FORUMS
Remove All Ads from XDA

Signing boot images for Android Verified Boot (AVB) [v8]

11,216 posts
Thanks Meter: 85,976
 
By Chainfire, XDA Ad-Free Senior Moderator / Senior Recognized Developer - Where is my shirt? on 3rd May 2017, 11:16 AM
Post Reply Email Thread
Various Android devices support Android Verified Boot (AVB). A part of this is more commonly known as dm-verity, which verifies system (and vendor) partition integrity. AVB can however also verify boot images, and stock firmwares generally include signed boot images. Of course this does not mean that all signed boot images are using AVB, many OEMs have their own signature verification scheme.

Note: AOSP is moving towards the use of avbtool (taken from Brillo), the following is the old way for signing boot images.

Bootloaders might or might not accept unsigned boot images, and might or might not accept boot images signed with our own keys (rather than the OEM's keys). This depends on the device, bootloader version, and bootloader unlock state.

For example, with the bootloader unlocked, the Google Pixel (and XL) devices accepted unsigned boot images up to (but not including) the May 2017 release. From the May 2017 release onwards, the boot images must be signed if flashed (booted works without), but may be signed with your own key rather than the OEM's.

Note: The situation changes when you re-lock the bootloader. I have not tested this, but documentation implies that (one of) the keys used in the current boot image must be used for future flashes until it is unlocked again.

Generating custom signing keys

The following openssl commands generate all the keys we need. Execute them line-by-line rather than copying the whole block, as you will be asked for input.

Code:
# private key
openssl genrsa -f4 -out verifiedboot.pem 2048
openssl pkcs8 -in verifiedboot.pem -topk8 -outform DER -out verifiedboot.pk8 -nocrypt

# public key
openssl req -new -x509 -sha256 -key verifiedboot.pem -out verifiedboot.x509.pem
openssl x509 -outform DER -in verifiedboot.x509.pem -out verifiedboot.x509.der
For future signings, you do not need the .pem files, and they can safely be deleted once the .pk8 and .der files are generated. In AOSP's implementation, they were never even written to disk in the first place.

Security-wise, documentation states it is advisable to use a different set of keys for each device you support; though obviously this doesn't matter much if the device is running with the bootloader in unlocked state.

Signing the boot image

Download the attached BootSignature.jar file (built from AOSP sources), and sign the boot image using the keys generated above with the following commands:

Code:
java -jar BootSignature.jar /boot boot.img verifiedboot.pk8 verifiedboot.x509.der boot_signed.img
java -jar BootSignature.jar -verify boot_signed.img
Instead of /boot, /recovery and other values may be used. Their use should be obvious.

From Android

Attached is also BootSignature_Android.jar, which is a version ProGuard-reduced against SDK 21 and then dexed. Provided /system is mounted as is usual on Android (on the Pixel (XL), TWRP mounts this differently by default!), it can be used like this:

Code:
dalvikvm -cp BootSignature_Android.jar com.android.verity.BootSignature /boot boot.img verifiedboot.pk8 verifiedboot.x509.der boot_signed.img
dalvikvm -cp BootSignature_Android.jar com.android.verity.BootSignature -verify boot_signed.img
The base command can be extended as follows to make it able to run without any precompiled files present on the device:

Code:
/system/bin/dalvikvm -Xbootclasspath:/system/framework/core-oj.jar:/system/framework/core-libart.jar:/system/framework/conscrypt.jar:/system/framework/bouncycastle.jar -Xnodex2oat -Xnoimage-dex2oat -cp BootSignature_Android.jar com.android.verity.BootSignature ...
Flashable ZIP

Attached is also VerifiedBootSigner.zip, this is a flashable ZIP for FlashFire/TWRP/etc that signs the currently flashed boot image, if it isn't signed already. You can simply flash this after installing a SuperSU version or custom boot image or whatever that doesn't sign the boot image itself already.

I've tried to make it very portable (borrowing ample script from the SuperSU ZIP, as well as its signing keys), but I have only tested it on my Pixel XL.

Note that it does depend on Android files in the system partition, so if (aside from the unsigned boot image) your system isn't functional, the ZIP may not work either.

If the boot image is already signed when you flash the ZIP, it will offer to abort or force re-sign.

If you place custom.pk8 and custom.x509.der files inside the ZIP, these keys will be used for flashing instead of SuperSU's default keys. Additionally, /tmp/avb/custom.pk8 and /tmp/avb/custom.x509.der will override any keys from the ZIP.

There is some more documentation in the update-binary file inside the ZIP as well.

