CertUtil: Fix & improve fdroid app check
* Check for fdroid basic as install source as well * Check for fdroid.org as organization name in signing certificate attribute Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
This commit is contained in:
@@ -25,22 +25,18 @@ import android.content.pm.PackageManager
|
|||||||
import android.util.Base64
|
import android.util.Base64
|
||||||
import android.util.Log
|
import android.util.Log
|
||||||
import com.aurora.extensions.generateX509Certificate
|
import com.aurora.extensions.generateX509Certificate
|
||||||
|
import com.aurora.extensions.getInstallerPackageNameCompat
|
||||||
import com.aurora.extensions.isPAndAbove
|
import com.aurora.extensions.isPAndAbove
|
||||||
import com.aurora.store.util.PackageUtil.getPackageInfo
|
import com.aurora.store.util.PackageUtil.getPackageInfo
|
||||||
import java.security.MessageDigest
|
import java.security.MessageDigest
|
||||||
import java.security.cert.X509Certificate
|
import java.security.cert.X509Certificate
|
||||||
import java.util.Locale
|
|
||||||
|
|
||||||
object CertUtil {
|
object CertUtil {
|
||||||
|
|
||||||
private val TAG = "CertUtil"
|
private val TAG = "CertUtil"
|
||||||
private val fdroidSubjects = listOf("FDROID", "GUARDIANPROJECT.INFO")
|
|
||||||
|
|
||||||
fun isFDroidApp(context: Context, packageName: String): Boolean {
|
fun isFDroidApp(context: Context, packageName: String): Boolean {
|
||||||
return getX509Certificates(
|
return isInstalledByFDroid(context, packageName) || isSignedByFDroid(context, packageName)
|
||||||
context,
|
|
||||||
packageName
|
|
||||||
).any { it.subjectDN.name.uppercase(Locale.getDefault()) in fdroidSubjects }
|
|
||||||
}
|
}
|
||||||
|
|
||||||
fun getEncodedCertificateHashes(context: Context, packageName: String): List<String> {
|
fun getEncodedCertificateHashes(context: Context, packageName: String): List<String> {
|
||||||
@@ -60,6 +56,24 @@ object CertUtil {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private fun isSignedByFDroid(context: Context, packageName: String): Boolean {
|
||||||
|
return getX509Certificates(context, packageName).any { cert ->
|
||||||
|
cert.subjectDN.name.split(",").associate {
|
||||||
|
val (left, right) = it.split("=")
|
||||||
|
left to right
|
||||||
|
}["O"] == "fdroid.org"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private fun isInstalledByFDroid(context: Context, packageName: String): Boolean {
|
||||||
|
val fdroidPackages = listOf(
|
||||||
|
"org.fdroid.basic", "org.fdroid.fdroid", "org.fdroid.fdroid.privileged"
|
||||||
|
)
|
||||||
|
return fdroidPackages.contains(
|
||||||
|
context.packageManager.getInstallerPackageNameCompat(packageName)
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
private fun getX509Certificates(context: Context, packageName: String): List<X509Certificate> {
|
private fun getX509Certificates(context: Context, packageName: String): List<X509Certificate> {
|
||||||
return try {
|
return try {
|
||||||
val packageInfo = getPackageInfoWithSignature(context, packageName)
|
val packageInfo = getPackageInfoWithSignature(context, packageName)
|
||||||
|
|||||||
@@ -199,16 +199,9 @@ object PackageUtil {
|
|||||||
|
|
||||||
/*Filter F-Droid apps*/
|
/*Filter F-Droid apps*/
|
||||||
if (isFDroidFilterEnabled) {
|
if (isFDroidFilterEnabled) {
|
||||||
packageInfoList = packageInfoList
|
packageInfoList = packageInfoList.filter {
|
||||||
.filter {
|
!CertUtil.isFDroidApp(context, it.packageName)
|
||||||
val packageInstaller = packageManager.getInstallerPackageNameCompat(it.packageName)
|
}
|
||||||
!listOf(
|
|
||||||
"org.fdroid.fdroid",
|
|
||||||
"org.fdroid.fdroid.privileged"
|
|
||||||
).contains(packageInstaller)
|
|
||||||
}.filter {
|
|
||||||
!CertUtil.isFDroidApp(context, it.packageName)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
packageInfoList.forEach {
|
packageInfoList.forEach {
|
||||||
|
|||||||
Reference in New Issue
Block a user