[Feature Request] Let Android System silently add repositories
I am part of a team who implement a custom ROM and we need the ability to add repositories to F-Droid client silently from some system app.
The thing at https://gitlab.com/uniqx/provi and sending an intent to F-Droid to add a repo, both don't satisfy the requirement because they both need user approval. This is due to the fact that anyone can send an intent to F-Droid and anyone can copy some provisioning files to external storage.
This might work somehow like described here: https://forum.f-droid.org/t/using-f-droid-in-emteria-os/3043/7?u=habimm
Another idea for enabling this feature is the following: The system sends a signed intent to F-Droid with the repo to be added. Then F-Droid verifies the signature and adds the repo without showing the Add Repo prompt. The idea is that showing the Add Repo prompt is only done to make sure that this is what the user wants. Since the user has agreed to use the system, if the system wants something, then we can assume the user will also agree.
This might work like this from the F-Droid perspective:
-
- On initial self-configuration, get system's RSA public key somewhere from /system/
-
- Receive a special intent with two data packets: a URL and an RSA signature.
-
- Verify the RSA signature via system's RSA public key.
-
- If ok, then add the repo; otherwise do nothing.
And from the system's perspective:
-
- The whole is system is build for a fixed, priorly generated RSA public/private key pair. The public part is stored in a special public place in /system/ and the private part is stored in a special secret place.
-
- At some point, the system decides to configure F-Droid, and to send some configurations to it. In our case a configuration just consists of some repo URLs.
-
- That configuration is signed and sent to F-Droid as an intent. That's it.