base: Introduce PixelPropsUtils

Squashed commit of the following:

Author: palaych <palaych@arrowos.net>
Date:   Sun Jan 16 22:00:54 2022 +0900

    base: PixelPropsUtils: Update raven and redfin fp to January

    Change-Id: I5c3664a3af1c4696e657f533f9c227b010867380

Author: Dobsgw <george.w.dobson@gmail.com>
Date:   Sat Dec 4 11:32:22 2021 +0300

    base: PixelPropsUtils: Whitelist Google Dialer

    With Pixel Props, google dialer doesn't have it's default call recording option.
    Whitelist dialer to get back call recording at the expense of monet support.

    Change-Id: I52df29621ec5be1a5e75e15aee0852eddc0405a4

Author: jhenrique09 <jhsv09@gmail.com>
Date:   Tue Nov 9 16:15:25 2021 -0300

    base: PixelPropsUtils: Use redfin props for some apps

    * Also cleanup code

    Change-Id: I343bc4c23e8960604b63097403c6b91b13238a3a

Author: jhenrique09 <jhsv09@gmail.com>
Date:   Tue Nov 23 13:42:44 2021 -0300

    base: PixelPropsUtils: Whitelist GoogleCamera

    Change-Id: I407759531cc76f03f6c60bc7cdc52c05c6ea6118

Author: Ratoriku <a1063021545@gmail.com>
Date:   Tue Oct 26 18:15:05 2021 +0800

    base: PixelPropsUtils: Switch to Build.VERSION.INCREMENTAL instead of DATE

    * As per 5a820d08ac2a787c649072c28dc5798cb4d4ff6a

    Change-Id: I3d8892252c325bb65fb722f1d4109f16df1f583c

Author: Ratoriku <a1063021545@gmail.com>
Date:   Sat Oct 23 18:01:56 2021 +0800

    base: PixelPropsUtils: Add Chrome into extra packages list

    Signed-off-by: Ratoriku <a1063021545@gmail.com>
    Change-Id: I09413e803287f00fbb56924edf6c73f9286d9cc7

Author: Danny Lin <danny@kdrag0n.dev>
Date:   Mon Oct 11 20:00:44 2021 -0700

    base: keystore: Block key attestation for SafetyNet

    SafetyNet (part of Google Play Services) opportunistically uses
    hardware-backed key attestation via KeyStore as a strong integrity
    check. This causes SafetyNet to fail on custom ROMs because the verified
    boot key and bootloader unlock state can be detected from attestation
    certificates.

    As a workaround, we can take advantage of the fact that SafetyNet's
    usage of key attestation is opportunistic (i.e. falls back to basic
    integrity checks if it fails) and prevent it from getting the
    attestation certificate chain from KeyStore. This is done by checking
    the stack for DroidGuard, which is the codename for SafetyNet, and
    pretending that the device doesn't support key attestation.

    Key attestation has only been blocked for SafetyNet specifically, as
    Google Play Services and other apps have many valid reasons to use it.
    For example, it appears to be involved in Google's mobile security key
    ferature.

    Change-Id: I5146439d47f42dc6231cb45c4dab9f61540056f6

Author: jhenrique09 <jhsv09@gmail.com>
Date:   Wed Oct 13 11:31:51 2021 -0300

    base: PixelPropsUtils: Rewrite logic

    Change-Id: I300c3e1156ab4dcfcf76812b51a18206982ad0e8

Author: jhenrique09 <jhenrique09.mcz@hotmail.com>
Date:   Thu Nov 19 20:46:32 2020 -0300

    base: Introduce PixelPropsUtils

    That will spoof build fingerprints on some g00gle apps

    * Also will enable some cool stuffs like:
      - Dynamic navbar on GBoard
      - SafetyHub

    and others.

    Thanks to kdrag0n for the original idea at ProtonAOSP/android_frameworks_base@5a54bfd

    Change-Id: I1078e7402833fec77edb751070c5144d08c85b6c
    Signed-off-by: jhenrique09 <jhenrique09.mcz@hotmail.com>
    Co-authored-by: Danny Lin <danny@kdrag0n.dev>

Change-Id: I2c3f51e3805d22003f479ecafbc4a15c4af259e5

3 files changed, 140 insertions, 0 deletions

diff --git a/core/java/android/app/Instrumentation.java b/core/java/android/app/Instrumentation.java
index 1ca4d1c27e04..4f6485305579 100644
--- a/core/java/android/app/Instrumentation.java
+++ b/core/java/android/app/Instrumentation.java
@@ -64,6 +64,8 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.TimeoutException;
 
+import com.android.internal.util.custom.PixelPropsUtils;
+
 /**
  * Base class for implementing application instrumentation code.  When running
  * with instrumentation turned on, this class will be instantiated for you
@@ -1177,6 +1179,8 @@ public class Instrumentation {
         Application app = getFactory(context.getPackageName())
                 .instantiateApplication(cl, className);
         app.attach(context);
+        String packageName = app.getPackageName();
+        PixelPropsUtils.setProps(packageName);
         return app;
     }
     
