BankID säkerhetsapp-GmsCore-v0.2.7.17455

[vildevilde]

BankID säkerhetsapp, Swedish app for elektronic identification.

BankID doesn't connect and are useless with last update GmsCore-v0.2.7.17455.

Same problem on two phones running LOS w MicroG, Google Pixel (Sailfish) LOS 16, and Google Nexus (Bullhead) running LOS 15. Both fully updated same issue. My solution was going back to GmsCore-v0.2.6.13280.

Sorry, I don't know how to make any logs and so, I did found out how to make logs see next entry.

[vildevilde]

Here follows logfile, while trying to make a new BankID on my bank with BankID app. Both from Google Nexus (Bullhead) LOS 15

First one with newest gmscore, GmsCore-v0.2.7.17455, and here BankID fails. logcat_newestgmscore.txt

Next logfile, is with GmsCore-v0.2.6.13280 and here BankID works. logcat_gmscoreold.txt

[pedro-araujo]

Sadly the latest update of BankID broke compatibility with MicroG, I believe it is related to the issue #676.

[vildevilde]

I do have LOS 16 on Google Pixel and BankID 7.14.0.56, installed yesterday so it should be a newest version and it's working with GmsCore-v0.2.6.13280 but not with GmsCore-v0.2.7.17455

[roydenyates]

Confirmed LOS 16 on BQ Aquaris X and BankID 7.14.0.56 (latest) - it's working with GmsCore-v0.2.6.13280 but not with GmsCore-v0.2.7.17455.

[roydenyates]

Sadly the latest update of BankID broke compatibility with MicroG, I believe it is related to the issue #676.

I think it was the other way round

[Phydragelit]

(Both devices have BankID v7.14.0.71401 (latest) installed). BankID säkerhetsapp worked on "OnePlus 3T (oneplus3)" running "LineageOS for microG 16" with "GmsCore-v0.2.6.13280" but "BankID säkerhetsapp" stopped working after system update with "GmsCore-v0.2.7.17455" upgrade. Still works on "OnePlus One (bacon)" running "LineageOS for microG 16" with "GmsCore-v0.2.6.13280". Both devices have working "Google Cloud Messaging" acording to "Push Notication Tester".

Haven't tested going back to older version of "LineageOS for microG 16" on "OnePlus 3T (oneplus3)" with "GmsCore-v0.2.6.13280" yet.

[churchthecat]

Can confirm the issue on 1+3T , lineage for microg 16. can also confirm that downgrading worked. thanks vildevilde for the workaround

[ahstro]

Didn't manage to downgrade my OS (and almost botched the backup :sweat_smile: ), so if anyone needs some logs or testing, hmu.

[ghost]

This has probably been fixed with the latest unreleased commits ("Fix calling package detection in KK+"). If BankID crashes with a SecurityException, rest assured that it will be fixed by the next update.

[ahstro]

BankID doesn't crash, it just loads forever, but I hope that it solves that.

[churchthecat]

ahstro you only need to downgrade gmscore not the entire OS/ROM. uninstall gmscore from priv-app. Install the older one in priv-app again.

[ahstro]

@churchthecat, thanks, I'll try that. I'm using microG's LineageOS ROM, so I thought I'd just make it "easy" for me, but easy is never easy, huh. I'll try your solution ASAP. Sorry for diverging the issue thread a bit :innocent:

[roydenyates]

@churchthecat, thanks, I'll try that. I'm using microG's LineageOS ROM, so I thought I'd just make it "easy" for me, but easy is never easy, huh. I'll try your solution ASAP. Sorry for diverging the issue thread a bit innocent

If you are on Lineage OS 16 from Microg and updated the OS a few days back, it updated GmsCore to the problematic v0.2.7.17455 as a system app. This will not uninstall or downgrade on device AFAIK.

[churchthecat]

I am on linage for microG as well. No problem remove and install it (I used magisk modules debloater and systemizer in termux) just don't update the ROM afterwards as it will install the problematic version again ( I assume).

[vildevilde]

This has probably been fixed with the latest unreleased commits ("Fix calling package detection in KK+"). If BankID crashes with a SecurityException, rest assured that it will be fixed by the next update.

Any idea when this next update will come? is there some way to test this fix before?

[vildevilde]

On my G Pixel there is a new update today, LOS w MicroG, are there any way safe to update the rom and then roll back microG? Last time it failed to me and I had to reinstall the rom. Then I reinstalled an older rom with working MicroG and the update the rom before I rolled back MicroG, that worked. But I don't want to reinstall to update rom.

[churchthecat]

all I can say is that it worked for me, but I wait to install any ROM updates until a new version of gmscore is included.

