MultiROM Once Again Available for the Galaxy S4

Multiboot, or the ability to select betweenmultiple operating systems on a single device at … more

Build an Impractical But Awesome Lego Mindstorm Dock

The vast majority of what we cover here on the XDA-Developers News Portal relates to … more

MultiROM Makes its Way Over to the HTC One (M8)

While browsing our forum, you will undoubtedly find more than a few enticing ROMs available … more

Welcome to the New XDA-Developers Portal!

You may recall that a few weeks ago, we opened up the XDA-2015 forum themesto intrepid users … more
Post Reply

[Q] Issues with Signing Android Factory Images, ROMs and OTA Files.

18th November 2013, 07:06 AM   |  #1  
GoDzPlaY's Avatar
OP Member
Flag Pune
Thanks Meter: 2
79 posts
Join Date:Joined: Apr 2011
I am doing R&D on FOTA(Firmware Update Over the Air) using Nexus 7-Wifi(grouper). For which I followed the following steps.

1. Downloaded the android source from for v 4.2.2_r1 and v 4.3_r1
2. Downloaded the binaries for grouper, extract it to my source folder.
3. Then I compiled the source code using following commands.
i. source build/
ii. lunch full_grouper-userdebug
iii. make -j8 dist
4. After few tries, I had success in compiling the source for Nexus 7(grouper).
5. I got following files in $out/source_4.2.2/dist folder
6. Then I generated my own keys using /development/tools/make_key tool for media, testkey, releasekey, shared, platform.
Assume my keys are locate at /keys folder.
7. Then I created a signed target zip file using following command.
/source/build/tools/releasetools/sign_target_files_apks -v -p ../host/linux-x86 -d /keys
8. From signed target zip file I create
/source/build/tools/releasetools/img_from_target_files -v -p ../host/linux-x86
9. Then I flashed the using fastboot command using the following script:
fastboot oem unlock
fastboot erase boot
fastboot erase cache
fastboot erase recovery
fastboot erase system
fastboot erase userdata
fastboot reboot-bootloader
sleep 10
fastboot -w update
10. The device gets flashed well and is working, but I am getting an log while flashing in which it is unable to find boot.sig, system.sig and recovery.sig
11. Now the file contains a testkey which is not the one that I signed it with.
file located at "/system/etc/security/" on device.
12. Now since the is signed with the default key it gives a mismatch error which I tried to flash an OTA update which is signed by the my custom key.

Now my doubt is:
How can I add boot.sig, recovery.sig and system.sig to
Is there anything I am doing wrong?
Does the recovery checks the current ROM keys from "/system/etc/security/"?
What is the correct procedure to sign the OTA update?
The Following User Says Thank You to GoDzPlaY For This Useful Post: [ View ]
30th September 2014, 07:08 AM   |  #2  
Junior Member
Flag İzmir
Thanks Meter: 0
1 posts
Join Date:Joined: Sep 2014
i am posting this reply just for people who are looking for help too,

you need to explicitly define "BUILD_SECURE := true" in your device make file so that android/build/core/Makefile will use device/*/$(TARGET_DEVICE)/releasekey.x509.pem for OTA_PUBLIC_KEYS
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools
Display Modes

Top Threads in OS Porting by ThreadRank