CTS Fail #6

brian6932 · 2024-04-16T12:30:27Z

Whatever I do, I can't get this ROM to pass CTS anymore, whether rooted or unrooted with the stock boot.img. The issue started for me near the end of January. PIF doesn't help anymore. Causes many problems for banking, DRM, and payment apps.

device information

❯ adb shell getprop ro.build.version.release
14

❯ adb shell getprop ro.vendor.build.id
AP1A.240505.005

❯ adb shell getprop ro.product.build.fingerprint
asus/WW_AI2202/ASUS_AI2202:14/UKQ1.230924.001/34.0304.2004.87:user/release-keys

❯ adb shell getprop ro.modversion
OmniROM-14-202405141642-zenfone9-GAPPS

❯ adb shell uname -r
5.10.81-android12-9-g9729dec572d0

❯ (ls Y:/data/adb/modules).Name
avbctl
magisk_overlayfs
playintegrityfix
sensitive_props
ssh
xmlpak-RE
zygisk_lsposed
zygisk-assistant
zygisk-sui
zygisksu

❯ adb shell su -c /data/adb/lspd/bin/cli modules ls -e
balti.xposed.pixelifygooglephotos             10212 enable
com.thinkdifferent.anywebview                 10292 enable
es.chiteroman.bootloaderspoofer               10309 enable

PIF logcat (using Xiaomi EU FP)

❯ cat Y:/data/adb/pif.json
{
    "MANUFACTURER": "motorola",
    "MODEL": "XT1575",
    "FINGERPRINT": "motorola/clark_retus/clark:6.0/MPHS24.49-18-8/4:user/release-keys",
    "BRAND": "motorola",
    "PRODUCT": "clark_retus",
    "DEVICE": "clark",
    "RELEASE": "6.0",
    "ID": "MPHS24.49-18-8",
    "INCREMENTAL": "4",
    "TYPE": "user",
    "TAGS": "release-keys",
    "SECURITY_PATCH": "2016-09-01",
    "DEVICE_INITIAL_SDK_INT": "25",
    "*.build.id": "MPHS24.49-18-8",
    "*.security_patch": "2016-09-01",
    "*api_level": "25"
}

