Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,778,037 Members 52,155 Now Online
XDA Developers Android and Mobile Development Forum

Restoring evo RSA keys manually [HOWTO]

Tip us?
 
haxt
Old
(Last edited by haxt; 1st February 2011 at 10:17 AM.) Reason: Update
#1  
Junior Member - OP
Thanks Meter 7
Posts: 8
Join Date: Jul 2009
Default Restoring evo RSA keys manually [HOWTO]

I was one of the people that did the initial backup methods (telling you how to backup your certificate and rsa keys) or using cat which doesn't actually backup your wimax.img properly. After hours of playing around in a hex editor I finally got my 4g working again, and i'll explain how

****EDIT****

I added a hex converter you can use for your rsa key if you are too lazy to find one on google. I say to use hex instead of text replace because it's safer in regards to \n's

I was too lazy to make a gui for it but its haxt.net/evohex.php?rsa=yourrsa&cert=yourcert [obviously replace it with your 2 values]

Also, don't try to flash this image without editing it. The rsa key is invalid until you put your valid key in!

***********

Note - this won't work for anybody who actually has no idea what their RSA keys/certificate is.

So there are a few things you need first.

1. Your phones wimax mac address (take out your battery and look at the sticker)
2. Your RSA private key
3. Your Certificate
4. The wimax image file template I attached here in the zip

To simplify, use XVI32 freeware hex editor. If you search "BEGIN" you will see begin rsa key and begin certificate. You need to copy these values for later use.

Download the template file and open it in the hex editor.

Our template's mac is 00:18:41:81:8B:5C

Our templates Certificate is :

http://pastebin.com/vEnKFtS8

Our templates RSA Certificate is :

http://pastebin.com/gJbrh3ii

Convert both of these strings to hexidecimal and write them down! (it will look like a bunch of 4D 49 49 44 6B 44 43 43 41 6E 69 67 41 77 49 42 41 67 49 51 5A 4F 75 35 44 5A 4C 55 44 76 44 57 4B 57 2F 36 6D 48 66 4C 4F 54 type stuff)

If you don't know what your rsa key or certificate is, open it up in a unix friendly text editor(on windows i recommend notepad++). Search case sensitive for BEGIN. You will see the begin rsa key and begin certificate. Copy all of the text in between with no spaces or newlines! Now convert these both to hex and write them down.

Hit search -> replace on xvi32, click hex search and paste your converted hex for the templates RSA key.. and then replace with the hex value of YOUR rsa key. Do the same thing for the certificate as well.

The length of our templates rsa key might be different than yours, and your ending file size MUST be the same as your starting file size(the template is 12,582,912 bytes). There are a bunch of null characters in the template after --END KEY--- you might need to add or remove some to correct this! Just click on one and press the delete key if you have to :P



Now the only thing you have to do is fix your mac. In your new wimax partition file, text search for 00:18:41:81 to Replace that mac with your mac but subtract 1 from the last digit(if your mac was 00:23:76:EC:214 put 00:23:76:EC:213).

Replace the first 2 of the 3 instances with your mac -- minus 1. (If it ends on a letter, B would become A, C would become B, etc.

The last instance of your mac, put the actual mac address with nothing subtracted as it appears on the sticker under your battery.



Once you have saved the file.. name it something like wimax_fixed_resized.img and copy it to your sdcard.

Boot to fastboot and run "fastboot erase wimax"

Reboot to your recovery and adb shell in.

type "mount /sdcard" so you can run flash_image properly.

Run flash_image wimax /sdcard/wimax_fixed_resized.img
(or whatever you named it)


Profit!
Attached Files
File Type: zip wimaxtemplate.zip - [Click for QR Code] (3.31 MB, 657 views)
The Following 7 Users Say Thank You to haxt For This Useful Post: [ Click to Expand ]
 
redsolar
Old
#2  
Senior Member
Thanks Meter 0
Posts: 123
Join Date: Jan 2009
One highly recommended addition to this is to use the correct ROM base version while you do this for testing if your wimax restored correctly. Quite often firmware/wimax mismatches will cause things to not auto connect, or various odd issues (true story)

Thanks for writing this up - I was planning on doing it at some point with a full guide on how to backup and restore the whole nine yards, but this will do in the meantime for people who want to restore things.
 
freeza
Old
#3  
freeza's Avatar
Recognized Developer
Thanks Meter 9512
Posts: 4,248
Join Date: May 2006
Location: Pasadena, CA

 
DONATE TO ME
At first I thought this was for people who had lost their own RSA keys lol.

Great tutorial nonetheless.
 
kybeck55
Old
#4  
Member
Thanks Meter 10
Posts: 79
Join Date: Oct 2010
Quote:
Originally Posted by haxt View Post
I was one of the people that did the initial backup methods (telling you how to backup your certificate and rsa keys) or using cat which doesn't actually backup your wimax.img properly. After hours of playing around in a hex editor I finally got my 4g working again, and i'll explain how

****EDIT****

I added a hex converter you can use for your rsa key if you are too lazy to find one on google. I say to use hex instead of text replace because it's safer in regards to \n's

I was too lazy to make a gui for it but its haxt.net/evohex.php?rsa=yourrsa&cert=yourcert [obviously replace it with your 2 values]

***********

Note - this won't work for anybody who actually has no idea what their RSA keys/certificate is.

