New API for query trust of a fs-verity certificate

The corresponding service is also added.

The API can be used by a store to know whether their certificate is
trusted on the device. As optimization, they only need to download
.fsv_sig signature file if it will be used.

The API can also be used to gradually switch to stronger key. The store
can query with their certificates in priority order and download the best
signature.

Test: Passed new GTS working in progress
Bug: 142573505
Change-Id: Ic788cd04aeaed35ad62113fe9e7535b8fa63b5ee

1 files changed, 77 insertions, 0 deletions

diff --git a/core/java/android/security/FileIntegrityManager.java b/core/java/android/security/FileIntegrityManager.java
new file mode 100644
index 000000000000..cdd6584e9b35
--- /dev/null
+++ b/core/java/android/security/FileIntegrityManager.java
@@ -0,0 +1,77 @@
+/*
+ * Copyright 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security;
+
+import android.annotation.NonNull;
+import android.annotation.RequiresPermission;
+import android.annotation.SystemService;
+import android.content.Context;
+import android.os.RemoteException;
+
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+/**
+ * This class provides access to file integrity related operations.
+ */
+@SystemService(Context.FILE_INTEGRITY_SERVICE)
+public final class FileIntegrityManager {
+    @NonNull private final IFileIntegrityService mService;
+
+    /** @hide */
+    public FileIntegrityManager(@NonNull IFileIntegrityService service) {
+        mService = service;
+    }
+
+    /**
+     * Returns true if APK Verity is supported on the device. When supported, an APK can be
+     * installed with a fs-verity signature (if verified with trusted App Source Certificate) for
+     * continuous on-access verification.
+     */
+    public boolean isApkVeritySupported() {
+        try {
+            // Go through the service just to avoid exposing the vendor controlled system property
+            // to all apps.
+            return mService.isApkVeritySupported();
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
+    }
+
+    /**
+     * Returns whether the given certificate can be used to prove app's install source. Always
+     * return false if the feature is not supported.
+     *
+     * <p>A store can use this API to decide if a signature file needs to be downloaded. Also, if a
+     * store has shipped different certificates before (e.g. with stronger and weaker key), it can
+     * also use this API to download the best signature on the running device.
+     *
+     * @return whether the certificate is trusted in the system
+     */
+    @RequiresPermission(anyOf = {
+            android.Manifest.permission.INSTALL_PACKAGES,
+            android.Manifest.permission.REQUEST_INSTALL_PACKAGES
+    })
+    public boolean isAppSourceCertificateTrusted(@NonNull X509Certificate certificate)
+            throws CertificateEncodingException {
+        try {
+            return mService.isAppSourceCertificateTrusted(certificate.getEncoded());
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
+    }
+}