Good way to backup WiMax RSA keys. Works before Rooting, and on stock OEM Roms.

Search This thread

BooDaddy

Senior Member
Jun 12, 2008
85
32
In my endeavor to get rooted on my newly aquired Evo, I learned the RSA keys can easily be jacked up by flashing the wrong stuff to your phone. So, before I went flashing, and rooting away, I wanted a good way to backup the RSA keys on my phone. There are numerous threads out there about where the keys are located, and why some software jacks them up, but this is a good way to get a dump of the keys for safe keeping.

If anyone has any suggestions, feel free to PM me or reply below and I will update the thread as needed!

I am going to assume you are coming from a stock un-rooted phone. This should also work with any other Rom out there as well.

If you have already rooted your phone, you can still grab your RSA keys. See the instructions at the bottom if you have already rooted.

Prerequisites:
You will need to install the USB drivers for the phone. You can find several threads on the forum about getting the proper drivers for the phone. The way I did it was install HTC Sync from this site: http://www.htc.com/us/support/evo-sprint/downloads/
This will install two sets of programs, one will be your driver package, and the other is the actual HTC Sync program. You can go into add/remove programs and remove the HTC Sync program, but leave the HTC Device drivers.

You will also need a copy of adb in order to open a shell to the phone. This runs on your Windows machine, and connects to the phone via USB and lets you send commands to the phones shell. You can find adb all over the forums, but I have included a copy here:
http://gigahype.net/files/adb_shell.zip
Download that and extract it somewhere on your system. Something like C:\adb_shell will be fine. For simplicity, we will use this location in this tutorial.

Now, lets get started:
1. First, enable USB debugging by going to Settings > Applications > Development > and checking USB Debugging.

2. Grab and install z4root onto your Evo from this thread:
http://forum.xda-developers.com/showthread.php?t=833953

Once you have z4root installed, run it, and choose Temporary root. This will take a few seconds to complete so be patient. It will come to a screen that says temp root was a success.

3. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.

4. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell

5. type the following into the command line:
Code:
adb shell
su

Once you type the su command, your phone will prompt asking you to click to allow superuser. Go ahead and click Allow superuser. This will allow the adb shell to get temporary root access.

6. Once you click Allow superuser, your adb shell (in your command window) should now be at a root command line prompt. You can tell if you are at a root command line by the # symbol being displayed. If you see a $ or something other than # then you are not at a root command prompt. GO back and try again :(

7. If you do indeed have a # then proceed by running the following command. Please type it exactly as you see it. If you are familiar with Linux command strings, this will look familiar.

Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

8. Your done! :D
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.

If You have already rooted your phone the process is much easier:

1. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.

2. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell

3. type the following into the command line:
Code:
adb shell
That will immediately drop you to a root command on your phone. You will see the # indicating you are at a root command prompt.

4. Proceed with the sed command below:
Code:
sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

NOW PAY ATTENTION. Once the command completes succesfully, you will not get any reports of it completing. It will simply drop back to the # prompt.
If you get an error that states something similar to "sed command not found" then you do not have busybox running on your phone. That's ok, its not the end of the world. Keep reading, were going to modify the command a little.

Run this command only if you received an error stating "sed command not found" or something similar:
Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

5. Your done!
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.



CONGRATS! You have just grabbed a backup of your RSA keys! Put these in a safe place :)

Again, if anyone has any suggestions, please feel free to let me know! Hope this helps!
 
Last edited:

bvermett

Member
Jun 4, 2010
26
1
Will this work to fix a phone that lost its rsa keys if you have another phone that has its rsa keys in tact.

Sent from my PC36100 using XDA App
 

BooDaddy

Senior Member
Jun 12, 2008
85
32
great thread and good info...can you modify this to include the people that already have root? thanks in advance

Good idea. I have udpated the instructions to include folks that are already rooted.

Will this work to fix a phone that lost its rsa keys if you have another phone that has its rsa keys in tact.

Honestly, I am not sure. But, if you do have another Evo that has good RSA keys, its possible. You could, in theory, use my directions to get a copy of the keys from one phone and copy them to another phone using another similar and easy Lniux command. The only problem is those 2 phones couldn't be used at the same time. Tee process would be a little similar to cloing ESN/MEID's, so I do not think I would be able to post the command to do so. It would be another simple Linux command to copy the keys you have back to the WiMax parition, replacing the ones that are on the phone now.
 

TD22057

Senior Member
Sep 6, 2010
62
6
Thanks! I'm just getting ready to root for the first time and I'll be a lot more comfortable knowing my keys are backed up.

For completeness, it might be nice to include instructions on how to restore the keys from the backup as well.

Sent from my EVO using XDA app.
 

TheMagicalSock

Senior Member
Aug 16, 2010
167
3
Mine was 97 kb. Never flashed anything radio-related or any dev ROMs. Seems like they're probably gone. I saw the 'size can vary', but unless your phone is endowed with a huge RSA key, I'd say they've probably picked up shop and moved on.

Sent from my PC36100 using XDA App
 
  • Like
Reactions: blueridgedog

casper97ta

Senior Member
Nov 26, 2010
282
11
Just did this with terminal emulator and it worked perfect. file size was 4575mb. Im sure this will help out a lot of people. I know its been asked but how the hell do you restore the keys if they get dropped?
 

KommodoreHeinz

Senior Member
Aug 13, 2010
420
275
Excellent Work!!

Excellent find and write up. Quick and easy. I was able to this all through adb wireless, and the file size is 4,575KB. Now the big question thats on everyones mind, how do we put them back.