[roydenyates]

On my phone, the bootloader does not like a rw /system and the OS freezes. That meant magisk etc was useless. BUT, using TWRP I could mount /system rw in a stable way and then use adb to install GsmCore in the older version as a system app (in /system/priv-app/GsmCore/). And it must be a system app for spoofing to work and correct signature.

[vildevilde]

On my phone, the bootloader does not like a rw /system and the OS freezes. That meant magisk etc was useless. BUT, using TWRP I could mount /system rw in a stable way and then use adb to install GsmCore in the older version as a system app (in /system/priv-app/GsmCore/). And it must be a system app for spoofing to work and correct signature.

Ok, from being in twrp with system rw, how exactly did you install the older GsmCore with adb?

[roydenyates]

Easiest is to get the right GmsCore .apk on the device beforehand. Or from PC, adb push xxxxx.apk /sdcard/ (choose right apk name, & dir path in place of /sdcard/ then adb shell su (from TWRP you likely should be root anyway) rm /system/priv-app/GmsCore/GmsCore.apk (this removes the installed "problem" version) cd /sdcard (or where you have pushed the xxxx.apk) mv xxxxx.apk /system/priv-app/GmsCore/xxxxxx.apk (replace xxx as appropriate) chmod 644 /system/priv-app/GmsCore/xxxxx.apk

Then unmount system in Twrp and reboot. GmsCore should now be "systemized" at the working version, and microg should show it is working.

[vildevilde]

Easiest is to get the right GmsCore .apk on the device beforehand. Or from PC, adb push xxxxx.apk /sdcard/ (choose right apk name, & dir path in place of /sdcard/ then adb shell su (from TWRP you likely should be root anyway) rm /system/priv-app/GmsCore/GmsCore.apk (this removes the installed "problem" version) cd /sdcard (or where you have pushed the xxxx.apk) mv xxxxx.apk /system/priv-app/GmsCore/xxxxxx.apk (replace xxx as appropriate) chmod 644 /system/priv-app/GmsCore/xxxxx.apk

Then unmount system in Twrp and reboot. GmsCore should now be "systemized" at the working version, and microg should show it is working.

Thank you, what's the difference from just deleting/removing the files with the filemanager in twrp?

[roydenyates]

None, I just was in the adb groove :-)

[vildevilde]

I did it, it worked this time, just replaced the file with twrp filemanager, just as first time I did it, wonder why it didn't work the second time?

[vildevilde]

There is a new release of GmsCore since yesterday. v0.2.8.17785, there are two versions, GmsCore-v0.2.8.17785-mapbox.apk and GmsCore-v0.2.8.17785-vtm.apk. Today after a new update with LOS MicroG on Google Pixel (Sailfish) instead of changing back to the old GmsCore-v0.2.6.13280.apk, as I usually do I tried both the new versions but unfortunately I have the same issue as before. BankId is not working and i had to go back to the old version again :(

[ale5000-git]

Could all of you update to this build and retry please?

@vildevilde: It is more recent then the versions you already tried and also more recent than the last release.

[vildevilde]

Could all of you update to this build and retry please?

@vildevilde: It is more recent then the versions you already tried and also more recent than the last release.

Tried it but no, sorry but not working same issue :(

[vildevilde]

logcat_gmscoretest.txt

LOS 16 Google Pixel (sailfish)

[vildevilde]

For information I did test the new build from ale5000-git also on one other phone, Nexus 5x (bullhead) and LOS 15, same issue BankId is not working.

[jonjonasson]

Same here. Ale5000-git's version has the same issue. Reverting to GmsCore-v0.2.6.13280.apk by copying to priv-app/GmsCore still works on the 2019-07-22 build of LineageOS.

Can anyone advice on what I can do to help resolve this issue? It's a massive showstopper for most (all) people in Sweden as bankid is used for everyting with high security here!

[monperrus]

Installed GmsCore-v0.2.6.13280 and BankId starts well. But no way to register a new login, stalled at the QR-code step (see #670). Any idea?

[attah]

@monperrus Use a separate qr code reader app, the uri should invoke bankid and let you continue. Worked for me on Sailfish OS at least. (some random android qr code reader was used, native probably wouldn't have done it)

[churchthecat]

Use a separate qr scanner app ( i used secscan qr from fdroid) , select open in browser and bankid should pick it up from there.

[monperrus]

It works like a charm with a separate QR-code reader, thanks a lot!

[pabloyoyoista]

@ale5000-git I don't have the knowledge to fix this issue but I can spend time in bisecting the commits between versions 0.2.6.13280 and 0.2.7.17455 to see which one broke this. Would there be higher chances of getting it fixed if we know the exact commit? I have a Samsung Galaxy S5 with LineageOS for microG installed in which I have been able to reproduce the BankID issue (and it got fixed by downgrading the version of GmsCore).

