From dbd5ab6701b336933c0443256fbf1ba683b147be Mon Sep 17 00:00:00 2001
From: Zachary Wander <zachary.wander@gmail.com>
Date: Tue, 13 Aug 2024 00:32:27 -0400
Subject: [PATCH] Change updater support check on Android to verify app
 signature

---
 android/build.gradle.kts                        |  3 +++
 common/build.gradle.kts                         |  3 +++
 .../zwander/common/util/UpdateInfo.android.kt   | 17 +++++++++++------
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/android/build.gradle.kts b/android/build.gradle.kts
index c723d1e..6203c77 100644
--- a/android/build.gradle.kts
+++ b/android/build.gradle.kts
@@ -46,4 +46,7 @@ android {
             isMinifyEnabled = false
         }
     }
+    buildFeatures {
+        buildConfig = true
+    }
 }
diff --git a/common/build.gradle.kts b/common/build.gradle.kts
index cfe06cb..5545394 100644
--- a/common/build.gradle.kts
+++ b/common/build.gradle.kts
@@ -205,6 +205,9 @@ android {
     lint {
         abortOnError = false
     }
+    buildFeatures {
+        buildConfig = true
+    }
 
     dependencies {
         coreLibraryDesugaring(libs.desugar.jdk.libs)
diff --git a/common/src/androidMain/kotlin/dev/zwander/common/util/UpdateInfo.android.kt b/common/src/androidMain/kotlin/dev/zwander/common/util/UpdateInfo.android.kt
index 4c74336..3fa42d7 100644
--- a/common/src/androidMain/kotlin/dev/zwander/common/util/UpdateInfo.android.kt
+++ b/common/src/androidMain/kotlin/dev/zwander/common/util/UpdateInfo.android.kt
@@ -1,7 +1,7 @@
 package dev.zwander.common.util
 
 import android.content.Intent
-import android.os.Build
+import android.content.pm.PackageManager
 import androidx.core.content.FileProvider
 import dev.zwander.common.App
 import dev.zwander.common.GradleConfig
@@ -14,6 +14,7 @@ import io.ktor.http.HttpMethod
 import io.ktor.util.cio.use
 import io.ktor.util.cio.writeChannel
 import io.ktor.utils.io.copyTo
+import korlibs.crypto.sha256
 import org.kohsuke.github.GitHub
 import java.io.File
 
@@ -75,11 +76,15 @@ actual object UpdateUtil {
         }
     }
 
+    @Suppress("DEPRECATION")
     actual fun supported(): Boolean {
-        return if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
-            App.instance.packageManager.getInstallSourceInfo(App.instance.packageName).installingPackageName
-        } else {
-            App.instance.packageManager.getInstallerPackageName(App.instance.packageName)
-        } != "com.android.vending"
+        val githubSha256 = "58997A7C334D76DCD57FAA918DDA90DA27EDA2E768AED4EB7F110D90C3196D67"
+        val signatures = App.instance.packageManager
+            .getPackageInfo(App.instance.packageName, PackageManager.GET_SIGNATURES).signatures
+        val matchesSignature = signatures.any { signature ->
+            signature.toByteArray().sha256().hexUpper == githubSha256
+        }
+
+        return matchesSignature || dev.zwander.common.BuildConfig.DEBUG
     }
 }
\ No newline at end of file