Note: If you're using TWRP's manual slot selection on the Pixel (XL), you must be using TWRP-v3.1.0-RC2 or newer, or it will not work as expected.

Todo
- test what happens when the bootloader is re-locked on multiple devices supporting AVB
- test what happens when dm-verity is kept enabled on a custom/modified boot image with a different image signature than dm-verity signature
Attached Files
File Type: jar BootSignature.jar - [Click for QR Code] (1.54 MB, 5786 views)
File Type: jar BootSignature_Android.jar - [Click for QR Code] (27.4 KB, 5258 views)
File Type: zip VerifiedBootSigner-v8.zip - [Click for QR Code] (37.8 KB, 16062 views)
The Following 205 Users Say Thank You to Chainfire For This Useful Post: [ View ]
 
 
3rd May 2017, 09:05 PM |#2  
D1stRU3T0R's Avatar
Senior Member
Flag Beclean
Thanks Meter: 379
 
More
-reserved-

*finally my dream come true, btw, nice job on doing this, keep it up man*
The Following User Says Thank You to D1stRU3T0R For This Useful Post: [ View ] Gift D1stRU3T0R Ad-Free
3rd May 2017, 10:28 PM |#3  
SalmanSH1's Avatar
Member
Flag Lahijan
Thanks Meter: 10
 
More
Super great
3rd May 2017, 10:59 PM |#4  
Member
Thanks Meter: 87
 
Donate to Me
More
Great write up! So I take it we can no longer distribute kernel images without first integrating them into the boot image and then signing it? That negates the whole point of being able to flash the kernel individually with fastboot!
4th May 2017, 02:04 PM |#5  
youdoofus's Avatar
Senior Member
Flag Sioux Falls, SD
Thanks Meter: 331
 
More
thank God Chanifire hasnt left us entirely!!!
4th May 2017, 02:17 PM |#6  
Senior Member
Flag Chicago
Thanks Meter: 202
 
More
This gives me hope my Pixel isn't dev dead. Thank you, CF!
4th May 2017, 04:29 PM |#7  
methuselah's Avatar
Senior Member
Thanks Meter: 1,396
 
More
@Chainfire you not going to reply but still, you are responsible i have faith in Android... Development is most of the times happens because of you ....It always revolves around you ... One man army i would say. Thank you for all your works. We all owe you a lot...
The Following 2 Users Say Thank You to methuselah For This Useful Post: [ View ] Gift methuselah Ad-Free
4th May 2017, 05:29 PM |#8  
Senior Member
Thanks Meter: 30
 
More
Is it possible to create the signature for boot bundle with openssl alone (i.e. without this BootSignature.jar ) ?
4th May 2017, 09:31 PM |#9  
mirhl's Avatar
Senior Member
Flag Corte
Thanks Meter: 949
 
More
Wasn't self-signing boot images already kind of possible?
The Following User Says Thank You to mirhl For This Useful Post: [ View ] Gift mirhl Ad-Free
5th May 2017, 07:21 AM |#10  
Chainfire's Avatar
OP Senior Moderator / Senior Recognized Developer - Where is my shirt?
Thanks Meter: 85,976
 
Donate to Me
More
Quote:
Originally Posted by cr2

Is it possible to create the signature for boot bundle with openssl alone (i.e. without this BootSignature.jar ) ?

Not just with openssl, no. How the boot signature works is not properly documented, but of course you could read the source in AOSP and make your own version.

Quote:
Originally Posted by mirhl

Wasn't self-signing boot images already kind of possible?

Apart from both of these things talking about signatures, they are unrelated. However, self-signing images has been supported for quite a while on several devices, it just wasn't required. CopperheadOS - as far as I know - is the only project that has actively been using it until now.
The Following 8 Users Say Thank You to Chainfire For This Useful Post: [ View ]
5th May 2017, 10:36 AM |#11  
Senior Member
Thanks Meter: 297
 
Donate to Me
More
is it possible to sign the boot image in recovery?
Hi @Chainfire ! Thank you for this great find (and for everything else what you have done for us during the last years )!!
I would like to ask one question... Do you think it would be possible to sign the boot image on the fly in recovery? For example when changing the recovery image, before flashing the boot image back?
Your instructions use "dalvikvm" on android, and I ran the command successfully under a running android system. But what about recovery ?
I would be interested in your thoughts on this
Or am I completely wrong, and images "dumped" via dd can't be signed and flashed back?

I would really appreciate if you could point me in the right direction, how it could be possible to do this. (create an executable instead of the BootSignature.jar file? leave this, because it is not possible? start a java vm under recovery? ....)


Thanks in advance!
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes