Skip to content
Commit 5cdda342 authored by Daniel Cashman's avatar Daniel Cashman Committed by Dan Cashman
Browse files

Add API to expose signing certificate proof-of-rotation. 

With the addition of APK Signature Scheme v3, the platform now can
support key rotation by using the proof-of-rotation provided by the
new scheme.  Create a new API which allows checking of the entire
provided history of an APK's signing certificates, not just the
current signer.  This should allow for changes of APK signing
certificates without fear of losing access to resources that would
have been provided under the old signing certificate.

Change getPackageInfo(GET_SIGNATURES) to return the oldest signing
certificate in the chain so that apps which do programmatic checks,
but are not updated to use the new API, still get the same information
they would have gotten had there been no rotation.

Bug: 64686581
Test: Builds, boots.
Change-Id: I8982fd4cce60f5d85a6180d157a6e2a661b1a6d7
parent 77029c5b
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment