burden on the platform.
|
|
|
|
Bug: 266580022
|
|
Test: Manually verified the platform only allowed an APK with the
|
|
maximum number of supported signers.
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:6f6ee8a55f37c2b8c0df041b2bd53ec928764597)
|
|
Merged-In: I6aa86b615b203cdc69d58a593ccf8f18474ca091
|
|
Change-Id: I6aa86b615b203cdc69d58a593ccf8f18474ca091
|
|
---
|
|
.../util/apk/ApkSignatureSchemeV2Verifier.java | 10 ++++++++++
|
|
core/java/android/util/jar/StrictJarVerifier.java | 11 +++++++++++
|
|
2 files changed, 21 insertions(+)
|
|
|
|
diff --git a/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java b/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
|
|
index b36888e23f9c..0fa5358e9b86 100644
|
|
--- a/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
|
|
+++ b/core/java/android/util/apk/ApkSignatureSchemeV2Verifier.java
|
|
@@ -83,6 +83,11 @@ public class ApkSignatureSchemeV2Verifier {
|
|
|
|
private static final int APK_SIGNATURE_SCHEME_V2_BLOCK_ID = 0x7109871a;
|
|
|
|
+ /**
|
|
+ * The maximum number of signers supported by the v2 APK signature scheme.
|
|
+ */
|
|
+ private static final int MAX_V2_SIGNERS = 10;
|
|
+
|
|
/**
|
|
* Returns {@code true} if the provided APK contains an APK Signature Scheme V2 signature.
|
|
*
|
|
@@ -188,6 +193,11 @@ public class ApkSignatureSchemeV2Verifier {
|
|
}
|
|
while (signers.hasRemaining()) {
|
|
signerCount++;
|
|
+ if (signerCount > MAX_V2_SIGNERS) {
|
|
+ throw new SecurityException(
|
|
+ "APK Signature Scheme v2 only supports a maximum of " + MAX_V2_SIGNERS
|
|
+ + " signers");
|
|
+ }
|
|
try {
|
|
ByteBuffer signer = getLengthPrefixedSlice(signers);
|
|
X509Certificate[] certs = verifySigner(signer, contentDigests, certFactory);
|
|
diff --git a/core/java/android/util/jar/StrictJarVerifier.java b/core/java/android/util/jar/StrictJarVerifier.java
|
|
index 45254908c5c9..a6aca330d323 100644
|
|
--- a/core/java/android/util/jar/StrictJarVerifier.java
|
|
+++ b/core/java/android/util/jar/StrictJarVerifier.java
|
|
@@ -78,6 +78,11 @@ class StrictJarVerifier {
|
|
"SHA1",
|
|
};
|
|
|
|
+ /**
|
|
+ * The maximum number of signers supported by the JAR signature scheme.
|
|
+ */
|
|
+ private static final int MAX_JAR_SIGNERS = 10;
|
|
+
|
|
private final String jarName;
|
|
private final StrictJarManifest manifest;
|
|
private final HashMap<String, byte[]> metaEntries;
|
|
@@ -293,10 +298,16 @@ class StrictJarVerifier {
|
|
return false;
|
|
}
|
|
|
|
+ int signerCount = 0;
|
|
Iterator<String> it = metaEntries.keySet().iterator();
|
|
while (it.hasNext()) {
|
|
String key = it.next();
|
|
if (key.endsWith(".DSA") || key.endsWith(".RSA") || key.endsWith(".EC")) {
|
|
+ if (++signerCount > MAX_JAR_SIGNERS) {
|
|
+ throw new SecurityException(
|
|
+ "APK Signature Scheme v1 only supports a maximum of " + MAX_JAR_SIGNERS
|
|
+ + " signers");
|
|
+ }
|
|
verifyCertificate(key);
|
|
it.remove();
|
|
}
|