1// 2// Copyright (C) 2020 The Android Open Source Project 3// 4// Licensed under the Apache License, Version 2.0 (the "License"); 5// you may not use this file except in compliance with the License. 6// You may obtain a copy of the License at 7// 8// http://www.apache.org/licenses/LICENSE-2.0 9// 10// Unless required by applicable law or agreed to in writing, software 11// distributed under the License is distributed on an "AS IS" BASIS, 12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13// See the License for the specific language governing permissions and 14// limitations under the License. 15// 16 17package { 18 default_team: "trendy_team_platform_security", 19 // See: http://go/android-license-faq 20 default_applicable_licenses: ["Android-Apache-2.0"], 21} 22 23// This is the default test package signed with the default key. 24android_test_helper_app { 25 name: "CtsPkgInstallTinyApp", 26 srcs: ["src/**/*.java"], 27 // resource_dirs is the default value: ["res"] 28 test_suites: [ 29 "cts", 30 "general-tests", 31 ], 32 sdk_version: "current", 33} 34 35// This is the test package v2 signed with the default key. 36android_test_helper_app { 37 name: "CtsPkgInstallTinyAppV2", 38 manifest: "AndroidManifest-v2.xml", 39 srcs: ["src/**/*.java"], 40 // resource_dirs is the default value: ["res"] 41 test_suites: [ 42 "cts", 43 "general-tests", 44 ], 45 sdk_version: "current", 46} 47 48// This is the test package signed using the V1/V2 signature schemes with 49// two signers targeting SDK version 30 with sandbox version 1. From this 50// package the v1-ec-p256-two-signers-targetSdk-30.apk is created with the 51// following command: 52// apksigner sign --in v1v2-ec-p256-two-signers-targetSdk-30.apk --out 53// v1-ec-p256-two-signers-targetSdk-30.apk --cert ec-p256.x509.pem --key 54// ec-p256.pk8 --next-signer --cert ec-p256_2.x509.pem --key ec-p256_2.pk8 55// --v2-signing-enabled false --v3-signing-enabled false --v4-signing-enabled false 56android_test_helper_app { 57 name: "v1v2-ec-p256-two-signers-targetSdk-30", 58 manifest: "AndroidManifest-sandbox-v1.xml", 59 certificate: ":ec-p256", 60 additional_certificates: [":ec-p256_2"], 61 srcs: ["src/**/*.java"], 62 // resource_dirs is the default value: ["res"] 63 test_suites: [ 64 "cts", 65 "general-tests", 66 ], 67 sdk_version: "30", 68} 69 70// This is the test package signed using the V3 signature scheme 71// with the previous key in the lineage and part of a sharedUid. 72android_test_helper_app { 73 name: "v3-ec-p256-1-sharedUid", 74 manifest: "AndroidManifest-shareduid.xml", 75 certificate: ":ec-p256", 76 srcs: ["src/**/*.java"], 77 // resource_dirs is the default value: ["res"] 78 test_suites: [ 79 "cts", 80 "general-tests", 81 ], 82 sdk_version: "current", 83} 84 85// This is the test package signed using the V3 signature scheme with 86// a rotated key and one signer in the lineage with default capabilities. 87android_test_helper_app { 88 name: "v3-ec-p256-with-por_1_2-default-caps", 89 certificate: ":ec-p256_2", 90 additional_certificates: [":ec-p256"], 91 lineage: ":ec-p256-por_1_2-default-caps", 92 srcs: ["src/**/*.java"], 93 // resource_dirs is the default value: ["res"] 94 test_suites: [ 95 "cts", 96 "general-tests", 97 ], 98 sdk_version: "current", 99} 100 101// This is the test package signed using the V3 signature scheme with 102// a rotated key and multiple signers in the lineage with default 103// capabilities. 104android_test_helper_app { 105 name: "v3-ec-p256-with-por-1_2_3_4_5-default-caps", 106 certificate: ":ec-p256_5", 107 additional_certificates: [":ec-p256"], 108 lineage: ":ec-p256-por-1_2_3_4_5-default-caps", 109 srcs: ["src/**/*.java"], 110 // resource_dirs is the default value: ["res"] 111 test_suites: [ 112 "cts", 113 "general-tests", 114 ], 115 sdk_version: "current", 116} 117 118// This is the test package signed using the V3 signature scheme with 119// a rotated key and part of a shareduid. The capabilities of this lineage 120// grant access to the previous key in the lineage to join the sharedUid. 121android_test_helper_app { 122 name: "v3-ec-p256-with-por_1_2-default-caps-sharedUid", 123 manifest: "AndroidManifest-shareduid.xml", 124 certificate: ":ec-p256_2", 125 additional_certificates: [":ec-p256"], 126 lineage: ":ec-p256-por_1_2-default-caps", 127 srcs: ["src/**/*.java"], 128 // resource_dirs is the default value: ["res"] 129 test_suites: [ 130 "cts", 131 "general-tests", 132 ], 133 sdk_version: "current", 134} 135 136// This is the test package signed using the V3 signature scheme with 137// a rotated key and part of a shareduid. The signing lineage begins 138// with a key that is not in any of the other lineages and is intended 139// to verify that two packages signed with lineages that have diverged 140// ancestors are not allowed to be installed in the same sharedUserId. 141android_test_helper_app { 142 name: "v3-por_Y_1_2-default-caps-sharedUid", 143 manifest: "AndroidManifest-shareduid.xml", 144 certificate: ":ec-p256_2", 145 additional_certificates: [ 146 ":rsa-2048", 147 ":ec-p256", 148 ], 149 lineage: ":por_Y_1_2-default-caps", 150 srcs: ["src/**/*.java"], 151 // resource_dirs is the default value: ["res"] 152 test_suites: [ 153 "cts", 154 "general-tests", 155 ], 156 sdk_version: "current", 157} 158 159// This is the test package signed using the V3 signature scheme with 160// a rotated key and part of a shareduid. The capabilities of this lineage 161// prevent the previous key in the lineage from joining the sharedUid. 162android_test_helper_app { 163 name: "v3-ec-p256-with-por_1_2-no-shUid-cap-sharedUid", 164 manifest: "AndroidManifest-shareduid.xml", 165 certificate: ":ec-p256_2", 166 additional_certificates: [":ec-p256"], 167 lineage: ":ec-p256-por_1_2-no-shUid-cap", 168 srcs: ["src/**/*.java"], 169 // resource_dirs is the default value: ["res"] 170 test_suites: [ 171 "cts", 172 "general-tests", 173 ], 174 sdk_version: "current", 175} 176 177// This is the test package signed using the V3 signature scheme with 178// a rotated key and part of a shareduid. The capabilities of this lineage 179// prevent the previous key in the lineage from using a signature permission. 180// This package is intended to verify shared signing keys in separate app 181// lineages retain their own declared capabilities. 182android_test_helper_app { 183 name: "v3-ec-p256-with-por_1_2-no-perm-cap-sharedUid", 184 manifest: "AndroidManifest-shareduid.xml", 185 certificate: ":ec-p256_2", 186 additional_certificates: [":ec-p256"], 187 lineage: ":ec-p256-por_1_2-no-perm-cap", 188 srcs: ["src/**/*.java"], 189 // resource_dirs is the default value: ["res"] 190 test_suites: [ 191 "cts", 192 "general-tests", 193 ], 194 sdk_version: "current", 195} 196 197// This is the test package with a new name intended to be installed 198// alongside the original test package when verifying platform behavior when 199// two apps share the same previous signer in their lineage with different 200// capabilities granted; the lineage for this package prevents an app signed 201// with the previous signing key from joining a sharedUserId. 202android_test_helper_app { 203 name: "v3-ec-p256-with-por_1_2-no-shUid-cap-declperm2", 204 manifest: "AndroidManifest-declperm2.xml", 205 certificate: ":ec-p256_2", 206 additional_certificates: [":ec-p256"], 207 lineage: ":ec-p256-por_1_2-no-shUid-cap", 208 srcs: ["src/**/*.java"], 209 // resource_dirs is the default value: ["res"] 210 test_suites: [ 211 "cts", 212 "general-tests", 213 ], 214 sdk_version: "current", 215} 216 217// This is the first companion package signed using the V3 signature scheme 218// with a rotated key and part of a sharedUid. The capabilities of this lineage 219// grant access to the previous key in the lineage to join the sharedUid. 