diff options
Diffstat (limited to 'services/core/java/com/android/server/pm/PackageVerificationState.java')
-rw-r--r-- | services/core/java/com/android/server/pm/PackageVerificationState.java | 170 |
1 files changed, 170 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/pm/PackageVerificationState.java b/services/core/java/com/android/server/pm/PackageVerificationState.java new file mode 100644 index 0000000..3214e88 --- /dev/null +++ b/services/core/java/com/android/server/pm/PackageVerificationState.java @@ -0,0 +1,170 @@ +/* + * Copyright (C) 2011 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.server.pm; + +import com.android.server.pm.PackageManagerService.InstallArgs; + +import android.content.pm.PackageManager; +import android.util.SparseBooleanArray; + +/** + * Tracks the package verification state for a particular package. Each package + * verification has a required verifier and zero or more sufficient verifiers. + * Only one of the sufficient verifier list must return affirmative to allow the + * package to be considered verified. If there are zero sufficient verifiers, + * then package verification is considered complete. + */ +class PackageVerificationState { + private final InstallArgs mArgs; + + private final SparseBooleanArray mSufficientVerifierUids; + + private final int mRequiredVerifierUid; + + private boolean mSufficientVerificationComplete; + + private boolean mSufficientVerificationPassed; + + private boolean mRequiredVerificationComplete; + + private boolean mRequiredVerificationPassed; + + private boolean mExtendedTimeout; + + /** + * Create a new package verification state where {@code requiredVerifierUid} + * is the user ID for the package that must reply affirmative before things + * can continue. + * + * @param requiredVerifierUid user ID of required package verifier + * @param args + */ + public PackageVerificationState(int requiredVerifierUid, InstallArgs args) { + mRequiredVerifierUid = requiredVerifierUid; + mArgs = args; + mSufficientVerifierUids = new SparseBooleanArray(); + mExtendedTimeout = false; + } + + public InstallArgs getInstallArgs() { + return mArgs; + } + + /** + * Add a verifier which is added to our sufficient list. + * + * @param uid user ID of sufficient verifier + */ + public void addSufficientVerifier(int uid) { + mSufficientVerifierUids.put(uid, true); + } + + /** + * Should be called when a verification is received from an agent so the + * state of the package verification can be tracked. + * + * @param uid user ID of the verifying agent + * @return {@code true} if the verifying agent actually exists in our list + */ + public boolean setVerifierResponse(int uid, int code) { + if (uid == mRequiredVerifierUid) { + mRequiredVerificationComplete = true; + switch (code) { + case PackageManager.VERIFICATION_ALLOW_WITHOUT_SUFFICIENT: + mSufficientVerifierUids.clear(); + // fall through + case PackageManager.VERIFICATION_ALLOW: + mRequiredVerificationPassed = true; + break; + default: + mRequiredVerificationPassed = false; + } + return true; + } else { + if (mSufficientVerifierUids.get(uid)) { + if (code == PackageManager.VERIFICATION_ALLOW) { + mSufficientVerificationComplete = true; + mSufficientVerificationPassed = true; + } + + mSufficientVerifierUids.delete(uid); + if (mSufficientVerifierUids.size() == 0) { + mSufficientVerificationComplete = true; + } + + return true; + } + } + + return false; + } + + /** + * Returns whether verification is considered complete. This means that the + * required verifier and at least one of the sufficient verifiers has + * returned a positive verification. + * + * @return {@code true} when verification is considered complete + */ + public boolean isVerificationComplete() { + if (!mRequiredVerificationComplete) { + return false; + } + + if (mSufficientVerifierUids.size() == 0) { + return true; + } + + return mSufficientVerificationComplete; + } + + /** + * Returns whether installation should be allowed. This should only be + * called after {@link #isVerificationComplete()} returns {@code true}. + * + * @return {@code true} if installation should be allowed + */ + public boolean isInstallAllowed() { + if (!mRequiredVerificationPassed) { + return false; + } + + if (mSufficientVerificationComplete) { + return mSufficientVerificationPassed; + } + + return true; + } + + /** + * Extend the timeout for this Package to be verified. + */ + public void extendTimeout() { + if (!mExtendedTimeout) { + mExtendedTimeout = true; + } + } + + /** + * Returns whether the timeout was extended for verification. + * + * @return {@code true} if a timeout was already extended. + */ + public boolean timeoutExtended() { + return mExtendedTimeout; + } +} |