Add SignatureVerifier class to handle public keys from different sources
The SignatureVerifier class allows setting a public key either as a
string or as a file. The former method is used when the key is read from
a flag via the CertificateTransparencyFlagsListener. The latter method
is used when the key is downloaded as a file by the daily
CertificateTransparencyJob.
This CL also adds an additional step to download a public key from a
URL via the CertificateTransparencyDownloader. Now the class goes
through the following steps:
1. Download a public key from the public key url,
2. If successful, download a log list signature from the metadata url,
3. If successful, download log list from the content url,
4. If successful, verifiy the log list using signature and public key,
5. If successufl, install the log list.
I also realized the CertificateTransparencyDownloaderTest was really
hard to understand, even for me that I wrote it xD
I attempted to clean up the test, hopefully it is a bit clearer now.
I'll probably make a second simplification pass in a follow-up CL.
Flag: com.android.net.ct.flags.certificate_transparency_job
Bug: 319829948
Test: NetworkSecurityUnitTests
Change-Id: I2be3e8b5895182d2afd8161aa44e54e1a6021685
7 files changed