Make signature checks on restore work with unsigned apps

author: Christopher Tate <ctate@google.com> 2009-06-18 19:41:36 -0700
committer: Christopher Tate <ctate@google.com> 2009-06-18 19:42:24 -0700
commit: 20efdf6b56e54b0520d8629cd706045dc8d280d3 (patch)
tree: 8f1a5cd2f092c418c93e234c61ad6bcefc72e9fd /services/java
parent: 63e7155c7d1d0c3f0027400aa09e9a45f648a80d (diff)
download: frameworks_base-20efdf6b56e54b0520d8629cd706045dc8d280d3.zip
frameworks_base-20efdf6b56e54b0520d8629cd706045dc8d280d3.tar.gz
frameworks_base-20efdf6b56e54b0520d8629cd706045dc8d280d3.tar.bz2
1 files changed, 14 insertions, 11 deletions
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
index 51bee25..fa88111 100644
--- a/services/java/com/android/server/BackupManagerService.java
+++ b/services/java/com/android/server/BackupManagerService.java
@@ -757,6 +757,16 @@ class BackupManagerService extends IBackupManager.Stub {
     }
 
     private boolean signaturesMatch(Signature[] storedSigs, Signature[] deviceSigs) {
+        // Allow unsigned apps, but not signed on one device and unsigned on the other
+        // !!! TODO: is this the right policy?
+        if ((storedSigs == null || storedSigs.length == 0)
+                && (deviceSigs == null || deviceSigs.length == 0)) {
+            return true;
+        }
+        if (storedSigs == null || deviceSigs == null) {
+            return false;
+        }
+
         // !!! TODO: this demands that every stored signature match one
         // that is present on device, and does not demand the converse.
         // Is this this right policy?
@@ -815,8 +825,6 @@ class BackupManagerService extends IBackupManager.Stub {
             }
 
             if (err == 0) {
-                // !!! TODO: do the package manager signatures restore first
-
                 // build the set of apps to restore
                 try {
                     RestoreSet[] images = mTransport.getAvailableRestoreSets();
@@ -841,16 +849,11 @@ class BackupManagerService extends IBackupManager.Stub {
                                 // Validate against the backed-up signature block, too
                                 Signature[] storedSigs
                                         = pmAgent.getRestoredSignatures(app.packageName);
-                                if (storedSigs != null) {
-                                    // !!! TODO: check app version here as well
-                                    if (signaturesMatch(storedSigs, app.signatures)) {
-                                        appsToRestore.add(app);
-                                    } else {
-                                        Log.w(TAG, "Sig mismatch on restore of " + app.packageName);
-                                    }
+                                // !!! TODO: check app version here as well
+                                if (signaturesMatch(storedSigs, app.signatures)) {
+                                    appsToRestore.add(app);
                                 } else {
-                                    Log.i(TAG, "No stored sigs for " + app.packageName
-                                            + " so not restoring");
+                                    Log.w(TAG, "Sig mismatch on restore of " + app.packageName);
                                 }
                             }
                         }
author	Christopher Tate <ctate@google.com>	2009-06-18 19:41:36 -0700
committer	Christopher Tate <ctate@google.com>	2009-06-18 19:42:24 -0700
commit	20efdf6b56e54b0520d8629cd706045dc8d280d3 (patch)
tree	8f1a5cd2f092c418c93e234c61ad6bcefc72e9fd /services/java
parent	63e7155c7d1d0c3f0027400aa09e9a45f648a80d (diff)
download	frameworks_base-20efdf6b56e54b0520d8629cd706045dc8d280d3.zip frameworks_base-20efdf6b56e54b0520d8629cd706045dc8d280d3.tar.gz frameworks_base-20efdf6b56e54b0520d8629cd706045dc8d280d3.tar.bz2