SafetyNet fix

[0x5ECF4ULT]

Hello @mar-v-in and staff of microG.
Here is what seems to be a working fix for SN (#24 ). At least it works on my machine, but since it's all about Android this should be irrelevant.
I had long and extensive talks with @mar-v-in (thanks for teaching me the weirdness of Google) and he knows that this PR works at least partially.
Anyways, I hope that endless requests for fixing SN are now history.
Cheers! 😄

UPDATE:
The DG binary was extracted from GPlay Services Version 201515000
The hash of the decrypted binary (droidguasso.jar) is: 5a15e53a5cae52b026e621f85de824eaec8b71f112942f5a18d61a6bf414f8da
The hash of the encrypted binary (droidguasso.enc) is: 5f8fbca7046760b44670af4d0bb8f551bce19f86a63674ec2ff84e33a9a353f0

[ErnyTech]

Seems doesn't work for me

https://del.dog/depackidyv.log

[0x5ECF4ULT]

This PR is entirely about SN. Your log tells me that the SafetyNet service crashed because some connection wasn't established. I didn't touch this part of the code. The request could fail due to your internet connection or microG not correctly installed. Please consider the self-check section of the microG settings and your system properties.

[rusagent]

How to get a build from this branch, also not only for arm64 but arm?

[0x5ECF4ULT]

@rusagent ./gradlew clean installDebug if you got your device directly connected to your computer via ADB. Otherwise do ./gradlew clean assembleDebug. If you'd like a release build substitute "Debug" with "Release". The build is arch-independent since no native libs are used.

[oloyed1832]

Not working for me. Returning:

{
  "apkCertificateDigestSha256": [],
  "error": "internal_error"
}

Clean installation, no GMS before, Android 10.

[0x5ECF4ULT]

@oloyed1832 could you please provide a complete stacktrace? If there's no stacktrace it's likely that Google experienced the internal error and not microG.

[oloyed1832]

@oloyed1832 could you please provide a complete stacktrace? If there's no stacktrace it's likely that Google experienced the internal error and not microG.

Its decoded from google response. Same for old version of microg DroidGuard. Probably you passed SN before with original GMS and it works for you

[0x5ECF4ULT]

@oloyed1832 there's no way this could have happened since I used a clean emulator (without GApps). Sure the emulator didn't pass but I got a valid response from the Google servers. I'll look into these failures later and change the code if I find anything

[oloyed1832]

@oloyed1832 there's no way this could have happened since I used a clean emulator (without GApps). Sure the emulator didn't pass but I got a valid response from the Google servers. I'll look into these failures later and change the code if I find anything

SafetyNet Checker app doesn't show full info. Try with SafetyNet attest app and check for App Id and request token, if they there, it works. Valid response doesn't mean working safetynet

[0x5ECF4ULT]

@oloyed1832 I didn't use the traditional approach by using an app to verify but the logcat logs. Please don't assume that I'm a complete noob.
This is the output from my test:

decodedJWTPayload json:{"nonce":"v2ss2Qpz3K7Hw+HTbW1lwBIV0Flaynis3jYGiZwvT2Q=","timestampMs":1595009930124,"ctsProfileMatch":false,"apkCertificateDigestSha256":[],"basicIntegrity":false,"advice":"RESTORE_TO_FACTORY_ROM","evaluationType":"BASIC"}

[oloyed1832]

Which emulator and android version you used?

[0x5ECF4ULT]

In the wiki is an image explicitly for testing microG. It's an Intel Atom x86_64 image and Android version 10

[mar-v-in]

I included your changes with af16669 and c8763ad. I decided to add a script that uses faketime to build droidguasso.jar. This makes the result more reproducible. The droidguasso.enc was now taken from 20.26.14, which happens to be the same than yours (when using this more reproducible script).

I also used SQLiteOpenHelper instead to create the database. I believe there is content to be added in this database as well, but creating it at least fixes some issues.

Thanks a lot for taking the time to look into this.

[SakiiCode]

Well it doesn't work for me and barely give any meaningful output on logcat

Magisk check:

07-27 22:28:08.836 25008 26667 W opjohnwu.magis: Skipping duplicate class check due to unsupported classloader
07-27 22:28:08.837 25008 26667 W opjohnwu.magis: Opening an oat file without a class loader. Are you using the deprecated DexFile APIs?
07-27 22:28:08.906 25008 26667 E opjohnwu.magis: Resource 7f080008 is a complex map type.
07-27 22:28:08.906 25008 26667 E GooglePlayServicesUtil: The Google Play services resources were not found. Check your project configuration to ensure that the resources are included.
07-27 22:28:08.932 25008 26747 E opjohnwu.magis: Resource 7f080008 is a complex map type.
07-27 22:28:08.932 25008 26747 E GooglePlayServicesUtil: The Google Play services resources were not found. Check your project configuration to ensure that the resources are included.
07-27 22:28:09.264 26670 26679 W System  : A resource failed to call end. 
07-27 22:28:09.693 17003 17003 E irqbalance: irqbalance_load_watchdog: failed to read cpudata for core 0: No such file or directory (2)
07-27 22:28:10.694 17003 17003 E irqbalance: irqbalance_load_watchdog: failed to read cpudata for core 0: No such file or directory (2)
07-27 22:28:11.694 17003 17003 E irqbalance: irqbalance_load_watchdog: failed to read cpudata for core 0: No such file or directory (2)
07-27 22:28:14.695 17003 17003 E irqbalance: irqbalance_load_watchdog: failed to read cpudata for core 0: No such file or directory (2)
07-27 22:28:14.906 26670 26679 W System  : A resource failed to call close. 
07-27 22:28:14.906 26670 26679 W System  : A resource failed to call close. 
07-27 22:28:14.907 26670 26679 W SQLiteConnectionPool: A SQLiteConnection object for database '/data/user/0/org.microg.gms.droidguard/databases/dg.db' was leaked!  Please fix your application to end transactions in progress properly and to close the database when it is no longer needed.
07-27 22:28:14.907 26670 26679 W System  : A resource failed to call close. 
07-27 22:28:15.696 17003 17003 E irqbalance: irqbalance_load_watchdog: failed to read cpudata for core 0: No such file or directory (2)

Safetynet attest app:

07-27 22:35:49.093 26670 26679 W System  : A resource failed to call close. 
07-27 22:35:49.094 26670 26679 W System  : A resource failed to call close. 
07-27 22:35:49.094 26670 26679 W SQLiteConnectionPool: A SQLiteConnection object for database '/data/user/0/org.microg.gms.droidguard/databases/dg.db' was leaked!  Please fix your application to end transactions in progress properly and to close the database when it is no longer needed.
07-27 22:35:49.094 26670 26679 W System  : A resource failed to call close. 

[0x5ECF4ULT]

@SakiiCode I see the problem. In fact the request fails because a table in the db already exists and the SQLiteOpenHelper tries to create this table. I modified the source. Tbh I don't know why this memory leak occurs. Maybe because the DroidGuardDatabase object is never assigned. I'm looking into that issue!