Store public key of APK to instance disk
Once a VM is started with an APK, we shouldn't accept any update of the
APK if its signer has changed.
For now, this CL can be considered a no-op because we don't accept any
update by comparing the root hash. However, in the future, when rollback
protection is supported, this change will make it possible to accept APK
updates if the public key remains the same.
Bug: 199143508
Test: atest MicrodroidHostTestCases
Change-Id: I2448faf4a8b9637571ebcc4bc49d3619129496d5
diff --git a/apkverify/src/lib.rs b/apkverify/src/lib.rs
index f75913c..71ea857 100644
--- a/apkverify/src/lib.rs
+++ b/apkverify/src/lib.rs
@@ -26,8 +26,14 @@
use anyhow::Result;
use std::path::Path;
-/// Verifies APK/APEX signing with v2/v3 scheme
-pub fn verify<P: AsRef<Path>>(path: P) -> Result<()> {
+/// Verifies APK/APEX signing with v2/v3 scheme. On success, the public key (in DER format) is
+/// returned.
+pub fn verify<P: AsRef<Path>>(path: P) -> Result<Box<[u8]>> {
// TODO(jooyung) fallback to v2 when v3 not found
v3::verify(path)
}
+
+/// Gets the public key (in DER format) that was used to sign the given APK/APEX file
+pub fn get_public_key_der<P: AsRef<Path>>(path: P) -> Result<Box<[u8]>> {
+ v3::get_public_key_der(path)
+}