OSDN Git Service

Check signature match between Cert installer and Settings
authorZoltan Szatmary-Ban <szatmz@google.com>
Thu, 9 Jul 2015 16:30:20 +0000 (17:30 +0100)
committerZoltan Szatmary-Ban <szatmz@google.com>
Thu, 9 Jul 2015 17:16:27 +0000 (18:16 +0100)
To prevent an app masquerading as com.android.certinstaller install
malicious certs.

Bug: 22095968
Change-Id: Ia79f326af0f39a23b687cb08981920665669e0a1

src/com/android/settings/CredentialStorage.java

index a12369b..18b4ac8 100644 (file)
@@ -22,6 +22,7 @@ import android.app.admin.DevicePolicyManager;
 import android.content.Context;
 import android.content.DialogInterface;
 import android.content.Intent;
+import android.content.pm.PackageManager;
 import android.content.pm.UserInfo;
 import android.content.res.Resources;
 import android.os.AsyncTask;
@@ -417,8 +418,10 @@ public final class CredentialStorage extends Activity {
      */
     private boolean checkCallerIsCertInstallerOrSelfInProfile() {
         if (TextUtils.equals("com.android.certinstaller", getCallingPackage())) {
-            // CertInstaller is allowed to install credentials
-            return true;
+            // CertInstaller is allowed to install credentials if it has the same signature as
+            // Settings package.
+            return getPackageManager().checkSignatures(
+                    getCallingPackage(), getPackageName()) == PackageManager.SIGNATURE_MATCH;
         }
 
         final int launchedFromUserId;