/*
* Copyright (C) 2012 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.server.updates;
import android.content.BroadcastReceiver;
import android.content.ContentResolver;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.provider.Settings;
import android.util.Base64;
import android.util.EventLog;
import android.util.Slog;
import com.android.server.EventLogTags;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import libcore.io.IoUtils;
import libcore.io.Streams;
public class ConfigUpdateInstallReceiver extends BroadcastReceiver {
private static final String TAG = "ConfigUpdateInstallReceiver";
private static final String EXTRA_CONTENT_PATH = "CONTENT_PATH";
private static final String EXTRA_REQUIRED_HASH = "REQUIRED_HASH";
private static final String EXTRA_SIGNATURE = "SIGNATURE";
private static final String EXTRA_VERSION_NUMBER = "VERSION";
private static final String UPDATE_CERTIFICATE_KEY = "config_update_certificate";
protected final File updateDir;
protected final File updateContent;
protected final File updateVersion;
public ConfigUpdateInstallReceiver(String updateDir, String updateContentPath,
String updateMetadataPath, String updateVersionPath) {
this.updateDir = new File(updateDir);
this.updateContent = new File(updateDir, updateContentPath);
File updateMetadataDir = new File(updateDir, updateMetadataPath);
this.updateVersion = new File(updateMetadataDir, updateVersionPath);
}
@Override
public void onReceive(final Context context, final Intent intent) {
new Thread() {
@Override
public void run() {
try {
// get the certificate from Settings.Secure
X509Certificate cert = getCert(context.getContentResolver());
// get the content path from the extras
byte[] altContent = getAltContent(context, intent);
// get the version from the extras
int altVersion = getVersionFromIntent(intent);
// get the previous value from the extras
String altRequiredHash = getRequiredHashFromIntent(intent);
// get the signature from the extras
String altSig = getSignatureFromIntent(intent);
// get the version currently being used
int currentVersion = getCurrentVersion();
// get the hash of the currently used value
String currentHash = getCurrentHash(getCurrentContent());
if (!verifyVersion(currentVersion, altVersion)) {
Slog.i(TAG, "Not installing, new version is <= current version");
} else if (!verifyPreviousHash(currentHash, altRequiredHash)) {
EventLog.writeEvent(EventLogTags.CONFIG_INSTALL_FAILED,
"Current hash did not match required value");
} else if (!verifySignature(altContent, altVersion, altRequiredHash, altSig,
cert)) {
EventLog.writeEvent(EventLogTags.CONFIG_INSTALL_FAILED,
"Signature did not verify");
} else {
// install the new content
Slog.i(TAG, "Found new update, installing...");
install(altContent, altVersion);
Slog.i(TAG, "Installation successful");
postInstall(context, intent);
}
} catch (Exception e) {
Slog.e(TAG, "Could not update content!", e);
// keep the error message <= 100 chars
String errMsg = e.toString();
if (errMsg.length() > 100) {
errMsg = errMsg.substring(0, 99);
}
EventLog.writeEvent(EventLogTags.CONFIG_INSTALL_FAILED, errMsg);
}
}
}.start();
}
private X509Certificate getCert(ContentResolver cr) {
// get the cert from settings
String cert = Settings.Secure.getString(cr, UPDATE_CERTIFICATE_KEY);
// convert it into a real certificate
try {
byte[] derCert = Base64.decode(cert.getBytes(), Base64.DEFAULT);
InputStream istream = new ByteArrayInputStream(derCert);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509Certificate) cf.generateCertificate(istream);
} catch (CertificateException e) {
throw new IllegalStateException("Got malformed certificate from settings, ignoring");
}
}
private Uri getContentFromIntent(Intent i) {
Uri data = i.getData();
if (data == null) {
throw new IllegalStateException("Missing required content path, ignoring.");
}
return data;
}
private int getVersionFromIntent(Intent i) throws NumberFormatException {
String extraValue = i.getStringExtra(EXTRA_VERSION_NUMBER);
if (extraValue == null) {
throw new IllegalStateException("Missing required version number, ignoring.");
}
return Integer.parseInt(extraValue.trim());
}
private String getRequiredHashFromIntent(Intent i) {
String extraValue = i.getStringExtra(EXTRA_REQUIRED_HASH);
if (extraValue == null) {
throw new IllegalStateException("Missing required previous hash, ignoring.");
}
return extraValue.trim();
}
private String getSignatureFromIntent(Intent i) {
String extraValue = i.getStringExtra(EXTRA_SIGNATURE);
if (extraValue == null) {
throw new IllegalStateException("Missing required signature, ignoring.");
}
return extraValue.trim();
}
private int getCurrentVersion() throws NumberFormatException {
try {
String strVersion = IoUtils.readFileAsString(updateVersion.getCanonicalPath()).trim();
return Integer.parseInt(strVersion);
} catch (IOException e) {
Slog.i(TAG, "Couldn't find current metadata, assuming first update");
return 0;
}
}
private byte[] getAltContent(Context c, Intent i) throws IOException {
Uri content = getContentFromIntent(i);
InputStream is = c.getContentResolver().openInputStream(content);
try {
return Streams.readFullyNoClose(is);
} finally {
is.close();
}
}
private byte[] getCurrentContent() {
try {
return IoUtils.readFileAsByteArray(updateContent.getCanonicalPath());
} catch (IOException e) {
Slog.i(TAG, "Failed to read current content, assuming first update!");
return null;
}
}
private static String getCurrentHash(byte[] content) {
if (content == null) {
return "0";
}
try {
MessageDigest dgst = MessageDigest.getInstance("SHA512");
byte[] fingerprint = dgst.digest(content);
return IntegralToString.bytesToHexString(fingerprint, false);
} catch (NoSuchAlgorithmException e) {
throw new AssertionError(e);
}
}
private boolean verifyVersion(int current, int alternative) {
return (current < alternative);
}
private boolean verifyPreviousHash(String current, String required) {
// this is an optional value- if the required field is NONE then we ignore it
if (required.equals("NONE")) {
return true;
}
// otherwise, verify that we match correctly
return current.equals(required);
}
private boolean verifySignature(byte[] content, int version, String requiredPrevious,
String signature, X509Certificate cert) throws Exception {
Signature signer = Signature.getInstance("SHA512withRSA");
signer.initVerify(cert);
signer.update(content);
signer.update(Long.toString(version).getBytes());
signer.update(requiredPrevious.getBytes());
return signer.verify(Base64.decode(signature.getBytes(), Base64.DEFAULT));
}
protected void writeUpdate(File dir, File file, byte[] content) throws IOException {
FileOutputStream out = null;
File tmp = null;
try {
// create the parents for the destination file
File parent = file.getParentFile();
parent.mkdirs();
// check that they were created correctly
if (!parent.exists()) {
throw new IOException("Failed to create directory " + parent.getCanonicalPath());
}
// create the temporary file
tmp = File.createTempFile("journal", "", dir);
// mark tmp -rw-r--r--
tmp.setReadable(true, false);
// write to it
out = new FileOutputStream(tmp);
out.write(content);
// sync to disk
out.getFD().sync();
// atomic rename
if (!tmp.renameTo(file)) {
throw new IOException("Failed to atomically rename " + file.getCanonicalPath());
}
} finally {
if (tmp != null) {
tmp.delete();
}
IoUtils.closeQuietly(out);
}
}
protected void install(byte[] content, int version) throws IOException {
writeUpdate(updateDir, updateContent, content);
writeUpdate(updateDir, updateVersion, Long.toString(version).getBytes());
}
protected void postInstall(Context context, Intent intent) {
}
}
|
