its easy... after decryption if you still cant open the zip they changed the key ^^

Quote:

Originally Posted by thor2002ro

its easy... after decryption if you still cant open the zip they changed the key ^^

but how can we know what is the new key?

Quote:

Originally Posted by kimycai

but how can we know what is the new key?

Same way someone figured out it's xor12 the first time. Either being brilliant in staring at hex dumps of the file, or finding out from an internal source. Xor12 isn't really an encryption scheme as much as it's a means to prevent the easy access to the files inside. It was most likely used because it wouldn't slow the update process to a crawl if they used something more secure like RSA.

Just my $0.02

Oh my. You know that ZIPs start with 'PK'.. and Acer is using one byte as xor mask. So just xor the first byte of file with 'P' and you get the key

Quote:

Originally Posted by thor2002ro

I made a tool so we can decrypt the acer updates easier.

Also added decryption key change if acer decides to change the key.

http://www.virustotal.com/file-scan/...732-1306538282

hi，do U know how to sign an update.zip for A500，as i signed the zip file using testkey.x509.pem and testkey.pk8 ，but the recovery cant fount it and flash it，Why？Acer changed the key？but how can we sign it correctly？

Quote:

Originally Posted by sp3dev

Oh my. You know that ZIPs start with 'PK'.. and Acer is using one byte as xor mask. So just xor the first byte of file with 'P' and you get the key

hi，do U know how to sign an update.zip for A500，as i signed the zip file using testkey.x509.pem and testkey.pk8 ，but the recovery cant fount it and flash it，Why？Acer changed the key？but how can we sign it correctly？

Quote:

Originally Posted by kimycai

hi，do U know how to sign an update.zip for A500，as i signed the zip file using testkey.x509.pem and testkey.pk8 ，but the recovery cant fount it and flash it，Why？Acer changed the key？but how can we sign it correctly？

Don't confuse this simple zip encryption with xor'ing and real signatures for update.zip. Acer are using their own private keys to sign the updates. So we're out of luck here

Quote:

Originally Posted by sp3dev

Don't confuse this simple zip encryption with xor'ing and real signatures for update.zip. Acer are using their own private keys to sign the updates. So we're out of luck here

yes i do know the difference，so we cant sign the update.zip until Acer unleash the private key？

It's not like they ever will. For sure it's used not only in Iconia, so releasing it would be stupid. Our only hope is an unlocked bootloader to be able to flash custom kernel and recovery

Quote:

Originally Posted by sp3dev

Oh my. You know that ZIPs start with 'PK'.. and Acer is using one byte as xor mask. So just xor the first byte of file with 'P' and you get the key

and i cant understand what u said clearly,can u explain more clearly for my poor english. i can see that the encrypted file starts with "BY........bŽ.,.È.ãB...f.......S_AA<h{bg™#.’2. Q-l'ÃË.ª««¨k...òúè%^v‘i"`B,66"∴[Á8›ñ˜Ò.Œ|ºJÊýUv\ïy7×¢s}JÊ.bÂÌ´+..gc.k..BY........ý f.,............"

and the decrypted file starts with "PK........pœm>.Ú.ñP...t.......AMSS.zipu‹1.€ .C?~5ÑÙ.¸¹¹ºy...àèú7Ldƒ{0rP>$$0ðš¦IÓ*‰ãŠÀ<žn¨XØïGd Nýk%Å°aoXØmpÐÞ¦9.‚uq.y..PK........ïtm>............ "
so,how can we do to get the key "$12", and what is "xor12"?