Add Google Certficate service

2019-07-01 00:26:57 +02:00 · 2019-07-01 00:26:57 +02:00 · bf88e7c8bd
parent 73aca6ea10
commit bf88e7c8bd
5 changed files with 96 additions and 3 deletions
--- a/play-services-core/src/main/java/com/google/android/gms/chimera/container/DynamiteLoaderImpl.java
+++ b/play-services-core/src/main/java/com/google/android/gms/chimera/container/DynamiteLoaderImpl.java
@ -59,6 +59,9 @@ public class DynamiteLoaderImpl extends IDynamiteLoader.Stub {
            Log.d(TAG, "returning temp fix module version for " + moduleId + ". Firebase Database will not be functional!");
            return com.google.android.gms.dynamite.descriptors.com.google.android.gms.firebase_database.ModuleDescriptor.MODULE_VERSION;
        }
+        if (moduleId.equals("com.google.android.gms.googlecertificates")) {
+            return com.google.android.gms.dynamite.descriptors.com.google.android.gms.googlecertificates.ModuleDescriptor.MODULE_VERSION;
+        }
        if (moduleId.equals("com.google.android.gms.cast.framework.dynamite")) {
            Log.d(TAG, "returning temp fix module version for " + moduleId + ". Cast API wil not be functional!");
            return 1;
--- a/play-services-core/src/main/java/com/google/android/gms/common/GoogleCertificatesImpl.java
+++ b/play-services-core/src/main/java/com/google/android/gms/common/GoogleCertificatesImpl.java
@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2019 microG Project Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.android.gms.common;
+
+import android.os.RemoteException;
+import android.support.annotation.Keep;
+import android.util.Log;
+
+import com.google.android.gms.common.internal.GoogleCertificatesQuery;
+import com.google.android.gms.common.internal.IGoogleCertificatesApi;
+import com.google.android.gms.dynamic.IObjectWrapper;
+import com.google.android.gms.dynamic.ObjectWrapper;
+
+import org.microg.gms.common.PackageUtils;
+
+@Keep
+public class GoogleCertificatesImpl extends IGoogleCertificatesApi.Stub  {
+    private static final String TAG = "GmsCertImpl";
+
+    @Override
+    public IObjectWrapper getGoogleCertficates() throws RemoteException {
+        Log.d(TAG, "unimplemented Method: getGoogleCertficates");
+        return null;
+    }
+
+    @Override
+    public IObjectWrapper getGoogleReleaseCertificates() throws RemoteException {
+        Log.d(TAG, "unimplemented Method: getGoogleReleaseCertificates");
+        return null;
+    }
+
+    @Override
+    public boolean isGoogleReleaseSigned(String packageName, IObjectWrapper certData) throws RemoteException {
+        return PackageUtils.isGooglePackage(packageName, ObjectWrapper.unwrapTyped(certData, byte[].class));
+    }
+
+    @Override
+    public boolean isGoogleSigned(String packageName, IObjectWrapper certData) throws RemoteException {
+        return PackageUtils.isGooglePackage(packageName, ObjectWrapper.unwrapTyped(certData, byte[].class));
+    }
+
+    @Override
+    public boolean isGoogleOrPlatformSigned(GoogleCertificatesQuery query, IObjectWrapper packageManager) throws RemoteException {
+        return PackageUtils.isGooglePackage(query.getPackageName(), query.getCertData().getBytes());
+    }
+}
--- a/play-services-core/src/main/java/com/google/android/gms/dynamite/descriptors/com/google/android/gms/googlecertificates/ModuleDescriptor.java
+++ b/play-services-core/src/main/java/com/google/android/gms/dynamite/descriptors/com/google/android/gms/googlecertificates/ModuleDescriptor.java
@ -0,0 +1,22 @@
+/*
+ * Copyright (C) 2019 microG Project Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.android.gms.dynamite.descriptors.com.google.android.gms.googlecertificates;
+
+public class ModuleDescriptor {
+    public static final String MODULE_ID = "com.google.android.gms.googlecertificates";
+    public static final int MODULE_VERSION = 1;
+}
--- a/play-services-core/src/main/java/org/microg/gms/common/PackageUtils.java
+++ b/play-services-core/src/main/java/org/microg/gms/common/PackageUtils.java
@ -64,6 +64,14 @@ public class PackageUtils {

    public static boolean isGooglePackage(Context context, String packageName) {
        String signatureDigest = firstSignatureDigest(context, packageName);
+        return isGooglePackage(packageName, signatureDigest);
+    }
+
+    public static boolean isGooglePackage(String packageName, byte[] bytes) {
+        return isGooglePackage(packageName, sha1sum(bytes));
+    }
+
+    public static boolean isGooglePackage(String packageName, String signatureDigest) {
        if (signatureDigest == null) return false;
        if (Arrays.asList(GOOGLE_PRIMARY_KEYS).contains(signatureDigest)) return true;
        if (!KNOWN_GOOGLE_PACKAGES.containsKey(packageName)) return false;
@ -162,13 +170,13 @@ public class PackageUtils {
                    packageName = packagesForUid[0];
                } else if (Arrays.asList(packagesForUid).contains(suggestedPackageName)) {
                    packageName = suggestedPackageName;
-                } else if (suggestedPackageName == null) {
+                } else {
                    packageName = packagesForUid[0];
                }
            }
        }
        if (packageName != null && suggestedPackageName != null && !packageName.equals(suggestedPackageName)) {
-            throw new SecurityException("UID [" + callingUid + "] is not related to packageName [" + packageName + "]");
+            throw new SecurityException("UID [" + callingUid + "] is not related to packageName [" + suggestedPackageName + "] (seems to be " + packageName + ")");
        }
        return packageName;
    }
--- a/play-services-core/src/main/java/org/microg/gms/location/GoogleLocationManagerServiceImpl.java
+++ b/play-services-core/src/main/java/org/microg/gms/location/GoogleLocationManagerServiceImpl.java
@ -306,7 +306,7 @@ public class GoogleLocationManagerServiceImpl extends IGoogleLocationManagerServ
    @Override
    public void requestLocationSettingsDialog(LocationSettingsRequest settingsRequest, ISettingsCallbacks callback, String packageName) throws RemoteException {
        Log.d(TAG, "requestLocationSettingsDialog: " + settingsRequest);
-        PackageUtils.checkPackageUid(context, packageName, Binder.getCallingUid());
+        PackageUtils.getAndCheckCallingPackage(context, packageName);
        callback.onLocationSettingsResult(new LocationSettingsResult(new LocationSettingsStates(true, true, false, true, true, false), Status.CANCELED));
    }