[SMS] Add functionality for SMS Retriever API #170 #215
Comments
|
Please indicate which app on Play Store you are referring to (if it is public, and available in Australia), and indicate what you mean by "doesn't work". Also, please provide links and/or documentation regarding "Google is now using APK Signature Scheme v3.1." |
|
The app is called БСПТ. I have just made it available in Australia. "doesn't work" means SMSRetriever doesn't catch SMS containing hash created by your tool AppHashGen.zip (SMSRetriever.OnSMSResult is not called at all). Sorry, but my judgements regarding "Google is now using APK Signature Scheme v3.1." are only based on comparison mentioned earlier of apk signature information given from apksigner verify -print-certs -v package.apk command. There is a line there "Verified using v3.1 scheme (APK Signature Scheme v3.1): true" and the value "true" only comes with newly uploaded or updated to Google Play store apps. I only managed to find this link. Forgot to mention that Google says: If you are already using the apksigner tool to display the certificate lineage information, you must use the tool from Android SDK ver. 33.0.1 and above. |
|
The additional info that might help: There is an untilty called APK-Info according to this it should be able to verify signature of the apk by using APK Signature Scheme v3, but it can not, and it gives this error: "Unknown additional attribute: ID 0x559f8b02" |
|
I've updated the original SMS Retriever test app to add code that can obtain the app hash within itself. You can deploy a version of your app for internal testing on Play Store, install it from there and invoke the code to determine the app hash. You could remove that code if you feel you need to before publishing the version you intend to release. The code to call (as per code in Unit1 of the attached demo) is: |
|
Thank you. Does it mean that your tool AppHashGen.zip doesn't give the right hash any more? And the only way to get the right hash is within the app? |
It appears it does not.
The latest version of |
|
How do you compute hash within the app? |
As per my earlier comment:
The code that computes the hash is in the |
|
After opening this demo project closing the studio causes this error: |
|
I doubt this error is related to the project itself. It does not have any special components in it, or anything |
That helped. But hasn’t Google really provided a more convenient way for developers to obtain the application hash? Isn't that weird? |
Description
SMS Retriever API doesn't work with APK Signature Scheme v3.1
Error messages
SMSRetriever starts with no error message, with ASuccess=True, when SMS comes, nothing happens.
Please indicate
All android versions
Steps To Reproduce
Install your app from Google Play store.
Hi! I'm writting you considering your post here https://githubissues.com/DelphiWorlds/Kastri/170. Sorry for my bad English, I'm also new to github, so please don't scold me too much if I'm asking a question in the wrong place.
I have implemented your example in my app, and it works just fine if I'm signing apk by myself, but when I install my app from Google Play store, it doesn't work. I have compared signature information (given from apksigner verify -print-certs -v package.apk command) from both cases and it turned out, that the main difference is that Google is now using APK Signature Scheme v3.1. Could you consider to update SMSRetrieverTest.zip and/or AppHashGen.zip to fix this issue?
The text was updated successfully, but these errors were encountered: