Android make broadcast receiver secure

Question

I'm trying to implement a "secure" broadcast receiver which only receives broadcasts from a specific app. This is because I want to make a plugin to my app which triggers actions via broadcasts. As this actions are (partly) sensible it would be nice to check if the sender is really my application. As far as I have seen it's impossible to check the sender package?? Would it be secure to define a custom permission for that? If yes, how can I do this? What other possibilities are there to achieve this?

Thanks in advance!

Answer 1

Would it be secure to define a custom permission for that?

If both the app and the plugin are written by you, a custom permission with android:protectionLevel="signature" would seem to be the ideal solution for your problem. No apps will be able to send broadcasts to your receiver without holding that permission, which can only be held by apps signed by the same signing key. As a bonus, users do not have to agree to the permission at install time.

Pro tip: define the <permission> element in both the app and the plugin, so the install order of those two does not matter.

Note that custom permissions have a security flaw prior to Android 5.0, and that on Android 5.0+ no two apps can define the same permission unless they are signed by the same signing key .

Answer 2

Define a custom permission in your manifest:

<permission android:name="com.example.myapp.permission.NAME"
    android:protectionLevel="normal" />

On your receiver, add permission attribute:

<receiver android:name="MyReceiver" 
    android:permission="com.example.myapp.permission.NAME" />