220android_test_helper_app { 221 name: "v3-ec-p256-with-por_1_2-default-caps-sharedUid-companion", 222 manifest: "AndroidManifest-companion-shareduid.xml", 223 certificate: ":ec-p256_2", 224 additional_certificates: [":ec-p256"], 225 lineage: ":ec-p256-por_1_2-default-caps", 226 srcs: ["src/**/*.java"], 227 // resource_dirs is the default value: ["res"] 228 test_suites: [ 229 "cts", 230 "general-tests", 231 ], 232 sdk_version: "current", 233} 234 235// This is the first companion package signed using the V3 signature scheme 236// with a rotated key and part of a sharedUid. The capabilities of this lineage 237// prevent the previous signing key from joining the sharedUserId. 238android_test_helper_app { 239 name: "v3-ec-p256-with-por_1_2-no-shUid-cap-sharedUid-companion", 240 manifest: "AndroidManifest-companion-shareduid.xml", 241 certificate: ":ec-p256_2", 242 additional_certificates: [":ec-p256"], 243 lineage: ":ec-p256-por_1_2-no-shUid-cap", 244 srcs: ["src/**/*.java"], 245 // resource_dirs is the default value: ["res"] 246 test_suites: [ 247 "cts", 248 "general-tests", 249 ], 250 sdk_version: "current", 251} 252 253// This is the companion package signed using the V3 signature scheme with 254// a rotated key and part of a shareduid. The signing lineage begins 255// with a key that is not in any of the other lineages and is intended 256// to verify that two packages signed with lineages that have diverged 257// ancestors are not allowed to be installed in the same sharedUserId. 258android_test_helper_app { 259 name: "v3-por_Z_1_2-default-caps-sharedUid-companion", 260 manifest: "AndroidManifest-shareduid.xml", 261 certificate: ":ec-p256_2", 262 additional_certificates: [ 263 ":dsa-2048", 264 ":ec-p256", 265 ], 266 lineage: ":por_Z_1_2-default-caps", 267 srcs: ["src/**/*.java"], 268 // resource_dirs is the default value: ["res"] 269 test_suites: [ 270 "cts", 271 "general-tests", 272 ], 273 sdk_version: "current", 274} 275 276// This is the first companion package signed using the V3 signature scheme 277// with a rotated key and part of a sharedUid but without the signing lineage. 278// This app is intended to test lineage scenarios where an app is only signed 279// with the latest key in the lineage. 280android_test_helper_app { 281 name: "v3-ec-p256-2-sharedUid-companion", 282 manifest: "AndroidManifest-companion-shareduid.xml", 283 certificate: ":ec-p256_2", 284 srcs: ["src/**/*.java"], 285 // resource_dirs is the default value: ["res"] 286 test_suites: [ 287 "cts", 288 "general-tests", 289 ], 290 sdk_version: "current", 291} 292 293// This is the second companion package signed using the V3 signature scheme 294// with the previous key in the lineage and part of a sharedUid. 295android_test_helper_app { 296 name: "v3-ec-p256-1-sharedUid-companion2", 297 manifest: "AndroidManifest-companion2-shareduid.xml", 298 certificate: ":ec-p256", 299 srcs: ["src/**/*.java"], 300 // resource_dirs is the default value: ["res"] 301 test_suites: [ 302 "cts", 303 "general-tests", 304 ], 305 sdk_version: "current", 306} 307 308// This is the second companion package signed using the V3 signature scheme 309// with a rotated key and part of a sharedUid. The capabilities of this lineage 310// prevent the previous signing key from joining the sharedUserId. 311android_test_helper_app { 312 name: "v3-ec-p256-with-por_1_2-no-shUid-cap-sharedUid-companion2", 313 manifest: "AndroidManifest-companion2-shareduid.xml", 314 certificate: ":ec-p256_2", 315 additional_certificates: [":ec-p256"], 316 lineage: ":ec-p256-por_1_2-no-shUid-cap", 317 srcs: ["src/**/*.java"], 318 // resource_dirs is the default value: ["res"] 319 test_suites: [ 320 "cts", 321 "general-tests", 322 ], 323 sdk_version: "current", 324} 325 326// This is the third companion package signed using the V3 signature scheme 327// with a rotated key and part of a sharedUid. The capabilities of this lineage 328// grant access to the previous key in the lineage to join the sharedUid. 