Question
I have an Android service that uses private Android binder apis (IWindowManager specifically). When I build this as part of Android platform source code and install it on a device (where I have Uboot access etc), it works fine.
I don't like GIT, so I moved the service outside of GIT to different version control where I don't have access to android sources, but I can build it using Android sdk build tools.
As IWindowManager is hidden api, sdk build system failed my builds. I created a separate android.jar that contains android.jar from sdk plus framework.jar from platform build. I used dj-dex2jar for this.
I used a custom Ant task (i.e. Ant taskdef with supporting Java ant code) to change the bootclasspath used by sdk build system. Now my service builds using Android build tools but using custom android.jar that I created.
When I install this apk on our device, I see it failing when I invoke injectKeyEvent() on IWindowManager service. This service is rejecting the call saying my app doesn't have INJECT_INPUT permission. That is expected behavior as my app is not platform app any more.
I have access to platform key. One option is to sign the app with platform key and go about it. But here is the caveat. My app also need to access Binder services from an internal app that expects the app signed by our release key.
How do I address this? I like my service be able to invoke binder calls that require it to be signed by platform key and be able to invoke binder calls that require it to be signed by our own release key.
Any ideas?
Thanks
Solution
In my ROM, I only use the platform key for access checking. So I suggest you let the internal APP accept the calling process used the platform key.
In my experience, one app only can be signed by one key. If you need more security checking, you should add other strategy for this such as package-name checking.
https://stackoverflow.com/questions/16385268
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian