Fake signature (requires android patch)

2014-05-01 15:17:14 +02:00 · 2014-05-01 15:17:14 +02:00 · b58a81f78c
parent 3e734308ef
commit b58a81f78c
4 changed files with 108 additions and 2 deletions
--- a/Android.mk
+++ b/Android.mk
@ -1,4 +1,4 @@
-# Copyright (c) 2014 μg Project
+# Copyright (c) 2014 μg Project Team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@ -1,7 +1,23 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+  ~ Copyright (c) 2014 μg Project Team
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~       http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 	package="com.google.android.gms"
-	android:versionCode="4243036">
+	android:versionCode="4323000">

 	<uses-sdk android:minSdkVersion="16" />

@ -10,6 +26,7 @@
 	<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
 	<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
 	<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
+    <uses-permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE" />

 	<application
 		android:icon="@drawable/nlp_app_icon"
@ -20,6 +37,7 @@
 		<uses-library
 			android:name="com.google.android.maps"
 			android:required="false" />
+        <meta-data android:name="fake-signature" android:value="@string/fake_signature" />

 		<!-- Jelly Bean / KitKat -->
 		<service
--- a/android_frameworks_base+FAKE_PACKAGE_SIGNATURE.patch
+++ b/android_frameworks_base+FAKE_PACKAGE_SIGNATURE.patch
@ -0,0 +1,66 @@
+diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
+index e6da288..66684d3 100644
+--- a/core/java/android/content/pm/PackageParser.java
+++ b/core/java/android/content/pm/PackageParser.java
+@@ -447,10 +447,23 @@ public class PackageParser {
+             }
+         }
+         if ((flags&PackageManager.GET_SIGNATURES) != 0) {
+-           int N = (p.mSignatures != null) ? p.mSignatures.length : 0;
+-           if (N > 0) {
+-                pi.signatures = new Signature[N];
+-                System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N);
+            boolean handledFakeSignature = false;
+            try {
+                if (p.requestedPermissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") && p.mAppMetaData != null
+                        && p.mAppMetaData.get("fake-signature") instanceof String) {
+                    pi.signatures = new Signature[] {new Signature(p.mAppMetaData.getString("fake-signature"))};
+                    handledFakeSignature = true;
+                }
+            } catch (Throwable t) {
+                // We should never die because of any failures, this is system code!
+                Log.w("PackageParser.FAKE_PACKAGE_SIGNATURE", t);
+            }
+            if (!handledFakeSignature) {
+                int N = (p.mSignatures != null) ? p.mSignatures.length : 0;
+                if (N > 0) {
+                    pi.signatures = new Signature[N];
+                    System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N);
+                }
+             }
+         }
+         return pi;
+diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
+index 558a475..4e7aa65 100644
+--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
+@@ -1562,6 +1562,13 @@
+         android:label="@string/permlab_getPackageSize"
+         android:description="@string/permdesc_getPackageSize" />
+ 
+    <!-- Allows an application to change the package signature as seen by applications -->
+    <permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"
+                android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
+                android:protectionLevel="dangerous"
+                android:label="@string/permlab_fakePackageSignature"
+                android:description="@string/permdesc_fakePackageSignature" />
+
+     <!-- @deprecated No longer useful, see
+          {@link android.content.pm.PackageManager#addPackageToPreferred}
+          for details. -->
+diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
+index 790e166..8e66470 100644
+--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
+@@ -1135,6 +1135,11 @@
+     <string name="permdesc_getPackageSize">Allows the app to retrieve its code, data, and cache sizes</string>
+ 
+     <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+    <string name="permlab_fakePackageSignature">mimic package signature</string>
+    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+    <string name="permdesc_fakePackageSignature">Allows the app to use mimic another app's package signature.</string>
+
+    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+     <string name="permlab_installPackages">directly install apps</string>
+     <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+     <string name="permdesc_installPackages">Allows the app to install new or updated
--- a/res/values/signature.xml
+++ b/res/values/signature.xml
@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  ~ Copyright (c) 2014 μg Project Team
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~       http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<resources>
+    <string name="fake_signature">
+        308204433082032ba003020102020900c2e08746644a308d300d06092a864886f70d01010405003074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964301e170d3038303832313233313333345a170d3336303130373233313333345a3074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f696430820120300d06092a864886f70d01010105000382010d00308201080282010100ab562e00d83ba208ae0a966f124e29da11f2ab56d08f58e2cca91303e9b754d372f640a71b1dcb130967624e4656a7776a92193db2e5bfb724a91e77188b0e6a47a43b33d9609b77183145ccdf7b2e586674c9e1565b1f4c6a5955bff251a63dabf9c55c27222252e875e4f8154a645f897168c0b1bfc612eabf785769bb34aa7984dc7e2ea2764cae8307d8c17154d7ee5f64a51a44a602c249054157dc02cd5f5c0e55fbef8519fbe327f0b1511692c5a06f19d18385f5c4dbc2d6b93f68cc2979c70e18ab93866b3bd5db8999552a0e3b4c99df58fb918bedc182ba35e003c1b4b10dd244a8ee24fffd333872ab5221985edab0fc0d0b145b6aa192858e79020103a381d93081d6301d0603551d0e04160414c77d8cc2211756259a7fd382df6be398e4d786a53081a60603551d2304819e30819b8014c77d8cc2211756259a7fd382df6be398e4d786a5a178a4763074310b3009060355040613025553311330110603550408130a43616c69666f726e6961311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c6520496e632e3110300e060355040b1307416e64726f69643110300e06035504031307416e64726f6964820900c2e08746644a308d300c0603551d13040530030101ff300d06092a864886f70d010104050003820101006dd252ceef85302c360aaace939bcff2cca904bb5d7a1661f8ae46b2994204d0ff4a68c7ed1a531ec4595a623ce60763b167297a7ae35712c407f208f0cb109429124d7b106219c084ca3eb3f9ad5fb871ef92269a8be28bf16d44c8d9a08e6cb2f005bb3fe2cb96447e868e731076ad45b33f6009ea19c161e62641aa99271dfd5228c5c587875ddb7f452758d661f6cc0cccb7352e424cc4365c523532f7325137593c4ae341f4db41edda0d0b1071a7c440f0fe9ea01cb627ca674369d084bd2fd911ff06cdbf2cfa10dc0f893ae35762919048c7efc64c7144178342f70581c9de573af55b390dd7fdb9418631895d5f759f30112687ff621410c069308a
+    </string>
+</resources>