❯ adb shell

AI2202:/ $ su
AI2202:/ # logcat -c
AI2202:/ # killall com.google.android.gms.unstable
killall: com.google.android.gms.unstable: No such process
AI2202:/ # killall com.google.android.gms
AI2202:/ # logcat -d | grep PIF
logcat -d | grep PIF
05-16 06:11:44.248 15557 15557 D PIF     : Dex file size: 7552
05-16 06:11:44.248 15557 15557 D PIF     : Json file size: 516
05-16 06:11:44.296 15557 15557 D PIF     : get system classloader
05-16 06:11:44.296 15557 15557 D PIF     : create class loader
05-16 06:11:44.297 15557 15557 D PIF     : load class
05-16 06:11:44.297 15557 15557 D PIF     : call init
05-16 06:11:44.298 15557 15557 D PIF     : Field *.build.id not found!
05-16 06:11:44.298 15557 15557 D PIF     : Field *.security_patch not found!
05-16 06:11:44.298 15557 15557 D PIF     : Field *api_level not found!
05-16 06:11:44.298 15557 15557 D PIF     : Save BRAND with value: motorola
05-16 06:11:44.298 15557 15557 D PIF     : Save DEVICE with value: clark
05-16 06:11:44.298 15557 15557 D PIF     : Save DEVICE_INITIAL_SDK_INT with value: 25
05-16 06:11:44.298 15557 15557 D PIF     : Save FINGERPRINT with value: motorola/clark_retus/clark:6.0/MPHS24.49-18-8/4:u
ser/release-keys
05-16 06:11:44.298 15557 15557 D PIF     : Save ID with value: MPHS24.49-18-8
05-16 06:11:44.298 15557 15557 D PIF     : Save INCREMENTAL with value: 4
05-16 06:11:44.298 15557 15557 D PIF     : Save MANUFACTURER with value: motorola
05-16 06:11:44.298 15557 15557 D PIF     : Save MODEL with value: XT1575
05-16 06:11:44.298 15557 15557 D PIF     : Save PRODUCT with value: clark_retus
05-16 06:11:44.298 15557 15557 D PIF     : Save RELEASE with value: 6.0
05-16 06:11:44.298 15557 15557 D PIF     : Save SECURITY_PATCH with value: 2016-09-01
05-16 06:11:44.298 15557 15557 D PIF     : Save TAGS with value: release-keys
05-16 06:11:44.298 15557 15557 D PIF     : Save TYPE with value: user
05-16 06:11:44.298 15557 15557 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.298 15557 15557 D PIF     : Set ID field value: MPHS24.49-18-8
05-16 06:11:44.298 15557 15557 D PIF     : Set FINGERPRINT field value: motorola/clark_retus/clark:6.0/MPHS24.49-18-8/4:u
ser/release-keys
05-16 06:11:44.298 15557 15557 D PIF     : Set PRODUCT field value: clark_retus
05-16 06:11:44.298 15557 15557 D PIF     : Set INCREMENTAL field value: 4
05-16 06:11:44.298 15557 15557 D PIF     : Set MANUFACTURER field value: motorola
05-16 06:11:44.298 15557 15557 D PIF     : Set BRAND field value: motorola
05-16 06:11:44.298 15557 15557 D PIF     : Set DEVICE field value: clark
05-16 06:11:44.298 15557 15557 D PIF     : Set MODEL field value: XT1575
05-16 06:11:44.298 15557 15557 D PIF     : Set SECURITY_PATCH field value: 2016-09-01
05-16 06:11:44.298 15557 15557 D PIF     : Set RELEASE field value: 6.0
05-16 06:11:44.299 15557 15557 D PIF     : Found and hooked __system_property_read_callback at 0x7f7ace93b0
05-16 06:11:44.311 15557 15579 D PIF     : [ro.treble.enabled]: true
05-16 06:11:44.312 15557 15579 D PIF     : [sys.use_memfd]: false
05-16 06:11:44.316 15557 15557 D PIF     : [dalvik.vm.dexopt.secondary]: true
05-16 06:11:44.317 15557 15557 D PIF     : [dalvik.vm.dexopt.secondary]: true
05-16 06:11:44.318 15557 15557 D PIF     : [dalvik.vm.dexopt.secondary]: true
05-16 06:11:44.334 15557 15557 D PIF     : [dalvik.vm.dexopt.secondary]: true
05-16 06:11:44.342 15557 15557 D PIF     : Service: 'CertificateFactory' | Algorithm: 'X.509'
05-16 06:11:44.343 15557 15583 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.349 15557 15557 D PIF     : [build.version.extensions.r]: 11