329android_test_helper_app { 330 name: "v3-ec-p256-with-por_1_2-default-caps-sharedUid-companion3", 331 manifest: "AndroidManifest-companion3-shareduid.xml", 332 certificate: ":ec-p256_2", 333 additional_certificates: [":ec-p256"], 334 lineage: ":ec-p256-por_1_2-default-caps", 335 srcs: ["src/**/*.java"], 336 // resource_dirs is the default value: ["res"] 337 test_suites: [ 338 "cts", 339 "general-tests", 340 ], 341 sdk_version: "current", 342} 343 344// This is a version of the test package that declares a signature permission. 345// The lineage used to sign this test package does not trust the first signing 346// key but grants default capabilities to the second signing key. 347android_test_helper_app { 348 name: "v3-ec-p256-with-por_1_2_3-1-no-caps-2-default-declperm", 349 manifest: "AndroidManifest-declperm.xml", 350 certificate: ":ec-p256_3", 351 additional_certificates: [ 352 ":ec-p256", 353 ], 354 lineage: ":ec-p256-por-1_2_3-1-no-caps-2-default", 355 srcs: ["src/**/*.java"], 356 // resource_dirs is the default value: ["res"] 357 test_suites: [ 358 "cts", 359 "general-tests", 360 ], 361 sdk_version: "current", 362} 363 364// This is a version of the test package that declares a signature permission. 365// The lineage used to sign this test package does not trust either of the signing 366// keys so an app with only common signers in the lineage should not be granted the 367// permission. 368android_test_helper_app { 369 name: "v3-ec-p256-with-por_1_2_3-no-caps-declperm", 370 manifest: "AndroidManifest-declperm.xml", 371 certificate: ":ec-p256_3", 372 additional_certificates: [ 373 ":ec-p256", 374 ], 375 lineage: ":ec-p256-por-1_2_3-no-caps", 376 srcs: ["src/**/*.java"], 377 // resource_dirs is the default value: ["res"] 378 test_suites: [ 379 "cts", 380 "general-tests", 381 ], 382 sdk_version: "current", 383} 384 385// This is a version of the companion package that requests the signature permission 386// declared by the test package above. This package is signed with a signing key that 387// diverges from the package above and is intended to verify that a common signing 388// key in the lineage that is still granted the permission capability is sufficient 389// to be granted a signature permission. 390android_test_helper_app { 391 name: "v3-ec-p256-with-por_1_2_4-companion-usesperm", 392 manifest: "AndroidManifest-companion-usesperm.xml", 393 certificate: ":ec-p256_4", 394 additional_certificates: [ 395 ":ec-p256", 396 ], 397 lineage: ":ec-p256-por-1_2_4-default-caps", 398 srcs: ["src/**/*.java"], 399 // resource_dirs is the default value: ["res"] 400 test_suites: [ 401 "cts", 402 "general-tests", 403 ], 404 sdk_version: "current", 405} 406 407// This is a version of the companion package that requests the signature permission 408// declared by the test package. This package is signed with the original signing 409// key and is intended to verify that a common signing key shared between two 410// lineages retains its capability from the package declaring the signature permission. 411android_test_helper_app { 412 name: "v3-ec-p256-1-companion-usesperm", 413 manifest: "AndroidManifest-companion-usesperm.xml", 414 certificate: ":ec-p256", 415 srcs: ["src/**/*.java"], 416 // resource_dirs is the default value: ["res"] 417 test_suites: [ 418 "cts", 419 "general-tests", 420 ], 421 sdk_version: "current", 422} 423 424// This is a version of the test package that declares a signature permission 425// with the knownSigner protection flag. This app is signed with the rsa-2048 426// signing key with the trusted certificates being ec-p256 and ec-p256_3. 