In order to try the bisecting, I have actually followed the Building instructions and I have been able to compile com.google.android.gms.apk and play-services-core-release.apk from master branch. However, at the time of installing I get the following

Failure [INSTALL_FAILED_UPDATE_INCOMPATIBLE: Package com.google.android.gms signatures do not match previously installed version; ignoring!]

This gives me the feeling that it might not be secure to directly install a new version. Could you help describing the procedure that should be followed?

Thank you very much for your time

[chris42]

@pablofsf When you compile the apk yourself, it gets another signature than the official ones. You will need to copy it manually on the device as described in a comment before

[pabloyoyoista]

Thank you @chris42

So I have a problem because compiling version v0.2.7.17455 and copying to my device gives me a functional BankID app. The process I have followed is:

In my Samsung Galaxy S5 with LineageOS of microG, downloaded and installed the latest system update (from 30th July). At this point BankID is not working

Downloaded from here sdk-tools-linux-4333796.zip then:

export JAVA_HOME=/usr/lib/jvm/default-java
mkdir /opt/android-sdk-update-manager/
mv Downloads/sdk-tools-linux-4333796.zip /opt/android-sdk-update-manager/
cd /opt/android-sdk-update-manager/
unzip sdk-tools-linux-4333796.zip
cd tools/bin
./sdkmanager --licenses # Accept all licenses
cd ~/data/Informatica
mkdir microg
cd microg
mkdir outputs
mkdir keystores
ANDROID_SDK_PATH="/opt/android-sdk-update-manager"
KEYSTORES_PATH="$PWD/keystores"
# Generate keystore
echo "We need to create a keystore for GmsCore:"
keytool -genkey -v -keystore $KEYSTORES_PATH/playservices.jks -alias playservices -keyalg RSA -keysize 4096 -validity 10000
# GMSCore
git clone https://github.com/microg/android_packages_apps_GmsCore.git
cd android_packages_apps_GmsCore
git submodule update --init --recursive
git checkout v0.2.7.17455
git  submodule update --recursive
# Then modified extern/UnifiedNlp/unifiednlp-compat/build.gradle to match android-28
echo "sdk.dir=$ANDROID_SDK_PATH" > local.properties
echo "sdk-location=$ANDROID_SDK_PATH" >> local.properties
./gradlew build
cp play-services-core/build/outputs/apk/release/play-services-core-release-unsigned.apk ../outputs/play-services-core-release.apk
# Sign APK
cd ../outputs
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore $KEYSTORES_PATH/playservices.jks play-services-core-release.apk playservices
/opt/android-sdk-update-manager/build-tools/28.0.3/zipalign -p -v 4  play-services-core-release.apk com.google.android.gms.apk

The file com.google.android.gms.apk generated is considerably smaller than the ones available in the releases sections (around 12M) and copying it to /system/priv-app/GmsCore/GmsCore.apk makes BankID work perfectly.

Some more info: Java version: openjdk version "1.8.0_212" OpenJDK Runtime Environment (build 1.8.0_212-8u212-b03-0ubuntu1.16.04.1-b03) OpenJDK 64-Bit Server VM (build 25.212-b03, mixed mode) OS: Trisquel 8, based on Ubuntu Xenial

I have also tried compiling master commit instead of v0.2.7.17455, with similar results (generated com.google.android.gms.apk is around 12M and BankID is functional)

Could someone reproduce this behavior?

EDIT I've just realized that due to the size difference, I might have compiled vtm version instead of mapbox version. It would be great if someone could test if BankID is working in their devices with vtm version.

[vildevilde]

I don't know how this things work, nor the vocabulary so I don't know how to test, do you have a file I can test, I will do that.

31 juli 2019 00:39:52 +02:00, skrev pablofsf notifications@github.com:

Thank you @chris42 https://github.com/chris42 So I have a problem because compiling version v0.2.7.17455 and copying to my device gives me a functional BankID app. The process I have followed is: In my Samsung Galaxy S5 with LineageOS of microG, downloaded and installed the latest system update (from 30th July). At this point BankID is not working Downloaded from here https://developer.android.com/studio/index.html#download sdk-tools-linux-4333796.zip then:

export JAVA_HOME=/usr/lib/jvm/default-java mkdir /opt/android-sdk-update-manager/ mv Downloads/sdk-tools-linux-4333796.zip /opt/android-sdk-update-manager/ cd /opt/android-sdk-update-manager/ unzip sdk-tools-linux-4333796.zip cd tools/bin ./sdkmanager --licenses # Accept all licenses cd ~/data/Informatica mkdir microg cd microg mkdir outputs mkdir keystores ANDROID_SDK_PATH="/opt/android-sdk-update-manager" KEYSTORES_PATH="$PWD/keystores"

Generate keystore

echo "We need to create a keystore for GmsCore:" keytool -genkey -v -keystore $KEYSTORES_PATH/playservices.jks -alias playservices -keyalg RSA -keysize 4096 -validity 10000