So there are a few things you need first.

1. Your phones wimax mac address (take out your battery and look at the sticker)
2. Your RSA private key
3. Your Certificate
4. A wimax.img from an evo that has has an intact wimax partition(borrow a friends nandroid backup).

To simplify, use XVI32 freeware hex editor. If you search "BEGIN" you will see begin rsa key and begin certificate. You need to copy these values for later use.

Next, open up the backup you got from a friend and save the certificate/rsa information between the ---BEGIN --- and ---END --- tags.

Now that you have the rsa key/certificate for both it is time to run a str_replace.

(Make sure to look at the original file size of the backup you got of someones wimax.img. Once you are done the file size needs to be the same).

Take YOUR rsa key and convert it to hexidecimal.. you can find tons of sites that will do this .. just google convert string to hex (it will be a long string of stuff like 4D 49 49 44 6B 44 43 43 41 6E 69 67 41 77 49 42 41 67 49 51).

Next, take your buddies RSA key and convert it to hex as well.

Open a copy of your buddies backup now and this will be used as the template for your new wimax partition. Hit search -> replace. For the hex to search paste your buddies RSA key you converted to hex.. and for the replace with.. put the hex of your rsa key.

Repeat these last steps for the certificate as well (convert to hex and replace your buddies certificate with your own certificate text)

REMEMBER!!!! if the length is not the same of the certificate/key you can fix this by adding or removing the blank bytes at the end of the ---END RSA or --END CERTIFICATE area.

You should be able to save the file now and the size should be exactly the same as the original backup you borrowed.



Now the only thing you have to do is fix your mac. In your new wimax partition file, search for 00: to locate the mac address of your buddies partition. You might find a few random ones first but just look at the surrounding text to know it's their mac. Replace that string with your mac but subtract 1 from the last digit(if your mac was 00:23:76:EC:214 put 00:23:76:EC:213).

Replace the first 2 of the 3 instances with your mac -- minus 1. (If it ends on a letter, B would become A, C would become B, etc.

The last instance of your mac, put the actual mac address with nothing subtracted as it appears on the sticker under your battery.



Once you have saved the file.. name it something like wimax_fixed_resized.img and copy it to your sdcard.

Boot to fastboot and run "fastboot erase wimax"

Reboot to your recovery and adb shell in.

type "mount /sdcard" so you can run flash_image properly.

Run flash_image wimax /sdcard/wimax_fixed_resized.img
(or whatever you named it)


Profit!
is there any way to break it down anymore? and do you have to use a buddies backup? i have my RSA keys i made a backup a while ago... cant you just use one of your old backups and replace wimax? thanks in advance and thanks for the post.
 
Caanon
Old
#5  
Member
Thanks Meter 10
Posts: 95
Join Date: Aug 2010
Great post, had been wondering how to actually restore the wimax keys once you had 'em.

Question for any devs that may have them: are the RSA keys generated by or linked to MAC ID somehow? Would it be possible to use backups of an one phone's keys with the another phone's baseband MAC ID?
 
haxt
Old
#6  
Junior Member - OP
Thanks Meter 7
Posts: 8
Join Date: Jul 2009
I'll try to clean up the post to make it an easier read tomorrow but if you have an intact backup of your wimax image you can just restore it with flash_image or fastboot.. or just restore the nandroid backup. This is just for people that have the key itself but the image they have might be corrupted. If it would help everyone I can take a working wimax.img and remove the RSA keys so you can just download it as a template and put your keys in
 
haxt
Old
#7  
Junior Member - OP
Thanks Meter 7
Posts: 8
Join Date: Jul 2009
I updated the thread.. has a template file in there too with dummy certs and keys to make it easier for you guys.
 
mroneeyedboh
Old
#8  
mroneeyedboh's Avatar
Senior Member
Thanks Meter 470
Posts: 1,676
Join Date: Feb 2008
This is a big deal bro. Thanks!
 
NYCHitman1
Old
#9  
NYCHitman1's Avatar
Senior Member
Thanks Meter 1499
Posts: 2,233
Join Date: Apr 2010
Location: Long Island, NY

 
DONATE TO ME
Has anyone been having issues connecting to 4G? I've been having some issues where it authenticates, launches then disconnects. My keys are present but not really sure what else to do from here.
 
Caanon
Old
#10  
Member
Thanks Meter 10
Posts: 95
Join Date: Aug 2010
Quote:
Originally Posted by NYCHitman1 View Post
Has anyone been having issues connecting to 4G? I've been having some issues where it authenticates, launches then disconnects. My keys are present but not really sure what else to do from here.
Does it get to the "Obtaining IP Addres..." then moves to "Disconnected"?

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Software Build Automation with Jenkins – XDA Developer TV

Many members of the XDA community come to learn and begin in the exciting … more

Add Bits and Pieces of Honami to Your Current ROM

In the last few months, we’ve talked about quite a few Sony Honami-related projects. … more

Always Enter the Correct Password with HideNoPasswords

If you’ve ever entered apassword on your mobile device, you’ve surely … more

Revert to Stock Recovery Effortless with Simple Recovery Switcher

Android updates released as OTA packages are very easy to apply,but they … more