From bf88e7c8bd5968b880bd4ba617c91b83587c8a2c Mon Sep 17 00:00:00 2001
From: Marvin W <git@larma.de>
Date: Mon, 1 Jul 2019 00:26:57 +0200
Subject: [PATCH] Add Google Certficate service

---
 .../chimera/container/DynamiteLoaderImpl.java |  3 +
 .../gms/common/GoogleCertificatesImpl.java    | 60 +++++++++++++++++++
 .../googlecertificates/ModuleDescriptor.java  | 22 +++++++
 .../org/microg/gms/common/PackageUtils.java   | 12 +++-
 .../GoogleLocationManagerServiceImpl.java     |  2 +-
 5 files changed, 96 insertions(+), 3 deletions(-)
 create mode 100644 play-services-core/src/main/java/com/google/android/gms/common/GoogleCertificatesImpl.java
 create mode 100644 play-services-core/src/main/java/com/google/android/gms/dynamite/descriptors/com/google/android/gms/googlecertificates/ModuleDescriptor.java

diff --git a/play-services-core/src/main/java/com/google/android/gms/chimera/container/DynamiteLoaderImpl.java b/play-services-core/src/main/java/com/google/android/gms/chimera/container/DynamiteLoaderImpl.java
index 5a8a2c50..43bd5caf 100644
--- a/play-services-core/src/main/java/com/google/android/gms/chimera/container/DynamiteLoaderImpl.java
+++ b/play-services-core/src/main/java/com/google/android/gms/chimera/container/DynamiteLoaderImpl.java
@@ -59,6 +59,9 @@ public class DynamiteLoaderImpl extends IDynamiteLoader.Stub {
             Log.d(TAG, "returning temp fix module version for " + moduleId + ". Firebase Database will not be functional!");
             return com.google.android.gms.dynamite.descriptors.com.google.android.gms.firebase_database.ModuleDescriptor.MODULE_VERSION;
         }
+        if (moduleId.equals("com.google.android.gms.googlecertificates")) {
+            return com.google.android.gms.dynamite.descriptors.com.google.android.gms.googlecertificates.ModuleDescriptor.MODULE_VERSION;
+        }
         if (moduleId.equals("com.google.android.gms.cast.framework.dynamite")) {
             Log.d(TAG, "returning temp fix module version for " + moduleId + ". Cast API wil not be functional!");
             return 1;
diff --git a/play-services-core/src/main/java/com/google/android/gms/common/GoogleCertificatesImpl.java b/play-services-core/src/main/java/com/google/android/gms/common/GoogleCertificatesImpl.java
new file mode 100644
index 00000000..bb9c6df2
--- /dev/null
+++ b/play-services-core/src/main/java/com/google/android/gms/common/GoogleCertificatesImpl.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2019 microG Project Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.android.gms.common;
+
+import android.os.RemoteException;
+import android.support.annotation.Keep;
+import android.util.Log;
+
+import com.google.android.gms.common.internal.GoogleCertificatesQuery;
+import com.google.android.gms.common.internal.IGoogleCertificatesApi;
+import com.google.android.gms.dynamic.IObjectWrapper;
+import com.google.android.gms.dynamic.ObjectWrapper;
+
+import org.microg.gms.common.PackageUtils;
+
+@Keep
+public class GoogleCertificatesImpl extends IGoogleCertificatesApi.Stub  {
+    private static final String TAG = "GmsCertImpl";
+
+    @Override
+    public IObjectWrapper getGoogleCertficates() throws RemoteException {
+        Log.d(TAG, "unimplemented Method: getGoogleCertficates");
+        return null;
+    }
+
+    @Override
+    public IObjectWrapper getGoogleReleaseCertificates() throws RemoteException {
+        Log.d(TAG, "unimplemented Method: getGoogleReleaseCertificates");
+        return null;
+    }
+
+    @Override
+    public boolean isGoogleReleaseSigned(String packageName, IObjectWrapper certData) throws RemoteException {
+        return PackageUtils.isGooglePackage(packageName, ObjectWrapper.unwrapTyped(certData, byte[].class));
+    }
+
+    @Override
+    public boolean isGoogleSigned(String packageName, IObjectWrapper certData) throws RemoteException {
+        return PackageUtils.isGooglePackage(packageName, ObjectWrapper.unwrapTyped(certData, byte[].class));
+    }
+
+    @Override
+    public boolean isGoogleOrPlatformSigned(GoogleCertificatesQuery query, IObjectWrapper packageManager) throws RemoteException {
+        return PackageUtils.isGooglePackage(query.getPackageName(), query.getCertData().getBytes());
+    }
+}
diff --git a/play-services-core/src/main/java/com/google/android/gms/dynamite/descriptors/com/google/android/gms/googlecertificates/ModuleDescriptor.java b/play-services-core/src/main/java/com/google/android/gms/dynamite/descriptors/com/google/android/gms/googlecertificates/ModuleDescriptor.java
new file mode 100644
index 00000000..36de33ae
--- /dev/null
+++ b/play-services-core/src/main/java/com/google/android/gms/dynamite/descriptors/com/google/android/gms/googlecertificates/ModuleDescriptor.java
@@ -0,0 +1,22 @@
+/*
+ * Copyright (C) 2019 microG Project Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.android.gms.dynamite.descriptors.com.google.android.gms.googlecertificates;
+
+public class ModuleDescriptor {
+    public static final String MODULE_ID = "com.google.android.gms.googlecertificates";
+    public static final int MODULE_VERSION = 1;
+}
diff --git a/play-services-core/src/main/java/org/microg/gms/common/PackageUtils.java b/play-services-core/src/main/java/org/microg/gms/common/PackageUtils.java
index 2cab68bc..27ae292f 100644
--- a/play-services-core/src/main/java/org/microg/gms/common/PackageUtils.java
+++ b/play-services-core/src/main/java/org/microg/gms/common/PackageUtils.java
@@ -64,6 +64,14 @@ public class PackageUtils {
 
