feat: add Shizuku-based RKP root registration toggle#13
feat: add Shizuku-based RKP root registration toggle#13shoey63 wants to merge 7 commits intoVisionR1:masterfrom
Conversation
|
About this: The "Non-Root" Risk: Using these toggles on a locked/non-root device is dangerous. Because a non-root user cannot execute the pm clear commands needed to flush the RKP certificate cache after unregistering, the device may get stuck in an inconsistent attestation state. In such cases, a Full Factory Reset is the only way to recover original functionality. Should have a warning ? Example: This will modify the system's Remote Key Provisioning state. If you are not rooted, you may not be able to revert this change without a factory reset. Proceed? |
|
Good point. To clarify: technically, these commands will fail to execute via Shizuku on a non-rooted device anyway due to permission restrictions on the cmd shell. However, I agree that a 'Proceed' warning dialog is a much better UX than just letting a user click a button and seeing a 'Failure' toast. I'll update the PR to include a confirmation dialog with that warning text |
fix: add confirmation dialog and resolve Data import.
|
Updated with warning. |
|
Hold on. I'm testing a clear cache enhancement so you can switch back and forth while still in the app. |
|
Actually these features will be useless in a few weeks when RKP goes fully live. Feel free to close the PR if you like |
Oh, and you did so much work. |
It's mainly for my personal experiments. I'm thinking of the work you have to do to revert everything once it's redundant, plus now more translations. |
Understand. Oh yeah, right. If only need few weeks, if 1 year then yes. Keeping open, maybe Google change time, and RKP goes fully live after more. |
feat: automate RKPD cache clearing on successful RKP state change
|
Final commit pushed. Register RKP root -> RKP test = new root All instant without leaving the app. Is it ok to put my unsigned ci release build in your TrickyStore XDA thread? For anyone following. |
Yeah, sure put it. |
|
Some changes
|
2 participants
Description
This PR introduces the ability to Register or Unregister the device for the Google KeyMint V3 root directly from the app's UI, and introduces a raw RKP certificate chain diagnostic tool. This removes the manual dependency on external Python scripts or desktop-based ADB commands, allowing for a mobile-native workflow.
Key Features
RkpRegistrationManager.ktto executecmd remote_provisioningHAL commands via Shizuku.privaterestriction on Shizuku'snewProcessAPI, ensuring a lightweight implementation without the overhead of a full User Service.@zgfgon XDA). It captures the raw PEM output from both thedefaultandstrongboxHALs and pipes it directly into the Android Share Sheet for instant forum sharing.-keeprules for Shizuku to ensure reflection logic survives R8 minification in Release builds.Android's Remote Key Provisioning Daemon (RKPD) aggressively caches certificates. After toggling the state in the app, the system will serve cached certificates until the pool is exhausted.
Previously, Google's documentation stated a Full Factory Reset was required to clear these if you didn't have raw root access. This is no longer true.
Because Shizuku runs via ADB (UID 2000), it holds the
CLEAR_APP_USER_DATApermission natively. This implementation leverages Shizuku to silently execute:pm clear com.google.android.rkpdapp(orcom.android.rkpdon AOSP)This safely flushes the daemon's cache and forces an immediate fetch from Google's servers, completely bypassing the factory reset requirement.
Testing Results
InputStreamfrom the HAL is captured and successfully passed toIntent.ACTION_SEND.