Open Lekensteyn opened 11 years ago
Hi Peter, thanks for your email. Finally some breath of air :-). I just finished writing some papers I had to write and awaiting my (hopefully) last PhD review next week. I haven't gone back to the code since the last test. But to quickly answer your question:
ActivityManagerService.java
and BroadcastQueue.java
in JB.enforcePrivacyPermission()
that you have pointed out is I believe from the original patch of svyat and pastime1971.BroadcastQueue.java
after applying my patch, You'll find another enforcePrivacyPermission()
in BroadcastQueue.java
which is the correct one.enforcePrivacyPermission()
from ActivityManagerService.java
and do some tests. Once confirmed, I will update the patch on GitHub.Thanks for pointing out. Cheers!
I am unable to build since I miss some proprietary files (renamed?). When I have time, I'll try to retrieve those from a cm-10 nightly zip (for i9300).
During my searches, I could not find the source for the PDroid APK. Is that one actually open? I think it is also safe to drop the certificate that is within the patch since it is only used for an APK. See my commit history at https://github.com/Lekensteyn/PDroid-AOSP-JellyBean
Note: I still need to start+finish a build, so until now it is quite theoretical what I did there. I did compare your patch against the one from pastime and found no differences other than some imports in the Telephony file.
Therefore I'd say if the front-end was open, someone who's building could add his own certificate. Otherwise, as it is at the moment, dropping the key might make PDroid unusable all together (until there's an open front-end).
The certificate from the patch:
$ openssl x509 -in privacy.x509.pem -noout -text
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 10906107848001710937 (0x975a474e023deb59)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Some-State, O=Internet Widgits Pty Ltd, CN=Svyatoslav H
Validity
Not Before: Jul 14 21:25:26 2011 GMT
Not After : Nov 28 21:25:26 2038 GMT
Subject: C=DE, ST=Some-State, O=Internet Widgits Pty Ltd, CN=Svyatoslav H
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:db:8b:89:0b:ef:54:ea:35:18:b4:17:94:63:0d:
57:a3:3e:59:cd:d5:a8:85:b6:bb:af:5a:2b:af:a6:
97:0f:8d:8f:52:37:0e:96:69:37:c9:4b:7e:7a:c9
...
Internet Widgets Pty? This cannot be serious.
The PDroid APK is signed with a different key:
$ openssl pkcs7 -inform DER -in META-INF/CERT.RSA -noout -text -print_certs
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1505666751 (0x59bea6bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=Germany, ST=None, L=None, O=None, OU=None, CN=Stefan
Validity
Not Before: Oct 6 12:42:17 2012 GMT
Not After : Sep 30 12:42:17 2037 GMT
Subject: C=Germany, ST=None, L=None, O=None, OU=None, CN=Stefan
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:6a:87:60:6f:f4:57:39:c5:2e:c6:3c:12:62:
75:95:34:ee:84:62:58:82:22:db:37:32:c3:99:49:
07:03:6e:98:ae:54:a3:5f:52:59:30:cb:42:6b:db:
56:6f:59:55:6d:0d:38:cb:e9:43:60:04:de:6e:53:
...
Using jd-gui, I could partially retrieve the source, but I was unable to find any references to the privacy.x509.pem. Again, I need to test that by installing the patch+APK.
[rant]Linux is so open, including its community. Why is the Android community so closed? "ROMS" and "mods" are often small modifications to binary blobs, without actually knowing what is happening. Given infrastructures like Github, it should not be difficult to publish opensource Android programs (hint, Pdroid, hint)[/rant]
META-INF/CERT.RSA
is less relevant hereprivacy.x509.pem
as shown below.2048 bit
impractical to brute-force with today's computing power. DEX
decompiler and sharp eyes are our best hope until we write one ourselves.Actually Android itself is quite open. The reason behind binary-blob "mods" is - it's easy for the end-users. Most users can't be bothered or capable of building things themselves. For them, a textual patch file or a binary-blob means the same thing.
I don't know what svyat
's ultimate plan around PDroid is, but I think what he did is quite impressive. Considering the source for the back-end (Android patch) is open, my eventual plan is to make an open front-end from scratch. I'll keep you posted if you are keen.