I checked my RSA keys (here) before and after doing this and here is what i came up with:


Code:
C:\Documents and Settings\Kommodore Heinz\EVO Stuff\SDK>adb connect 192.168.1.4:5555
connected to 192.168.1.4:5555

C:\Documents and Settings\Kommodore Heinz\EVO Stuff\SDK>adb shell
# grep RSA /dev/mtd/mtd0

grep RSA /dev/mtd/mtd0
RSA-REQUEST
RSA-REPLY
RSA-REJECT
RSA-ACK
RSA-1024
RSA-REQUEST
RSA-REPLY
RSA-REJECT
RSA-ACK
RSA-1024
RSA
ReRSA
RSA requests
RSA replies
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
#

According to what I've been reading this all looks correct.
 
Last edited:

Wayno-san

Senior Member
Mar 15, 2008
173
4
I'm in adb shell but only get the "$" icon. When I type in "su" I get "permission denied". It looks like adb is seeing my phone because when I do an "ls" on it it displays the directory contents. Is there anything on the phone that I have to do to enable superuser access through adb?

My phone is rooted.

Thanks.

DOH! Never mind, I didn't notice the prompts on the phone. /Embarrased/

Unfortunately I get the following when I tried both the commands:
sed: not found
busybox: not found
 
Last edited:

casper97ta

Senior Member
Nov 26, 2010
282
11
I'm in adb shell but only get the "$" icon. When I type in "su" I get "permission denied". It looks like adb is seeing my phone because when I do an "ls" on it it displays the directory contents. Is there anything on the phone that I have to do to enable superuser access through adb?

My phone is rooted.

Thanks.

DOH! Never mind, I didn't notice the prompts on the phone. /Embarrased/

Unfortunately I get the following when I tried both the commands:
sed: not found
busybox: not found

If you are running titanium backup, hit the "problems" button at the bottom when you open titanium up, it will ask you if you want to install busybox. see if that helps.

also, try running this command first "busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key"
 
  • Like
Reactions: jcarlospr

Wayno-san

Senior Member
Mar 15, 2008
173
4
If you are running titanium backup, hit the "problems" button at the bottom when you open titanium up, it will ask you if you want to install busybox. see if that helps.

also, try running this command first "busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key"

I tried that first (updating busybox via Ti backup). It appears to have updated successfully but I'm still getting the "busybox: not found" message. Going to try to reboot and reconnect and give it another shot.


Update: Still no-go. Do I need to somehow "start" busybox on the phone first?
 
Last edited:

casper97ta

Senior Member
Nov 26, 2010
282
11
Have you tried running that busy box command line? other than that you might want to try PM'ing the Op to see if he knows a little more.
 

Wayno-san

Senior Member
Mar 15, 2008
173
4
Have you tried running that busy box command line? other than that you might want to try PM'ing the Op to see if he knows a little more.

Yes sir. Here's what I entered into a command window run as Admin:
Code:
C:\EVO>adb shell
adb server is out of date.  killing...
* daemon started successfully *
$ su
su
# sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
sed: not found
# busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
busybox: not found
# ls
ls
app-cache
config
cache
sdcard
acct
mnt
d
etc
system
sys
shutdown.supersonic.rc
sbin
proc
init.supersonic.rc
init.rc
init.goldfish.rc
init
default.prop
data
bootcomplete.supersonic.rc
root
dev
# busybox
busybox
busybox: not found
#

I also tried the adb from the latest SDK but got the same results (minus the "out of date" message).


UPDATE: I was finally able to do this... I had to have the phone in RECOVERY. I'm not sure if that should be obvious but it wouldn't hurt adding to the original instructions.
 
Last edited:

NinjaWolf

Senior Member
Dec 28, 2010
452
229
24
California
Re Wimax backup

ok,i know this is a noob question, but if i did this then my pri/wimax got jacked up and deleted,would this still work by putting it back.

thankk:):D
 

willy900wonka

Senior Member
Dec 14, 2009
644
74
Penguinville
When is a key not a key? When it contains everything to the EOF

Maybe you should rename RSA_oem.key to end_of_file_starting_with_BEGIN_RSA.stuff . Just saying.

Wana see something neat (whether your nandroids have a copy of your RSA keys) do:
#grep RSA /sdcard/nandroid/HT065HL*****/(NAME OF NANDROID)/wimax.img
Substitute the name of your nandroid back up file for: NAME OF NANDROID.
That shows whether your RSA keys are currently backed up, by RA's recovery only at this time.

In my endeavor to get rooted on my newly aquired Evo, I learned the RSA keys can easily be jacked up by flashing the wrong stuff to your phone. So, before I went flashing, and rooting away, I wanted a good way to backup the RSA keys on my phone. There are numerous threads out there about where the keys are located, and why some software jacks them up, but this is a good way to get a dump of the keys for safe keeping.

If anyone has any suggestions, feel free to PM me or reply below and I will update the thread as needed!

I am going to assume you are coming from a stock un-rooted phone. This should also work with any other Rom out there as well.

If you have already rooted your phone, you can still grab your RSA keys. See the instructions at the bottom if you have already rooted.

Prerequisites:
You will need to install the USB drivers for the phone. You can find several threads on the forum about getting the proper drivers for the phone. The way I did it was install HTC Sync from this site: http://www.htc.com/us/support/evo-sprint/downloads/
This will install two sets of programs, one will be your driver package, and the other is the actual HTC Sync program. You can go into add/remove programs and remove the HTC Sync program, but leave the HTC Device drivers.

You will also need a copy of adb in order to open a shell to the phone. This runs on your Windows machine, and connects to the phone via USB and lets you send commands to the phones shell. You can find adb all over the forums, but I have included a copy here:
http://gigahype.net/files/adb_shell.zip
Download that and extract it somewhere on your system. Something like C:\adb_shell will be fine. For simplicity, we will use this location in this tutorial.

Now, lets get started:
1. First, enable USB debugging by going to Settings > