### Disable Exact Signature Match Source: https://context7.com/lsposed/corepatch/llms.txt This snippet hooks `SigningDetails#signaturesMatchExactly` to always return true when the `exactSigCheck` preference is enabled. This allows multi-APK installs where splits have different signing certificates. ```java hookAllMethods(signingDetails, "signaturesMatchExactly", new XC_MethodHook() { @Override protected void beforeHookedMethod(MethodHookParam param) { if (prefs.getBoolean("exactSigCheck", false)) param.setResult(true); } }); // Resulting behavior: multi-APK (split APK) installs where splits have // mismatched signatures proceed without error ``` -------------------------------- ### Recover V1 Signature Verification Failures Source: https://context7.com/lsposed/corepatch/llms.txt Hooks `ApkSignatureVerifier#verifyV1Signature` to substitute a synthetic or pre-installed `SigningDetails` object when V1 JAR signing is invalid (error code -103). This prevents installation failures by allowing the process to continue with a valid signature. ```java hookAllMethods("android.util.apk.ApkSignatureVerifier", loadPackageParam.classLoader, "verifyV1Signature", new XC_MethodHook() { public void afterHookedMethod(MethodHookParam methodHookParam) throws Throwable { if (prefs.getBoolean("authcreak", false)) { Throwable throwable = methodHookParam.getThrowable(); if (throwable != null) { // Only intervene on INSTALL_PARSE_FAILED_NO_CERTIFICATES (-103) if (error.getInt(throwable) == -103 || (throwable.getCause() != null && error.getInt(throwable.getCause()) == -103)) { Signature[] lastSigs = null; if (prefs.getBoolean("UsePreSig", false)) { // Use already-installed app's signatures if UsePreSig is on PackageManager pm = AndroidAppHelper.currentApplication().getPackageManager(); PackageInfo archiveInfo = pm.getPackageArchiveInfo((String) methodHookParam.args[0], 0); PackageInfo installedInfo = pm.getPackageInfo(archiveInfo.packageName, PackageManager.GET_SIGNING_CERTIFICATES); lastSigs = installedInfo.signingInfo.getSigningCertificateHistory(); } // Fall back to extracting signatures from the APK itself if (lastSigs == null && prefs.getBoolean("digestCreak", true)) { // ... reads certs via StrictJarFile + loadCertificates } // Last resort: use the hardcoded Android platform signature if (lastSigs == null) lastSigs = new Signature[]{ new Signature(SIGNATURE) }; Object newSigningDetails = findConstructorExact.newInstance(lastSigs, 1); methodHookParam.setResult(newSigningDetails); } } } } }); // Resulting behavior: APKs that fail V1 signature parsing still complete installation // with a valid (possibly synthetic) SigningDetails object ``` -------------------------------- ### Initialize CorePatch Module Source: https://context7.com/lsposed/corepatch/llms.txt This is the main entry point for the CorePatch module. It ensures activation only within the 'android' system process and delegates to the appropriate version-specific handler based on the Android SDK version. ```java public class MainHook implements IXposedHookLoadPackage { @Override public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) throws Throwable { // Only activate inside the android system process if ("android".equals(lpparam.packageName) && lpparam.processName.equals("android")) { switch (Build.VERSION.SDK_INT) { case Build.VERSION_CODES.BAKLAVA: // API 36 case Build.VERSION_CODES.VANILLA_ICE_CREAM: // API 35 new CorePatchForV().handleLoadPackage(lpparam); break; case Build.VERSION_CODES.UPSIDE_DOWN_CAKE: // API 34 new CorePatchForU().handleLoadPackage(lpparam); break; case Build.VERSION_CODES.TIRAMISU: // API 33 new CorePatchForT().handleLoadPackage(lpparam); break; case Build.VERSION_CODES.S_V2: // API 32 case Build.VERSION_CODES.S: // API 31 new CorePatchForS().handleLoadPackage(lpparam); break; case Build.VERSION_CODES.R: // API 30 new CorePatchForR().handleLoadPackage(lpparam); break; case Build.VERSION_CODES.Q: // API 29 case Build.VERSION_CODES.P: // API 28 new CorePatchForQ().handleLoadPackage(lpparam); break; default: XposedBridge.log("W/CorePatch Unsupported Version, falling back to latest SDK"); new CorePatchForV().handleLoadPackage(lpparam); break; } } } } ``` -------------------------------- ### CorePatch Preference Keys and Defaults Source: https://context7.com/lsposed/corepatch/llms.txt This comment block lists available preference keys and their default boolean values used in CorePatch's `prefs.xml`. These settings control various bypass and verification behaviors. ```java // Available preference keys and their defaults (from prefs.xml): // "downgrade" → true (allow app downgrade) // "authcreak" → false (disable digest verification) // "digestCreak" → true (disable signature comparison) // "exactSigCheck" → false (disable exact signature match check) // "UsePreSig" → false (use installed app's signatures during install) // "bypassBlock" → true (bypass install blocklist, e.g. Nothing Phone) // "sharedUser" → false (bypass shared-user signature check) // "disableVerificationAgent" → true (disable Google Play Protect / package verifier) ``` -------------------------------- ### Disable Signature Comparison Source: https://context7.com/lsposed/corepatch/llms.txt Hooks `SigningDetails#checkCapability` to allow reinstallation over an app with a different signing certificate, bypassing signature checks except for `PERMISSION` and `AUTH`. Also bypasses KeySetManagerService upgrade key checks. Enabled by default. ```java // CorePatchForR — hooks checkCapability on android.content.pm.PackageParser.SigningDetails // CorePatchForT — hooks checkCapability on android.content.pm.SigningDetails (renamed class) Class signingDetails = getSigningDetails(loadPackageParam.classLoader); hookAllMethods(signingDetails, "checkCapability", new XC_MethodHook() { @Override protected void beforeHookedMethod(MethodHookParam param) { // Skip PERMISSION (4) and AUTH (16) to avoid granting all privileged permissions if (prefs.getBoolean("digestCreak", true)) { if ((Integer) param.args[1] != 4 && (Integer) param.args[1] != 16) { param.setResult(true); } } } }); // Also bypasses KeySetManagerService upgrade key checks during package preparation var keySetManagerClass = findClass("com.android.server.pm.KeySetManagerService", loadPackageParam.classLoader); hookAllMethods(keySetManagerClass, "shouldCheckUpgradeKeySetLocked", new XC_MethodHook() { @Override protected void afterHookedMethod(MethodHookParam param) { if (prefs.getBoolean("digestCreak", true) && Arrays.stream(Thread.currentThread().getStackTrace()) .anyMatch(o -> o.getMethodName().startsWith("preparePackage"))) { param.setResult(true); } } }); // Resulting behavior: apps signed with a completely different certificate can be installed // as updates over an existing installation ``` -------------------------------- ### Hook All Methods with XposedHelper Source: https://context7.com/lsposed/corepatch/llms.txt XposedHelper.hookAllMethods can be used to hook all overloads of a specified method within a class. This is useful when the exact method signature is unknown or when all variants need to be intercepted. ```java XposedHelper.hookAllMethods( "android.util.jar.StrictJarVerifier", loadPackageParam.classLoader, "verify", new ReturnConstant(prefs, "authcreak", true) ); ``` -------------------------------- ### Reusable Preference-Gated Hook Callback Source: https://context7.com/lsposed/corepatch/llms.txt A generic `XC_MethodHook` that checks a boolean preference before short-circuiting a hooked method with a specified return value. This is useful for simple on/off bypasses controlled by user preferences. ```java // Definition public class ReturnConstant extends XC_MethodHook { private final XSharedPreferences prefs; private final String prefsKey; private final Object value; // the value to return when pref is true public ReturnConstant(XSharedPreferences prefs, String prefsKey, Object value) { this.prefs = prefs; this.prefsKey = prefsKey; this.value = value; } @Override protected void beforeHookedMethod(MethodHookParam param) throws Throwable { prefs.reload(); // always read latest value from disk if (prefs.getBoolean(prefsKey, true)) { param.setResult(value); // short-circuits original method } } } // Usage examples: // Allow downgrade (returns null = no exception): XposedBridge.hookMethod(checkDowngrade, new ReturnConstant(prefs, "downgrade", null)); // Bypass JAR digest check (returns true = digest is valid): hookAllMethods("android.util.jar.StrictJarVerifier", cl, "verifyMessageDigest", new ReturnConstant(prefs, "authcreak", true)); // Disable package verification agent (returns false = verification not enabled): hookAllMethods(pmServiceClass, "isVerificationEnabled", new ReturnConstant(prefs, "disableVerificationAgent", false)); ``` -------------------------------- ### Safe Class Lookup with XposedHelper Source: https://context7.com/lsposed/corepatch/llms.txt XposedHelper.findClass provides a safe way to look up classes. It returns null if the class is not found, instead of throwing a ClassNotFoundException. This is crucial for compatibility across different Android versions where class names or existence may vary. ```java Class cls = XposedHelper.findClass( "com.android.server.pm.KeySetManagerService", loadPackageParam.classLoader ); // returns null on Android versions where the class was renamed ``` -------------------------------- ### Safe Method Hooking with XposedHelper Source: https://context7.com/lsposed/corepatch/llms.txt Use XposedHelper.findAndHookMethod for safe method hooking. It swallows exceptions if the class or method is not found, logging only in debug builds. This prevents application crashes on different Android versions. ```java XposedHelper.findAndHookMethod( "android.util.jar.StrictJarVerifier", loadPackageParam.classLoader, "verifyMessageDigest", new ReturnConstant(prefs, "authcreak", true) ); ``` ```java XposedHelper.findAndHookMethod(apkSigningBlockClass, "parseVerityDigestAndVerifySourceLength", byte[].class, long.class, signatureInfoClass, new XC_MethodHook() { /* ... */ } ``` -------------------------------- ### Bypass App Downgrade Check Source: https://context7.com/lsposed/corepatch/llms.txt Hooks `PackageManagerService#checkDowngrade` to return null, bypassing the `INSTALL_FAILED_VERSION_DOWNGRADE` error. This functionality is enabled by default and also hooks the `PackageManagerServiceUtils` variant on newer Android versions. ```java // CorePatchForR — hooks the downgrade check in PackageManagerService var pmService = XposedHelpers.findClassIfExists( "com.android.server.pm.PackageManagerService", loadPackageParam.classLoader); if (pmService != null) { var checkDowngrade = XposedHelpers.findMethodExactIfExists(pmService, "checkDowngrade", "com.android.server.pm.parsing.pkg.AndroidPackage", "android.content.pm.PackageInfoLite"); if (checkDowngrade != null) { // ReturnConstant checks prefs key "downgrade" (default true), then sets result to null XposedBridge.hookMethod(checkDowngrade, new ReturnConstant(prefs, "downgrade", null)); } } // CorePatchForV additionally hooks the Utils variant introduced in Android 15+ var checkDowngradeAlt = XposedHelpers.findMethodExactIfExists( "com.android.server.pm.PackageManagerServiceUtils", loadPackageParam.classLoader, "checkDowngrade", "com.android.server.pm.PackageSetting", "android.content.pm.PackageInfoLite"); if (checkDowngradeAlt != null) { XposedBridge.hookMethod(checkDowngradeAlt, new ReturnConstant(prefs, "downgrade", null)); } // Resulting behavior: installing an older versionCode of an app no longer throws // INSTALL_FAILED_VERSION_DOWNGRADE ``` -------------------------------- ### Validate XSharedPreferences Accessibility in SettingsActivity Source: https://context7.com/lsposed/corepatch/llms.txt This Java code snippet validates XSharedPreferences accessibility on launch within the SettingsActivity. It handles SecurityExceptions by displaying an error dialog if LSPosed is not active or if getSharedPreferences fails. ```java // SettingsActivity — validates XSharedPreferences accessibility on launch @SuppressLint("WorldReadableFiles") private void checkXSharedPreferences() { try { getSharedPreferences("conf", Context.MODE_WORLD_READABLE); // If LSPosed is active, this succeeds (LSPosed hooks getSharedPreferences) } catch (SecurityException exception) { new AlertDialog.Builder(this) .setTitle(R.string.config_error) .setMessage(R.string.not_supported) // "Please update LSPosed or enable it" .setPositiveButton(android.R.string.ok, (d, w) -> finish()) .setNegativeButton(R.string.ignore, null) .show(); } } ``` -------------------------------- ### Bypass Shared User Signature Verification Source: https://context7.com/lsposed/corepatch/llms.txt This code hooks `SigningDetails#hasCommonAncestor` and manages signature merging in `SharedUserSetting` to allow apps with different signatures to share a UID. It requires `digestCreak` to be enabled and is intended for bypassing shared user signature verification. ```java // CorePatchForR — hasCommonAncestor bypass hookAllMethods(signingDetails, "hasCommonAncestor", new XC_MethodHook() { @Override protected void beforeHookedMethod(MethodHookParam param) throws Throwable { if (prefs.getBoolean("digestCreak", true) && prefs.getBoolean("sharedUser", false) && Arrays.stream(Thread.currentThread().getStackTrace()) .anyMatch(o -> "verifySignatures".equals(o.getMethodName()))) { param.setResult(true); } } }); ``` ```java // SharedUserSetting.addPackage — merges signing lineage so new package is accepted XposedBridge.hookAllMethods(sharedUserSettingClass, "addPackage", new XC_MethodHook() { @Override protected void beforeHookedMethod(MethodHookParam param) throws Throwable { if (!prefs.getBoolean("digestCreak", true) || !prefs.getBoolean("sharedUser", false)) return; // skip system shared users; merge lineage of non-matching signatures // Setting_setSigningDetails() updates the stored SigningDetails on the SharedUserSetting } }); // Resulting behavior: apps declaring the same sharedUserId but signed with // different keys can be installed together ``` -------------------------------- ### Disable Digest / JAR Verification Source: https://context7.com/lsposed/corepatch/llms.txt Hooks methods in `StrictJarVerifier` and `MessageDigest` to bypass digest verification errors. Also bypasses resource alignment checks and resets minimum signature scheme requirements. Use when APK file contents have been modified after signing. ```java // CorePatchForR — blanket digest bypass hookAllMethods("android.util.jar.StrictJarVerifier", loadPackageParam.classLoader, "verifyMessageDigest", new ReturnConstant(prefs, "authcreak", true)); hookAllMethods("android.util.jar.StrictJarVerifier", loadPackageParam.classLoader, "verify", new ReturnConstant(prefs, "authcreak", true)); hookAllMethods("java.security.MessageDigest", loadPackageParam.classLoader, "isEqual", new ReturnConstant(prefs, "authcreak", true)); // Also bypass resources.arsc alignment requirement (Android R+) hookAllMethods("android.content.res.AssetManager", loadPackageParam.classLoader, "containsAllocatedTable", new ReturnConstant(prefs, "authcreak", false)); // Reset minimum signature scheme requirement (avoids "No signature found in package of version N") findAndHookMethod("android.util.apk.ApkSignatureVerifier", loadPackageParam.classLoader, "getMinimumSignatureSchemeVersionForTargetSdk", int.class, new ReturnConstant(prefs, "authcreak", 0)); // Resulting behavior: APKs with modified files (patched apps, repacked APKs) install without // "Package ... has no signatures that match those in shared user" or digest errors ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.