Skip to content
Commit 40447c5e authored by Michael Groover's avatar Michael Groover
Browse files

Grant signature permission to requesting app with common signer 

Previously signature permissions were only granted to a requesting app
under the following conditions:
- Both apps are signed by the same signer
- The requesting app's current signer is in the lineage of the
  declaring app, and this signer in the declaring app still has the
  permission capability granted
- The declaring app's current signer is in the lineage of the
  requesting app
However these requirements prevent the signing keys from diverging,
meaning all apps must always be signed by the same key (or remain at
a previous key in the lineage); this goes against signing key best
practices. This commit allows a signature permission to be granted
to a requesting app if it has a signing key in its lineage in common
with the declaring app, and the declaring app has still granted the
permission capability to that key.

Fixes: 176814921
Test: atest SigningDetailsTest
Test: atest PkgInstallSignatureVerificationTest
Change-Id: I386b53085fc47e5111fe083c934045f5fb8154f1
parent 918e1e01
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment