[go: up one dir, main page]
Google Git
Sign in
chromium / chromium / src / 1a6aae473f11713e23b05359dd6e4409fc72c030^! / .
commit1a6aae473f11713e23b05359dd6e4409fc72c030[log] [tgz]
authorMichael Thiessen <mthiesse@chromium.org>Tue Jun 18 17:39:08 2019
committerMichael Thiessen <mthiesse@chromium.org>Tue Jun 18 17:39:08 2019
tree89ad02a183eb4128c3b8eb8ff1568f80f189a9ae
parent7b8416dbd5fe33d02f7f4c3ac6b48b7a02f34a0b [diff]
Allow WebApk validation to be disabled.

(cherry picked from commit a8182dbf1a1ec23edbd9df0bfe3bf23d8f02eef8)

Bug: 968574
Change-Id: I96875044ddbad07269eae316102c3ed6cb266e70
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1651506
Reviewed-by: Yaron Friedman <yfriedman@chromium.org>
Commit-Queue: Michael Thiessen <mthiesse@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#667964}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1664874
Reviewed-by: Michael Thiessen <mthiesse@chromium.org>
Cr-Commit-Position: refs/branch-heads/3809@{#417}
Cr-Branched-From: d82dec1a818f378c464ba307ddd9c92133eac355-refs/heads/master@{#665002}

diff --git a/chrome/android/webapk/libs/client/src/org/chromium/webapk/lib/client/WebApkValidator.java b/chrome/android/webapk/libs/client/src/org/chromium/webapk/lib/client/WebApkValidator.java
index 00370144..c74d78d 100644
--- a/chrome/android/webapk/libs/client/src/org/chromium/webapk/lib/client/WebApkValidator.java
+++ b/chrome/android/webapk/libs/client/src/org/chromium/webapk/lib/client/WebApkValidator.java

@@ -45,6 +45,7 @@
     private static byte[] sExpectedSignature;
     private static byte[] sCommentSignedPublicKeyBytes;
     private static PublicKey sCommentSignedPublicKey;
+    private static boolean sDisableValidation;
     private static boolean sOverrideValidationForTesting;
 
     /**
@@ -188,7 +189,8 @@
      * @return true iff the WebAPK is installed and passes security checks
      */
     public static boolean isValidWebApk(Context context, String webappPackageName) {
-        if (sExpectedSignature == null || sCommentSignedPublicKeyBytes == null) {
+        if ((sExpectedSignature == null || sCommentSignedPublicKeyBytes == null)
+                && !sDisableValidation) {
             Log.wtf(TAG,
                     "WebApk validation failure - expected signature not set."
                             + "missing call to WebApkValidator.initWithBrowserHostSignature");
@@ -208,7 +210,7 @@
         if (isNotWebApkQuick(packageInfo)) {
             return false;
         }
-        if (sOverrideValidationForTesting) {
+        if (sDisableValidation || sOverrideValidationForTesting) {
             if (DEBUG) {
                 Log.d(TAG, "Ok! Looks like a WebApk (has start url) and validation is disabled.");
             }
@@ -354,7 +356,7 @@
     }
 
     /**
-     * Disables all verification performed by this class. This is meant only for development with
+     * Disables all validation performed by this class. This is meant only for development with
      * unsigned WebApks and should never be enabled in a real build.
      */
     public static void disableValidationForTesting() {
@@ -362,6 +364,14 @@
     }
 
     /**
+     * Disables all validation performed by this class. This should only be called when some other
+     * means of validating WebApks is already present and otherwise should never be called.
+     */
+    public static void disableValidationUnsafe() {
+        sDisableValidation = true;
+    }
+
+    /**
      * Lazy evaluate the creation of the Public Key as the KeyFactories may not yet be initialized.
      * @return The decoded PublicKey or null
      */