@@ -1194,6 +1198,8 @@ public class Instrumentation {
             ClassNotFoundException {
         Application app = (Application)clazz.newInstance();
         app.attach(context);
+        String packageName = app.getPackageName();
+        PixelPropsUtils.setProps(packageName);
         return app;
     }
 
diff --git a/core/java/com/android/internal/util/custom/PixelPropsUtils.java b/core/java/com/android/internal/util/custom/PixelPropsUtils.java
new file mode 100644
index 000000000000..22ae8fc7d6a2
--- /dev/null
+++ b/core/java/com/android/internal/util/custom/PixelPropsUtils.java
@@ -0,0 +1,130 @@
+/*
+ * Copyright (C) 2020 The Pixel Experience Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.internal.util.custom;
+
+import android.os.Build;
+import android.util.Log;
+
+import java.lang.reflect.Field;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+public class PixelPropsUtils {
+
+    public static final String PACKAGE_GMS = "com.google.android.gms";
+    private static final String TAG = PixelPropsUtils.class.getSimpleName();
+    private static final boolean DEBUG = false;
+
+    private static final Map<String, Object> propsToChangePixel6;
+
+    private static final Map<String, Object> propsToChangePixel5;
+    private static final String[] packagesToChangePixel5 = {
+            "com.google.android.tts",
+            "com.google.android.googlequicksearchbox",
+            "com.google.android.apps.recorder"
+    };
+
+    private static final Map<String, ArrayList<String>> propsToKeep;
+    private static final String[] extraPackagesToChange = {
+            "com.android.chrome",
+            "com.android.vending",
+            "com.breel.wallpapers20"
+    };
+
+    private static ArrayList<String> allProps = new ArrayList<>(Arrays.asList("BRAND", "MANUFACTURER", "DEVICE", "PRODUCT", "MODEL", "FINGERPRINT"));
+
+    private static volatile boolean sIsGms = false;
+
+    static {
+        propsToKeep = new HashMap<>();
+        propsToKeep.put("com.google.android.settings.intelligence", new ArrayList<>(Collections.singletonList("FINGERPRINT")));
+        propsToKeep.put("com.google.android.GoogleCamera", allProps);
+        propsToKeep.put("com.google.android.dialer", allProps);
+        propsToChangePixel6 = new HashMap<>();
+        propsToChangePixel6.put("BRAND", "google");
+        propsToChangePixel6.put("MANUFACTURER", "Google");
+        propsToChangePixel6.put("DEVICE", "raven");
+        propsToChangePixel6.put("PRODUCT", "raven");
+        propsToChangePixel6.put("MODEL", "Pixel 6 Pro");
+        propsToChangePixel6.put("FINGERPRINT", "google/raven/raven:12/SQ1D.220105.007/8030436:user/release-keys");
+        propsToChangePixel5 = new HashMap<>();
+        propsToChangePixel5.put("BRAND", "google");
+        propsToChangePixel5.put("MANUFACTURER", "Google");
+        propsToChangePixel5.put("DEVICE", "redfin");
+        propsToChangePixel5.put("PRODUCT", "redfin");
+        propsToChangePixel5.put("MODEL", "Pixel 5");
+        propsToChangePixel5.put("FINGERPRINT", "google/redfin/redfin:12/SQ1A.220105.002/7961164:user/release-keys");
+    }
+
+    public static void setProps(String packageName) {
+        if (packageName == null) {
+            return;
+        }
+        if (packageName.equals(PACKAGE_GMS)) {
+            sIsGms = true;
+        }
+        if (packageName.startsWith("com.google.") || Arrays.asList(extraPackagesToChange).contains(packageName)) {
+            Map<String, Object> propsToChange = propsToChangePixel6;
+
+            if (Arrays.asList(packagesToChangePixel5).contains(packageName)) {
+                propsToChange = propsToChangePixel5;
+            }
+
+            if (DEBUG) Log.d(TAG, "Defining props for: " + packageName);
+            for (Map.Entry<String, Object> prop : propsToChange.entrySet()) {
+                String key = prop.getKey();
+                Object value = prop.getValue();
+                if (propsToKeep.containsKey(packageName) && propsToKeep.get(packageName).contains(key)) {
+                    if (DEBUG) Log.d(TAG, "Not defining " + key + " prop for: " + packageName);
+                    continue;
+                }
+                if (DEBUG) Log.d(TAG, "Defining " + key + " prop for: " + packageName);
+                setPropValue(key, value);
+            }
+        }
+        // Set proper indexing fingerprint
+        if (packageName.equals("com.google.android.settings.intelligence")) {
+            setPropValue("FINGERPRINT", Build.VERSION.INCREMENTAL);
+        }
+    }
+
+    private static void setPropValue(String key, Object value) {
+        try {
+            if (DEBUG) Log.d(TAG, "Defining prop " + key + " to " + value.toString());
+            Field field = Build.class.getDeclaredField(key);
+            field.setAccessible(true);
+            field.set(null, value);
+            field.setAccessible(false);
+        } catch (NoSuchFieldException | IllegalAccessException e) {
+            Log.e(TAG, "Failed to set prop " + key, e);
+        }
+    }
+
+    private static boolean isCallerSafetyNet() {
+        return Arrays.stream(Thread.currentThread().getStackTrace())
+                .anyMatch(elem -> elem.getClassName().contains("DroidGuard"));
+    }
+
+    public static void onEngineGetCertificateChain() {
+        // Check stack for SafetyNet
+        if (sIsGms && isCallerSafetyNet()) {
+            throw new UnsupportedOperationException();
+        }
+    }
+}
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
index 67358c4f3255..94e97b9b4a5b 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
@@ -77,6 +77,8 @@ import java.util.Set;
 
 import javax.crypto.SecretKey;
 
+import com.android.internal.util.custom.PixelPropsUtils;
+
 /**
  * A java.security.KeyStore interface for the Android KeyStore. An instance of
  * it can be created via the {@link java.security.KeyStore#getInstance(String)
@@ -164,6 +166,8 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
 
     @Override
     public Certificate[] engineGetCertificateChain(String alias) {
+        PixelPropsUtils.onEngineGetCertificateChain();
+
         KeyEntryResponse response = getKeyMetadata(alias);
 
         if (response == null || response.metadata.certificate == null) {