05-16 06:11:44.349 15557 15557 D PIF     : [build.version.extensions.s]: 11
05-16 06:11:44.349 15557 15557 D PIF     : [build.version.extensions.t]: 11
05-16 06:11:44.349 15557 15557 D PIF     : [build.version.extensions.u]: 11
05-16 06:11:44.349 15557 15557 D PIF     : [build.version.extensions.ad_services]: 11
05-16 06:11:44.370 15557 15557 D PIF     : Service: 'KeyStore' | Algorithm: 'BKS'
05-16 06:11:44.370 15557 15588 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.423 15557 15578 D PIF     : [dalvik.vm.dexopt.secondary]: true
05-16 06:11:44.620 15557 15608 D PIF     : Service: 'KeyStore' | Algorithm: 'AndroidCAStore'
05-16 06:11:44.622 15557 15618 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.628 15557 15608 D PIF     : Service: 'KeyStore' | Algorithm: 'BKS'
05-16 06:11:44.628 15557 15619 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.629 15557 15608 D PIF     : Service: 'CertPathValidator' | Algorithm: 'PKIX'
05-16 06:11:44.629 15557 15620 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.644 15557 15608 D PIF     : Service: 'AlgorithmParameters' | Algorithm: '1.2.840.10045.2.1'
05-16 06:11:44.645 15557 15621 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.735 15557 15578 D PIF     : [dalvik.vm.dexopt.secondary]: true
05-16 06:11:44.751 15557 15578 D PIF     : Service: 'KeyStore' | Algorithm: 'AndroidKeyStore'
05-16 06:11:44.752 15557 15578 D PIF     : Service: 'KeyStore' | Algorithm: 'AndroidKeyStore'
05-16 06:11:44.752 15557 15623 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.752 15557 15624 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.755 15557 15578 D PIF     : Service: 'KeyPairGenerator' | Algorithm: 'EC'
05-16 06:11:44.755 15557 15578 D PIF     : Service: 'KeyPairGenerator' | Algorithm: 'EC'
05-16 06:11:44.755 15557 15627 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.756 15557 15626 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.812 15557 15578 D PIF     : DroidGuard call detected. Throw exception!
05-16 06:11:44.859 15557 15578 D PIF     : [ro.build.version.security_patch]: 2024-05-05
05-16 06:11:44.867 15557 15578 D PIF     : [ro.product.first_api_level]: 31
05-16 06:11:44.867 15557 15578 D PIF     : [ro.boot.verifiedbootstate]: green
05-16 06:11:44.882 15557 15578 D PIF     : Service: 'KeyStore' | Algorithm: 'AndroidKeyStore'
05-16 06:11:44.882 15557 15631 D PIF     : java.lang.IllegalArgumentException: field android.os.Build$VERSION.DEVICE_INIT
IAL_SDK_INT has type int, got java.lang.String
05-16 06:11:44.884 15557 15578 D PIF     : DroidGuard call detected. Throw exception!
05-16 06:11:44.884 15557 15578 D PIF     : [ro.secure]: 1
05-16 06:11:44.884 15557 15578 D PIF     : [ro.debuggable]: 0
05-16 06:11:44.886 15557 15578 D PIF     : [ro.board.first_api_level]: 31
05-16 06:11:44.886 15557 15578 D PIF     : [ro.vendor.api_level]: 31
05-16 06:11:45.086 15557 15578 D PIF     : [ro.vendor.api_level]: 31
05-16 06:11:45.086 15557 15578 D PIF     : [hwservicemanager.ready]: true
05-16 06:11:45.087 15557 15578 D PIF     : [ro.vendor.api_level]: 31
05-16 06:11:45.087 15557 15578 D PIF     : [ro.vndk.version]: 35
05-16 06:11:45.090 15557 15578 D PIF     : [ro.surface_flinger.has_wide_color_display]: true
05-16 06:11:45.090 15557 15578 D PIF     : [ro.surface_flinger.has_HDR_display]: true
05-16 06:11:45.092 15557 15578 D PIF     : [ro.build.id]: AP1A.240505.005
05-16 06:11:45.167 15557 15578 D PIF     : [ro.zygote]: zygote64_32

