From 680a36c49955f7152bbb7f6a2da2b492fa3a6182 Mon Sep 17 00:00:00 2001 From: 5ec1cff Date: Fri, 12 Jul 2024 15:17:39 +0800 Subject: [PATCH] Revert "test: forward play certificate chain to key attestation app" This reverts commit 8de5a34243c7d3810b9a7298b438c0b6403d81f0. --- .../tricky_store/KeystoreInterceptor.kt | 25 ++----------------- .../tricky_store/keystore/CertHack.java | 11 -------- 2 files changed, 2 insertions(+), 34 deletions(-) diff --git a/service/src/main/java/io/github/a13e300/tricky_store/KeystoreInterceptor.kt b/service/src/main/java/io/github/a13e300/tricky_store/KeystoreInterceptor.kt index 394e0d9..4fcca61 100644 --- a/service/src/main/java/io/github/a13e300/tricky_store/KeystoreInterceptor.kt +++ b/service/src/main/java/io/github/a13e300/tricky_store/KeystoreInterceptor.kt @@ -3,7 +3,6 @@ package io.github.a13e300.tricky_store import android.annotation.SuppressLint import android.content.pm.IPackageManager import android.os.IBinder -import android.os.IBinder.DeathRecipient import android.os.Parcel import android.os.ServiceManager import android.system.keystore2.IKeystoreService @@ -11,7 +10,6 @@ import android.system.keystore2.KeyEntryResponse import io.github.a13e300.tricky_store.binder.BinderInterceptor import io.github.a13e300.tricky_store.keystore.CertHack import io.github.a13e300.tricky_store.keystore.Utils -import java.security.cert.Certificate import kotlin.system.exitProcess @SuppressLint("BlockedPrivateApi") @@ -39,24 +37,12 @@ object KeystoreInterceptor : BinderInterceptor() { Logger.d("intercept pre $target uid=$callingUid pid=$callingPid dataSz=${data.dataSize()}") kotlin.runCatching { val ps = getPm()?.getPackagesForUid(callingUid) - if (ps?.contains("com.google.android.gms") == true) { - gmsUid = callingUid - Logger.d("gms uid $gmsUid") - } - if (ps?.contains("io.github.vvb2060.keyattestation") == true) { - kaUid = callingUid - Logger.d("ka uid $kaUid") - } if (ps?.any { it in Config.targetPackages } == true) return Continue }.onFailure { Logger.e("failed to get packages", it) } } return Skip } - private var playCertificates: Array? = null - private var gmsUid = 0 - private var kaUid = 0 - override fun onPostTransact( target: IBinder, code: Int, @@ -75,14 +61,7 @@ object KeystoreInterceptor : BinderInterceptor() { val response = reply.readTypedObject(KeyEntryResponse.CREATOR) val chain = Utils.getCertificateChain(response) if (chain != null) { - val newChain = if (callingUid == kaUid && playCertificates != null) { - Logger.d("send play certificates to ka!") - playCertificates - } else CertHack.engineGetCertificateChain(chain) - if (callingUid == gmsUid && CertHack.hasAttestation(chain)) { - Logger.d("get play certificates!") - playCertificates = newChain - } + val newChain = CertHack.engineGetCertificateChain(chain) Utils.putCertificateChain(response, newChain) p.writeNoException() p.writeTypedObject(response, 0) @@ -124,7 +103,7 @@ object KeystoreInterceptor : BinderInterceptor() { return true } - object Killer : DeathRecipient { + object Killer : IBinder.DeathRecipient { override fun binderDied() { Logger.d("keystore exit, daemon restart") exitProcess(0) diff --git a/service/src/main/java/io/github/a13e300/tricky_store/keystore/CertHack.java b/service/src/main/java/io/github/a13e300/tricky_store/keystore/CertHack.java index bc77f53..930003c 100644 --- a/service/src/main/java/io/github/a13e300/tricky_store/keystore/CertHack.java +++ b/service/src/main/java/io/github/a13e300/tricky_store/keystore/CertHack.java @@ -111,17 +111,6 @@ public final class CertHack { } } - public static boolean hasAttestation(Certificate[] caList) { - if (caList == null) return false; - try { - X509Certificate leaf = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(caList[0].getEncoded())); - byte[] bytes = leaf.getExtensionValue(OID.getId()); - return bytes != null; - } catch (Throwable t) { - return false; - } - } - public static Certificate[] engineGetCertificateChain(Certificate[] caList) { if (caList == null) throw new UnsupportedOperationException("caList is null!"); try {