     public static boolean isGooglePackage(Context context, String packageName) {
         String signatureDigest = firstSignatureDigest(context, packageName);
+        return isGooglePackage(packageName, signatureDigest);
+    }
+
+    public static boolean isGooglePackage(String packageName, byte[] bytes) {
+        return isGooglePackage(packageName, sha1sum(bytes));
+    }
+
+    public static boolean isGooglePackage(String packageName, String signatureDigest) {
         if (signatureDigest == null) return false;
         if (Arrays.asList(GOOGLE_PRIMARY_KEYS).contains(signatureDigest)) return true;
         if (!KNOWN_GOOGLE_PACKAGES.containsKey(packageName)) return false;
@@ -162,13 +170,13 @@ public class PackageUtils {
                     packageName = packagesForUid[0];
                 } else if (Arrays.asList(packagesForUid).contains(suggestedPackageName)) {
                     packageName = suggestedPackageName;
-                } else if (suggestedPackageName == null) {
+                } else {
                     packageName = packagesForUid[0];
                 }
             }
         }
         if (packageName != null && suggestedPackageName != null && !packageName.equals(suggestedPackageName)) {
-            throw new SecurityException("UID [" + callingUid + "] is not related to packageName [" + packageName + "]");
+            throw new SecurityException("UID [" + callingUid + "] is not related to packageName [" + suggestedPackageName + "] (seems to be " + packageName + ")");
         }
         return packageName;
     }
diff --git a/play-services-core/src/main/java/org/microg/gms/location/GoogleLocationManagerServiceImpl.java b/play-services-core/src/main/java/org/microg/gms/location/GoogleLocationManagerServiceImpl.java
index 0569e167..97b03570 100644
--- a/play-services-core/src/main/java/org/microg/gms/location/GoogleLocationManagerServiceImpl.java
+++ b/play-services-core/src/main/java/org/microg/gms/location/GoogleLocationManagerServiceImpl.java
@@ -306,7 +306,7 @@ public class GoogleLocationManagerServiceImpl extends IGoogleLocationManagerServ
     @Override
     public void requestLocationSettingsDialog(LocationSettingsRequest settingsRequest, ISettingsCallbacks callback, String packageName) throws RemoteException {
         Log.d(TAG, "requestLocationSettingsDialog: " + settingsRequest);
-        PackageUtils.checkPackageUid(context, packageName, Binder.getCallingUid());
+        PackageUtils.getAndCheckCallingPackage(context, packageName);
         callback.onLocationSettingsResult(new LocationSettingsResult(new LocationSettingsStates(true, true, false, true, true, false), Status.CANCELED));
     }