summaryrefslogtreecommitdiff
path: root/core/java/android
diff options
context:
space:
mode:
Diffstat (limited to 'core/java/android')
-rw-r--r--core/java/android/content/integrity/AppInstallMetadata.java56
-rw-r--r--core/java/android/content/integrity/AtomicFormula.java7
2 files changed, 51 insertions, 12 deletions
diff --git a/core/java/android/content/integrity/AppInstallMetadata.java b/core/java/android/content/integrity/AppInstallMetadata.java
index 4ec94762ac34..4f38fae271f6 100644
--- a/core/java/android/content/integrity/AppInstallMetadata.java
+++ b/core/java/android/content/integrity/AppInstallMetadata.java
@@ -42,6 +42,8 @@ public final class AppInstallMetadata {
private final List<String> mInstallerCertificates;
private final long mVersionCode;
private final boolean mIsPreInstalled;
+ private final boolean mIsStampPresent;
+ private final boolean mIsStampVerified;
private final boolean mIsStampTrusted;
// Raw string encoding for the SHA-256 hash of the certificate of the stamp.
private final String mStampCertificateHash;
@@ -54,6 +56,8 @@ public final class AppInstallMetadata {
this.mInstallerCertificates = builder.mInstallerCertificates;
this.mVersionCode = builder.mVersionCode;
this.mIsPreInstalled = builder.mIsPreInstalled;
+ this.mIsStampPresent = builder.mIsStampPresent;
+ this.mIsStampVerified = builder.mIsStampVerified;
this.mIsStampTrusted = builder.mIsStampTrusted;
this.mStampCertificateHash = builder.mStampCertificateHash;
this.mAllowedInstallersAndCertificates = builder.mAllowedInstallersAndCertificates;
@@ -89,6 +93,16 @@ public final class AppInstallMetadata {
return mIsPreInstalled;
}
+ /** @see AppInstallMetadata.Builder#setIsStampPresent(boolean) */
+ public boolean isStampPresent() {
+ return mIsStampPresent;
+ }
+
+ /** @see AppInstallMetadata.Builder#setIsStampVerified(boolean) */
+ public boolean isStampVerified() {
+ return mIsStampVerified;
+ }
+
/** @see AppInstallMetadata.Builder#setIsStampTrusted(boolean) */
public boolean isStampTrusted() {
return mIsStampTrusted;
@@ -108,14 +122,16 @@ public final class AppInstallMetadata {
public String toString() {
return String.format(
"AppInstallMetadata { PackageName = %s, AppCerts = %s, InstallerName = %s,"
- + " InstallerCerts = %s, VersionCode = %d, PreInstalled = %b, "
- + "StampTrusted = %b, StampCert = %s }",
+ + " InstallerCerts = %s, VersionCode = %d, PreInstalled = %b, StampPresent ="
+ + " %b, StampVerified = %b, StampTrusted = %b, StampCert = %s }",
mPackageName,
mAppCertificates,
mInstallerName == null ? "null" : mInstallerName,
mInstallerCertificates == null ? "null" : mInstallerCertificates,
mVersionCode,
mIsPreInstalled,
+ mIsStampPresent,
+ mIsStampVerified,
mIsStampTrusted,
mStampCertificateHash == null ? "null" : mStampCertificateHash);
}
@@ -128,6 +144,8 @@ public final class AppInstallMetadata {
private List<String> mInstallerCertificates;
private long mVersionCode;
private boolean mIsPreInstalled;
+ private boolean mIsStampPresent;
+ private boolean mIsStampVerified;
private boolean mIsStampTrusted;
private String mStampCertificateHash;
private Map<String, String> mAllowedInstallersAndCertificates;
@@ -221,16 +239,24 @@ public final class AppInstallMetadata {
}
/**
- * Set certificate hash of the stamp embedded in the APK.
+ * Set whether the stamp embedded in the APK is present or not.
*
- * <p>It is represented as the raw string encoding for the SHA-256 hash of the certificate
- * of the stamp.
+ * @see AppInstallMetadata#isStampPresent()
+ */
+ @NonNull
+ public Builder setIsStampPresent(boolean isStampPresent) {
+ this.mIsStampPresent = isStampPresent;
+ return this;
+ }
+
+ /**
+ * Set whether the stamp embedded in the APK is verified or not.
*
- * @see AppInstallMetadata#getStampCertificateHash()
+ * @see AppInstallMetadata#isStampVerified()
*/
@NonNull
- public Builder setStampCertificateHash(@NonNull String stampCertificateHash) {
- this.mStampCertificateHash = Objects.requireNonNull(stampCertificateHash);
+ public Builder setIsStampVerified(boolean isStampVerified) {
+ this.mIsStampVerified = isStampVerified;
return this;
}
@@ -246,6 +272,20 @@ public final class AppInstallMetadata {
}
/**
+ * Set certificate hash of the stamp embedded in the APK.
+ *
+ * <p>It is represented as the raw string encoding for the SHA-256 hash of the certificate
+ * of the stamp.
+ *
+ * @see AppInstallMetadata#getStampCertificateHash()
+ */
+ @NonNull
+ public Builder setStampCertificateHash(@NonNull String stampCertificateHash) {
+ this.mStampCertificateHash = Objects.requireNonNull(stampCertificateHash);
+ return this;
+ }
+
+ /**
* Build {@link AppInstallMetadata}.
*
* @throws IllegalArgumentException if package name or app certificate is null
diff --git a/core/java/android/content/integrity/AtomicFormula.java b/core/java/android/content/integrity/AtomicFormula.java
index 977a631cecd8..f363a54edc16 100644
--- a/core/java/android/content/integrity/AtomicFormula.java
+++ b/core/java/android/content/integrity/AtomicFormula.java
@@ -368,11 +368,10 @@ public abstract class AtomicFormula extends IntegrityFormula {
"Key %s cannot be used with StringAtomicFormula", keyToString(key)));
mValue = hashValue(key, value);
mIsHashedValue =
- key == APP_CERTIFICATE
+ (key == APP_CERTIFICATE
|| key == INSTALLER_CERTIFICATE
- || key == STAMP_CERTIFICATE_HASH
- ? true
- : !mValue.equals(value);
+ || key == STAMP_CERTIFICATE_HASH)
+ || !mValue.equals(value);
}
StringAtomicFormula(Parcel in) {
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-04 05:15:03 +0000