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:db:8b:89:0b:ef:54:ea:35:18:b4:17:94:63:0d:
57:a3:3e:59:cd:d5:a8:85:b6:bb:af:5a:2b:af:a6:
97:0f:8d:8f:52:37:0e:96:69:37:c9:4b:7e:7a:c9:
60:6b:a2:b5:3a:a9:96:ea:4b:49:79:be:5f:82:70:
ca:e6:f7:81:76:81:b4:d9:6a:6b:07:69:4c:fb:a6:
e1:8c:2f:1d:d1:fe:cd:ef:bd:84:83:f2:93:f0:ce:
a8:72:2d:8f:a6:49:22:be:71:b8:6f:b6:12:4c:6b:
81:49:2c:5c:87:2a:51:e3:ee:5d:70:9f:ca:9e:02:
bd:9c:78:a5:45:e3:0e:52:8f:01:a5:f6:1c:12:1c:
0e:bc:4c:c7:9b:f5:d5:8e:f3:b3:7b:f3:6a:7e:0f:
d7:ea:53:72:37:dd:07:f4:89:e8:81:89:16:2b:10:
11:d0:b4:3c:02:30:93:64:b4:d9:a6:1b:d1:b2:2b:
2b:bc:3d:5b:36:8e:1b:c9:90:db:20:6b:f2:de:cb:
ed:05:3f:04:60:28:0d:0c:82:72:9a:be:58:86:c5:
24:fb:e9:29:7d:f2:98:a6:73:d8:7e:67:27:9d:c1:
7c:36:cf:e9:64:d4:58:7e:aa:1b:83:05:66:93:80:
82:65:0b:ec:8b:a9:af:93:01:8a:a2:99:47:54:61:
2b:af
Exponent: 65537 (0x10001)
I forgot to say that the private key for that certificate is public too: http://code.google.com/p/pdroid/source/browse/android-2.3.4_r1/trunk/build/target/product/security/privacy.pk8
$ openssl pkcs8 -in privacy.pk8 -inform DER -nocrypt -out privacy.key
$ openssl rsa -noout -text -in privacy.key
modulus:
00:db:8b:89:0b:ef:54:ea:35:18:b4:17:94:63:0d:
57:a3:3e:59:cd:d5:a8:85:b6:bb:af:5a:2b:af:a6:
97:0f:8d:8f:52:37:0e:96:69:37:c9:4b:7e:7a:c9:
60:6b:a2:b5:3a:a9:96:ea:4b:49:79:be:5f:82:70:
ca:e6:f7:81:76:81:b4:d9:6a:6b:07:69:4c:fb:a6:
e1:8c:2f:1d:d1:fe:cd:ef:bd:84:83:f2:93:f0:ce:
a8:72:2d:8f:a6:49:22:be:71:b8:6f:b6:12:4c:6b:
81:49:2c:5c:87:2a:51:e3:ee:5d:70:9f:ca:9e:02:
bd:9c:78:a5:45:e3:0e:52:8f:01:a5:f6:1c:12:1c:
0e:bc:4c:c7:9b:f5:d5:8e:f3:b3:7b:f3:6a:7e:0f:
d7:ea:53:72:37:dd:07:f4:89:e8:81:89:16:2b:10:
11:d0:b4:3c:02:30:93:64:b4:d9:a6:1b:d1:b2:2b:
2b:bc:3d:5b:36:8e:1b:c9:90:db:20:6b:f2:de:cb:
ed:05:3f:04:60:28:0d:0c:82:72:9a:be:58:86:c5:
24:fb:e9:29:7d:f2:98:a6:73:d8:7e:67:27:9d:c1:
7c:36:cf:e9:64:d4:58:7e:aa:1b:83:05:66:93:80:
82:65:0b:ec:8b:a9:af:93:01:8a:a2:99:47:54:61:
2b:af
publicExponent: 65537 (0x10001)
privateExponent:
00:93:10:d4:9c:0f:15:85:d2:4d:9b:0e:14:93:89:
b3:84:21:d7:4c:7f:ec:64:ad:f4:e9:d0:f0:64:b8:
...
The Android source code is indeed public and is for the most part well-documented. I do not mind a blob for the end-user, but then at least enclose the source code for others! Especially for an application like PDroid which controls such an important property.
svyat seems pretty busy and I don't know if there will be any news soon, but I agree too that he did something great.
I am surely interested when you make a open-source front-end :-) Maybe you can start to collaborate with CollegeDev (his English is not too great, but hopefully he codes better). He has created PDroid Extension which is based on PDroid patches with a custom GUI. (the iptables filter of that program is flawed though, it is easily bypassed because it operates at the wrong level)
I think that the patches can be cleaned up too, those // BEGIN privacy
and // END privacy
lines just add noise and just increase the chance of breaking when the upstream source gets updated (I encountered this when trying to fix your patch for CM10).
I forgot to say that the private key for that certificate is public too.
Now that's a bit confusing. I will take a peep at my earliest opportunity.
Thanks. I have looked at CollegeDev's work. It looks all good and could indeed be useful.
I think that the patches can be cleaned up too
I agree.
Just came across this thread via Google. Make sure you take note of a new "challenger" to CollegeDev's PDroid front end. This one is fully open source and their lead contributor is very knowledgeable and community-friendly!
Hi wbedard, thanks! I have looked at [1]. The open-source approach of the front-end is indeed very much appreciated. I will definitely keep an eye on it. I haven't gone back to upgrading my patch the latest version of Jelly Bean yet. I will give it a shot too. Cheers.
[1] http://forum.xda-developers.com/showthread.php?t=1994860
I have been comparing your patches and the one from http://forum.xda-developers.com/showthread.php?t=1554960 and found some differences, small for the most part.
But there is one weird addition I see in your patch, the addition of method
enforcePrivacyPermission
inframeworks/base/services/java/com/android/server/am/ActivityManagerService.java
. That method is private, but never used in that class. Did you make a copy mistake there?