diff --git a/app/build.gradle.kts b/app/build.gradle.kts index f994626..0f5e5b9 100644 --- a/app/build.gradle.kts +++ b/app/build.gradle.kts @@ -12,8 +12,8 @@ android { applicationId = "es.chiteroman.playintegrityfix" minSdk = 26 targetSdk = 34 - versionCode = 15960 - versionName = "v15.9.6" + versionCode = 15970 + versionName = "v15.9.7" multiDexEnabled = false buildFeatures { diff --git a/app/src/main/java/es/chiteroman/playintegrityfix/CustomKeyStoreSpi.java b/app/src/main/java/es/chiteroman/playintegrityfix/CustomKeyStoreSpi.java index 8820bd4..ac76d09 100644 --- a/app/src/main/java/es/chiteroman/playintegrityfix/CustomKeyStoreSpi.java +++ b/app/src/main/java/es/chiteroman/playintegrityfix/CustomKeyStoreSpi.java @@ -10,11 +10,14 @@ import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; import java.util.Date; import java.util.Enumeration; -import java.util.Locale; public final class CustomKeyStoreSpi extends KeyStoreSpi { + private static final String EAT_OID = "1.3.6.1.4.1.11129.2.1.25"; + private static final String ASN1_OID = "1.3.6.1.4.1.11129.2.1.17"; + private static final String KNOX_OID = "1.3.6.1.4.1.236.11.3.23.7"; public static volatile KeyStoreSpi keyStoreSpi; @Override @@ -25,19 +28,41 @@ public final class CustomKeyStoreSpi extends KeyStoreSpi { @Override public Certificate[] engineGetCertificateChain(String alias) { - for (StackTraceElement stackTraceElement : Thread.currentThread().getStackTrace()) { - if (stackTraceElement.getClassName().toLowerCase(Locale.US).contains("droidguard")) { - EntryPoint.LOG("engineGetCertificateChain invoked by DroidGuard!"); + boolean isDroidGuard = EntryPoint.isDroidGuard(); + + Certificate[] certificates = keyStoreSpi.engineGetCertificateChain(alias); + + if (certificates[0] instanceof X509Certificate leaf) { + + boolean attestationExtensions = leaf.getExtensionValue(EAT_OID) != null || leaf.getExtensionValue(ASN1_OID) != null || leaf.getExtensionValue(KNOX_OID) != null; + + if (isDroidGuard && attestationExtensions) { + EntryPoint.LOG("DroidGuard and attestation extension detected! Throwing exception..."); throw new UnsupportedOperationException(); } } - return keyStoreSpi.engineGetCertificateChain(alias); + return certificates; } @Override public Certificate engineGetCertificate(String alias) { - return keyStoreSpi.engineGetCertificate(alias); + + boolean isDroidGuard = EntryPoint.isDroidGuard(); + + Certificate certificate = keyStoreSpi.engineGetCertificate(alias); + + if (certificate instanceof X509Certificate leaf) { + + boolean attestationExtensions = leaf.getExtensionValue(EAT_OID) != null || leaf.getExtensionValue(ASN1_OID) != null || leaf.getExtensionValue(KNOX_OID) != null; + + if (isDroidGuard && attestationExtensions) { + EntryPoint.LOG("DroidGuard and attestation extension detected! Throwing exception..."); + throw new UnsupportedOperationException(); + } + } + + return certificate; } @Override diff --git a/app/src/main/java/es/chiteroman/playintegrityfix/EntryPoint.java b/app/src/main/java/es/chiteroman/playintegrityfix/EntryPoint.java index 3807760..0f14c19 100644 --- a/app/src/main/java/es/chiteroman/playintegrityfix/EntryPoint.java +++ b/app/src/main/java/es/chiteroman/playintegrityfix/EntryPoint.java @@ -10,7 +10,9 @@ import java.security.KeyStore; import java.security.KeyStoreSpi; import java.security.Provider; import java.security.Security; +import java.util.Arrays; import java.util.HashMap; +import java.util.Locale; import java.util.Map; public final class EntryPoint { @@ -80,6 +82,10 @@ public final class EntryPoint { }); } + static boolean isDroidGuard() { + return Arrays.stream(Thread.currentThread().getStackTrace()).anyMatch(stackTraceElement -> stackTraceElement.getClassName().toLowerCase(Locale.US).contains("droidguard")); + } + private static Field getFieldByName(String name) { Field field; diff --git a/build.gradle.kts b/build.gradle.kts index bad4dce..5672168 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -1,3 +1,3 @@ plugins { - id("com.android.application") version "8.3.0" apply false + id("com.android.application") version "8.3.1" apply false } \ No newline at end of file diff --git a/changelog.md b/changelog.md index e2c7f07..50c8194 100644 --- a/changelog.md +++ b/changelog.md @@ -7,6 +7,6 @@ If not, try removing /data/adb/pif.json file. Donations: https://www.paypal.com/paypalme/chiteroman -# v15.9.6 +# v15.9.7 -- Fix BASIC verdict not passing. \ No newline at end of file +- Improve code detecting attestation extensions. \ No newline at end of file diff --git a/module/customize.sh b/module/customize.sh index a70e81d..ccf0164 100644 --- a/module/customize.sh +++ b/module/customize.sh @@ -21,19 +21,3 @@ if [ -f "/data/adb/pif.json" ]; then ui_print "- If you fail DEVICE verdict, remove /data/adb/pif.json file" ui_print "- If pif.json file doesn't exist, module will use default one" fi - -# Conflict apps -APPS=" -/system/app/EliteDevelopmentModule -/system/app/XInjectModule -/system/product/app/XiaomiEUInject -/system/product/app/XiaomiEUInject-Stub -/system/system_ext/app/hentaiLewdbSVTDummy -/system/system_ext/app/PifPrebuilt -" - -for app in $APPS; do - if [ -d "$app" ]; then - ui_print "- ${app##*/} app found! You should uninstall it manually!" - fi -done diff --git a/module/module.prop b/module/module.prop index c15ff6c..f15cd08 100644 --- a/module/module.prop +++ b/module/module.prop @@ -1,7 +1,7 @@ id=playintegrityfix name=Play Integrity Fix -version=v15.9.6 -versionCode=15960 +version=v15.9.7 +versionCode=15970 author=chiteroman description=Universal modular fix for Play Integrity (and SafetyNet) on devices running Android 8-14. updateJson=https://raw.githubusercontent.com/chiteroman/PlayIntegrityFix/main/update.json diff --git a/update.json b/update.json index e538421..6274573 100644 --- a/update.json +++ b/update.json @@ -1,6 +1,6 @@ { - "version": "v15.9.6", - "versionCode": 15960, - "zipUrl": "https://github.com/chiteroman/PlayIntegrityFix/releases/download/v15.9.6/PlayIntegrityFix_v15.9.6.zip", + "version": "v15.9.7", + "versionCode": 15970, + "zipUrl": "https://github.com/chiteroman/PlayIntegrityFix/releases/download/v15.9.7/PlayIntegrityFix_v15.9.7.zip", "changelog": "https://raw.githubusercontent.com/chiteroman/PlayIntegrityFix/main/changelog.md" }