meoware.exe/rl-mobile
1
0
Fork 0
mirror of https://github.com/meowarex/rl-mobile.git synced 2026-06-17 21:13:11 +10:00
Code Issues Packages Projects Releases Wiki Activity

Remove Signiture checking sicne source is my own repo

Browse Source
This commit is contained in:
meowarex
2026-05-20 22:18:48 +10:00
parent 5a47214016
commit c4f56bcc5b
2 changed files with 19 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Manager/app/src/main/kotlin/com/meowarex/rlmobile/patcher/steps/download/DownloadTidalStep.kt
-53
View File
@@ -1,19 +1,13 @@
package com.meowarex.rlmobile.patcher.steps.download
import android.os.Build
import androidx.annotation.RequiresApi
import androidx.compose.runtime.Stable
import com.meowarex.rlmobile.R
import com.meowarex.rlmobile.manager.PathManager
import com.meowarex.rlmobile.patcher.StepRunner
import com.meowarex.rlmobile.patcher.steps.base.DownloadStep
import com.meowarex.rlmobile.patcher.steps.prepare.FetchInfoStep
import com.android.apksig.ApkVerifier
import okio.ByteString.Companion.decodeHex
import okio.ByteString.Companion.toByteString
import org.koin.core.component.KoinComponent
import org.koin.core.component.inject
import java.io.File
@Stable
class DownloadTidalStep : DownloadStep<Int>(), KoinComponent {
@@ -29,51 +23,4 @@ class DownloadTidalStep : DownloadStep<Int>(), KoinComponent {
override fun getStoredFile(container: StepRunner) =
paths.cachedTidalApk(getVersion(container))
override suspend fun verify(container: StepRunner) {
super.verify(container)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
container.log("Verifying APK signature")
verifySignature(getStoredFile(container))
} else {
container.log("Skipping APK signature verification, API level too old")
}
}
@RequiresApi(Build.VERSION_CODES.P)
private fun verifySignature(apk: File) {
val verifier = ApkVerifier.Builder(apk).build()
val result = try {
verifier.verify()
} catch (e: Exception) {
throw IllegalStateException("Failed to verify APK! It may have been corrupted or tampered with.", e)
}
if (!result.isVerified)
throw SignatureVerificationException(result.allErrors)
if (TIDAL_CERTIFICATE_SHA256 != null) {
if (result.signerCertificates.singleOrNull()
?.let { it.encoded.toByteString().sha256() == TIDAL_CERTIFICATE_SHA256.decodeHex() } != true
) {
throw VerifyError("Failed to verify TIDAL APK signatures! This is an unoriginal APK that has been tampered with.")
}
}
}
private companion object {
// TODO: populate with actual TIDAL signing certificate SHA-256
// Run: apksigner verify --print-certs tidal.apk
val TIDAL_CERTIFICATE_SHA256: String? = null
fun getStoredFilePath(paths: PathManager, version: Int): File =
paths.cachedTidalApk(version)
}
private class SignatureVerificationException(errors: List<ApkVerifier.IssueWithParams>) : Exception(
"Failed to verify APK signatures! " +
"This is an unoriginal APK that has been tampered with. " +
"Verification errors: " + errors.joinToString()
)
}