Momo

Hunter

Play Integrity (SPIC)

{
  "accountDetails": {
    "appLicensingVerdict": "LICENSED"
  },
  "appIntegrity": {
    "appRecognitionVerdict": "PLAY_RECOGNIZED",
    "certificateSha256Digest": [
      "_zjHvW5D0vMAQ78JM2p2uWx9XLBnXWGIsg7yiyrP7ec"
    ],
    "packageName": "[com.henrikherzig.playintegritychecker](http://com.henrikherzig.playintegritychecker/)",
    "versionCode": "7"
  },
  "deviceIntegrity": {
    "deviceRecognitionVerdict": [
      "MEETS_BASIC_INTEGRITY"
    ]
  },
  "requestDetails": {
    "nonce": "a2dRWDRXSE1PcTBsRmFFQTVEVkx5ZkNZR09GTzhhM1liZjRVYnBrY2Y4SnNVR3BQeGU\u003d",
    "requestPackageName": "[com.henrikherzig.playintegritychecker](http://com.henrikherzig.playintegritychecker/)",
    "timestampMillis": 1715853567775
  }
}

SafteyNet (SPIC)

{
  "apkCertificateDigestSha256": [
    "/zjHvW5D0vMAQ78JM2p2uWx9XLBnXWGIsg7yiyrP7ec\u003d"
  ],
  "apkDigestSha256": "DptbkXD9gp0gJo6lxUSvpwb8DfNB29O7WvBnFbl4P9I\u003d",
  "apkPackageName": "com.henrikherzig.playintegritychecker",
  "basicIntegrity": true,
  "ctsProfileMatch": false,
  "evaluationType": "BASIC",
  "nonce": "ZWM2NzQ2ZDktMzNiNi00ZjdhLWE4NGItMTkxNGZkZDU1MDBh",
  "timestampMs": 1715853757312,
  "deprecationInformation": "The app is allowlisted to use the SafetyNet Attestation API until the full turndown: [https://g.co/play/safetynet-timeline."](https://g.co/play/safetynet-timeline.%22)
}

The text was updated successfully, but these errors were encountered:

brian6932 · 2024-07-24T14:35:22Z

I believe that this might be due to signing releases with a test key, extracting /system/etc/security/otacerts.zip extracts testkey.x509.pem, while it should extract releasekey.x509.pem.

micky387 · 2024-07-24T15:19:08Z

From your build?

brian6932 · 2024-07-24T15:21:56Z

❯ 7z l Y:/system/etc/security/otacerts.zip

7-Zip 24.07 (x64) : Copyright (c) 1999-2024 Igor Pavlov : 2024-06-19

Scanning the drive for archives:
1 file, 1023 bytes (1 KiB)

Listing archive: Y:\system\etc\security\otacerts.zip

--
Path = Y:\system\etc\security\otacerts.zip
Type = zip
Physical Size = 1023

   Date      Time    Attr         Size   Compressed  Name
------------------- ----- ------------ ------------  ------------------------
2008-01-01 00:00:00 .....         1363          877  testkey.x509.pem
------------------- ----- ------------ ------------  ------------------------
2008-01-01 00:00:00               1363          877  1 files

❯ adb shell getprop ro.modversion
OmniROM-14-202407231726-zenfone9-GAPPS

micky387 · 2024-07-24T15:25:25Z

that doesn't answer my question

brian6932 · 2024-07-24T15:25:39Z

What do you mean "from your build"?

micky387 · 2024-07-24T15:26:35Z

You build it our downloaded from our website?

brian6932 · 2024-07-24T15:26:56Z

Oh, I download it from the repo, I didn't build the ROM myself

micky387 · 2024-07-24T15:27:24Z

Ok, i will look then

micky387 · 2024-07-25T21:53:23Z

So testkey is == to releasekey (Just the name change)
We build and use our private keys with Jenkins and it's stored in this testkey

brian6932 · 2024-07-26T03:21:57Z

Yea I'm not positive if it's just the name change or not, the first link below says even the name would trip it, all I know's that currently CTS doesn't pass, and the most info I've gotten on this were from the following.

https://xdaforums.com/t/4607985 (The BEFORE YOU START section)
https://xdaforums.com/t/4674536/#js-XFUniqueId18 (#6 on the FAQ)
https://github.com/osm0sis/PlayIntegrityFork#failing-device-verdict-on-custom-rom

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CTS Fail #6

CTS Fail #6

brian6932 commented Apr 16, 2024 •

edited

Loading

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

micky387 commented Jul 25, 2024

brian6932 commented Jul 26, 2024 •

edited

Loading

CTS Fail #6

CTS Fail #6

Comments

brian6932 commented Apr 16, 2024 • edited Loading

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

brian6932 commented Jul 24, 2024

micky387 commented Jul 24, 2024

micky387 commented Jul 25, 2024

brian6932 commented Jul 26, 2024 • edited Loading

brian6932 commented Apr 16, 2024 •

edited

Loading

brian6932 commented Jul 26, 2024 •

edited

Loading