427android_test_helper_app { 428 name: "v3-rsa-2048-decl-knownSigner-ec-p256-1-3", 429 manifest: "AndroidManifest-decl-knownSigner.xml", 430 certificate: ":rsa-2048", 431 srcs: ["src/**/*.java"], 432 // resource_dirs is the default value: ["res"] 433 test_suites: [ 434 "cts", 435 "general-tests", 436 ], 437 sdk_version: "current", 438} 439 440// This is a version of the test package that declares a signature permission 441// without the knownSigner protection flag. This app is signed with the same 442// rsa-2048 signing key to allow updates from the package above. This app can 443// be used to verify behavior when an app initially uses the knownSigner flag 444// and subsequently removes the flag from the permission declaration. 445android_test_helper_app { 446 name: "v3-rsa-2048-declperm", 447 manifest: "AndroidManifest-declperm.xml", 448 certificate: ":rsa-2048", 449 srcs: ["src/**/*.java"], 450 // resource_dirs is the default value: ["res"] 451 test_suites: [ 452 "cts", 453 "general-tests", 454 ], 455 sdk_version: "current", 456} 457 458// This is a version of the test package that declares a signature permission 459// with the knownSigner protection flag using a string resource instead of a 460// string-array resource for the trusted certs. 461android_test_helper_app { 462 name: "v3-rsa-2048-decl-knownSigner-str-res-ec-p256-1", 463 manifest: "AndroidManifest-decl-knownSigner-str-res.xml", 464 certificate: ":rsa-2048", 465 srcs: ["src/**/*.java"], 466 // resource_dirs is the default value: ["res"] 467 test_suites: [ 468 "cts", 469 "general-tests", 470 ], 471 sdk_version: "current", 472} 473 474// This is a version of the test package that declares a signature permission 475// with the knownSigner protection flag using a string constant as the value 476// of the knownCerts attribute. 477android_test_helper_app { 478 name: "v3-rsa-2048-decl-knownSigner-str-const-ec-p256-1", 479 manifest: "AndroidManifest-decl-knownSigner-str-const.xml", 480 certificate: ":rsa-2048", 481 srcs: ["src/**/*.java"], 482 // resource_dirs is the default value: ["res"] 483 test_suites: [ 484 "cts", 485 "general-tests", 486 ], 487 sdk_version: "current", 488} 489 490// This is a version of the companion package that uses the permission 491// declared with the knownSigner flag. This app's current signer is in 492// the array of certificate digests as declared by the test package 493// above. 494android_test_helper_app { 495 name: "v3-ec-p256_3-companion-uses-knownSigner", 496 manifest: "AndroidManifest-uses-knownSigner.xml", 497 certificate: ":ec-p256_3", 498 srcs: ["src/**/*.java"], 499 // resource_dirs is the default value: ["res"] 500 test_suites: [ 501 "cts", 502 "general-tests", 503 ], 504 sdk_version: "current", 505} 506 507// This is a version of the companion package that uses the permission 508// declared with the knownSigner flag. This app's current signer is not 509// in the array of certificate digests as declared by the test package 510// above. 511android_test_helper_app { 512 name: "v3-ec-p256_2-companion-uses-knownSigner", 513 manifest: "AndroidManifest-uses-knownSigner.xml", 514 certificate: ":ec-p256_2", 515 srcs: ["src/**/*.java"], 516 // resource_dirs is the default value: ["res"] 517 test_suites: [ 518 "cts", 519 "general-tests", 520 ], 521 sdk_version: "current", 522} 523 524// This is a version of the companion package that uses the permission 525// declared with the knownSigner flag. This app is signed with a rotated 526// signing key with the current signer not in the array of certificate 527// digests as declared by the test package, but the previous signer in 528// the lineage is. This app can be used to verify that knownSigner 529// permissions are also granted if the app was previously signed with 530// one of the declared digests. 531android_test_helper_app { 532 name: "v3-ec-p256-with-por_1_2-companion-uses-knownSigner", 533 manifest: "AndroidManifest-uses-knownSigner.xml", 534 certificate: ":ec-p256_2", 535 additional_certificates: [ 536 ":ec-p256", 537 ], 538 lineage: ":ec-p256-por_1_2-default-caps", 539 srcs: ["src/**/*.java"], 540 // resource_dirs is the default value: ["res"] 541 test_suites: [ 542 "cts", 543 "general-tests", 544 ], 545 sdk_version: "current", 546} 547