diff options
| author | Dyneteve <dyneteve@hentaios.com> | 2023-02-08 15:21:01 +0000 |
|---|---|---|
| committer | alk3pInjection <webmaster@raspii.tech> | 2023-08-16 23:50:18 +0800 |
| commit | 7a15c15184e9d8c2319547ecfe31314cce323b8f (patch) | |
| tree | 26a56aad6ccd5485d5ccc2a33961c04b103ecbd5 | |
| parent | c6f3d568baaea91b9df56b38b9b2b64d9af75851 (diff) | |
gmscompat: Make CTS/Play Integrity pass again
The logic behind CTS and Play Integrity has been updated today it now
checks the product and model names against the fingerprint and if
they do not match the CTS profile will fail.
Also switch to a newer FP from Pixel 2 while we are at it.
Squashed also with the following commit:
Author: Dyneteve <dyneteve@hentaios.com>
Date: Tue Aug 23 18:57:05 2022 +0200
gmscompat: Apply the SafetyNet workaround to Play Store
Play Store is used for the new Play Integrity API, extend the hack
to it as well
Test: Device Integrity and Basic Integrity passes.
Signed-off-by: Dyneteve <dyneteve@hentaios.com>
Change-Id: Id607cdff0b902f285a6c1b769c0a4ee4202842b1
Test: Boot, check for CTS and Play Integrity
Change-Id: I089d5ef935bba40338e10c795ea7d181103ffd15
Signed-off-by: Dyneteve <dyneteve@hentaios.com>
| -rw-r--r-- | core/java/com/android/internal/gmscompat/AttestationHooks.java | 40 |
1 files changed, 31 insertions, 9 deletions
diff --git a/core/java/com/android/internal/gmscompat/AttestationHooks.java b/core/java/com/android/internal/gmscompat/AttestationHooks.java index 64e29fd3a826..e55f0cad9d53 100644 --- a/core/java/com/android/internal/gmscompat/AttestationHooks.java +++ b/core/java/com/android/internal/gmscompat/AttestationHooks.java @@ -18,6 +18,7 @@ package com.android.internal.gmscompat; import android.app.Application; import android.os.Build; +import android.os.Build.VERSION; import android.util.Log; import java.lang.reflect.Field; @@ -29,8 +30,10 @@ public final class AttestationHooks { private static final String PACKAGE_GMS = "com.google.android.gms"; private static final String PROCESS_UNSTABLE = "com.google.android.gms.unstable"; + private static final String PACKAGE_FINSKY = "com.android.vending"; private static volatile boolean sIsGms = false; + private static volatile boolean sIsFinsky = false; private AttestationHooks() { } @@ -50,27 +53,46 @@ public final class AttestationHooks { } } + private static void setVersionField(String key, Integer value) { + try { + // Unlock + Field field = Build.VERSION.class.getDeclaredField(key); + field.setAccessible(true); + + // Edit + field.set(null, value); + + // Lock + field.setAccessible(false); + } catch (NoSuchFieldException | IllegalAccessException e) { + Log.e(TAG, "Failed to spoof Build." + key, e); + } + } + public static void initApplicationBeforeOnCreate(Application app) { - String packageName = app.getPackageName(); - String processName = Application.getProcessName(); + final String packageName = app.getPackageName(); + final String processName = Application.getProcessName(); if (PACKAGE_GMS.equals(packageName) && PROCESS_UNSTABLE.equals(processName)) { sIsGms = true; - setBuildField("DEVICE", "redfin"); - setBuildField("PRODUCT", "redfin"); - setBuildField("MODEL", "Pixel 5"); - setBuildField("FINGERPRINT", "google/redfin/redfin:13/TQ3A.230605.011/10161073:user/release-keys"); + setBuildField("DEVICE", "walleye"); + setBuildField("PRODUCT", "walleye"); + setBuildField("MODEL", "Pixel 2"); + setBuildField("FINGERPRINT", "google/walleye/walleye:8.1.0/OPM1.171019.011/4448085:user/release-keys"); + setVersionField("DEVICE_INITIAL_SDK_INT", Build.VERSION_CODES.O); + } else if (PACKAGE_FINSKY.equals(packageName)) { + sIsFinsky = true; } } private static boolean isCallerSafetyNet() { - return Arrays.stream(Thread.currentThread().getStackTrace()) + return sIsGms && Arrays.stream(Thread.currentThread().getStackTrace()) .anyMatch(elem -> elem.getClassName().contains("DroidGuard")); } public static void onEngineGetCertificateChain() { - // Check stack for SafetyNet - if (sIsGms && isCallerSafetyNet()) { + // Check stack for SafetyNet or Play Integrity + if (isCallerSafetyNet() || sIsFinsky) { throw new UnsupportedOperationException(); } } |