GMSCore

git clone https://github.com/microg/android_packages_apps_GmsCore.git cd android_packages_apps_GmsCore git submodule update --init --recursive git checkout v0.2.7.17455 git submodule update --recursive

Then modified extern/UnifiedNlp/unifiednlp-compat/build.gradle to match android-28

echo "sdk.dir=$ANDROID_SDK_PATH" > local.properties echo "sdk-location=$ANDROID_SDK_PATH" >> local.properties ./gradlew build cp play-services-core/build/outputs/apk/release/play-services-core-release-unsigned.apk ../outputs/play-services-core-release.apk

Sign APK

cd ../outputs jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore $KEYSTORES_PATH/playservices.jks play-services-core-release.apk playservices /opt/android-sdk-update-manager/build-tools/28.0.3/zipalign -p -v 4 play-services-core-release.apk com.google.android.gms.apk The file com.google.android.gms.apk is considerably smaller than the ones available in the releases sections (around 12M) and copying it to /system/priv-app/GmsCore/GmsCore.apk makes BankID to work perfectly.

Some more info: Java version: openjdk version "1.8.0_212" OpenJDK Runtime Environment (build 1.8.0_212-8u212-b03-0ubuntu1.16.04.1-b03) OpenJDK 64-Bit Server VM (build 25.212-b03, mixed mode) OS: Trisquel 8, based on Ubuntu Xenial

I have also tried compiling master commit instead of v0.2.7.17455, with similar results (generated com.google.android.gms.apk is around 12M and BankID is functional) Could someone reproduce this behavior?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/microg/android_packages_apps_GmsCore/issues/824?email_source=notifications&email_token=AMIUK5FZY5SYO6LXODO2GHLQCC7LRA5CNFSM4HVKRUA2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD3FQQ7Q#issuecomment-516622462, or mute the thread https://github.com/notifications/unsubscribe-auth/AMIUK5CKPU3O45OIHNMBAPLQCC7LRANCNFSM4HVKRUAQ.

[vildevilde]

I think I did it before, and I tried it again now, the vtm version is not working either.

[pabloyoyoista]

@vildevilde I have forked the repo and published two releases, one compiled from the last commit of branch master and another one from tag v0.2.7.17455. You should copy com.google.android.gms.apk to /system/priv-app/GmsCore/GmsCore.apk. If you try them and they are working for you, then either I have done something wrong building them, the building instructions are not updated or the problem is generated during the compile process

[vildevilde]

Ok, tried both files and none of them works on my LOS16 on Google Pixel Edited: Hope I did right, the files are play-services-core-release.apk.master and com.google.android.gms.apk.master. Copied them one an d one to the right folder and renamed them to GmsCore.apk, rebooted, checked BankId.

[pabloyoyoista]

It should be that procedure, although com.google.android.gms.apk is the only file that needs to be tested. At this point I am clueless why it is working for me. You could try this release too, but I doubt it'd make a difference. Sorry for that :(

[vildevilde]

Sorry, but as you wrote that is not working for me either. I would like somebody else to try so It's not just me doing something wrong. Edit: Just tried both files on my Nexus 5x with LOS 15, not working there either

[vildevilde]

By removing the microg app completely from the folder my BankId works. There is a warning message, but just ignoring that and it works.

[klasrocket]

Hi. Thanks for all the work to gather the info in this thread! Just wanted to confirm that I also had the same problem with bankid not working under microG 2.7 but after manual downgrade to 2.6 using twrp I got it back working :)

[ghost]

Samme issue running LOS 16 on a Xiaomi Mi Mix 2. Manual downgrade allows BankID to function but simultaneously breaks notifications for all other apps and leaves you with the outdated/no play services found error. It also seem to disappear the MicroG settings app. Not sure if this is unique to me. I've limited experience with coding, but let me know if I can be of help solving this.

[vildevilde]

I wonder if there is anyone trying to solve this issue, if not, the I and probably all other Swedish users have to give up the thought of not being forced to use the gogle-shit login. As written before, this is essential to have BankID working in this country.

[monperrus]

@pablofsf what are the results of your git bisect?

[vildevilde]

@pablofsf what are the results of your git bisect? I don't understand?

[monperrus]

@pablofsf what are the results of your git bisect?

I don't understand?

The first step is to identify the commit that introduced the regression. @pablofsf has started to look at this. Once the regression found, the fix should be easy.

[pabloyoyoista]

@monperrus I might have not been clear, but I bumped into the issue that the versions I compiled run in my phone even if they should not. I have not been able to troubleshoot this issue yet, but I understand it's a problem from my phone's configuration, as BandID did not work with them for @vildevilde.

To make sure that the problem is just in my phone, could @vildevilde check if this release makes BankID work (if things are right, it should)?