Revert "test: forward play certificate chain to key attestation app"

This reverts commit 8de5a34243.

service/src/main/java/io/github/a13e300/tricky_store/KeystoreInterceptor.kt

@@ -3,7 +3,6 @@ package io.github.a13e300.tricky_store
 import android.annotation.SuppressLint
 import android.content.pm.IPackageManager
 import android.os.IBinder
-import android.os.IBinder.DeathRecipient
 import android.os.Parcel
 import android.os.ServiceManager
 import android.system.keystore2.IKeystoreService
@@ -11,7 +10,6 @@ import android.system.keystore2.KeyEntryResponse
 import io.github.a13e300.tricky_store.binder.BinderInterceptor
 import io.github.a13e300.tricky_store.keystore.CertHack
 import io.github.a13e300.tricky_store.keystore.Utils
-import java.security.cert.Certificate
 import kotlin.system.exitProcess
 
 @SuppressLint("BlockedPrivateApi")
@@ -39,24 +37,12 @@ object KeystoreInterceptor  : BinderInterceptor() {
             Logger.d("intercept pre  $target uid=$callingUid pid=$callingPid dataSz=${data.dataSize()}")
             kotlin.runCatching {
                 val ps = getPm()?.getPackagesForUid(callingUid)
-                if (ps?.contains("com.google.android.gms") == true) {
-                    gmsUid = callingUid
-                    Logger.d("gms uid $gmsUid")
-                }
-                if (ps?.contains("io.github.vvb2060.keyattestation") == true) {
-                    kaUid = callingUid
-                    Logger.d("ka uid $kaUid")
-                }
                 if (ps?.any { it in Config.targetPackages } == true) return Continue
             }.onFailure { Logger.e("failed to get packages", it) }
         }
         return Skip
     }
 
-    private var playCertificates: Array<Certificate>? = null
-    private var gmsUid = 0
-    private var kaUid = 0
-
     override fun onPostTransact(
         target: IBinder,
         code: Int,
@@ -75,14 +61,7 @@ object KeystoreInterceptor  : BinderInterceptor() {
             val response = reply.readTypedObject(KeyEntryResponse.CREATOR)
             val chain = Utils.getCertificateChain(response)
             if (chain != null) {
-                val newChain = if (callingUid == kaUid && playCertificates != null) {
+                val newChain = CertHack.engineGetCertificateChain(chain)
-                    Logger.d("send play certificates to ka!")
-                    playCertificates
-                } else CertHack.engineGetCertificateChain(chain)
-                if (callingUid == gmsUid && CertHack.hasAttestation(chain)) {
-                    Logger.d("get play certificates!")
-                    playCertificates = newChain
-                }
                 Utils.putCertificateChain(response, newChain)
                 p.writeNoException()
                 p.writeTypedObject(response, 0)
@@ -124,7 +103,7 @@ object KeystoreInterceptor  : BinderInterceptor() {
         return true
     }
 
-    object Killer : DeathRecipient {
+    object Killer : IBinder.DeathRecipient {
         override fun binderDied() {
             Logger.d("keystore exit, daemon restart")
             exitProcess(0)

service/src/main/java/io/github/a13e300/tricky_store/keystore/CertHack.java

@@ -111,17 +111,6 @@ public final class CertHack {
         }
     }
 
-    public static boolean hasAttestation(Certificate[] caList) {
-        if (caList == null) return false;
-        try {
-            X509Certificate leaf = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(caList[0].getEncoded()));
-            byte[] bytes = leaf.getExtensionValue(OID.getId());
-            return bytes != null;
-        } catch (Throwable t) {
-            return false;
-        }
-    }
-
     public static Certificate[] engineGetCertificateChain(Certificate[] caList) {
         if (caList == null) throw new UnsupportedOperationException("caList is null!");
         try {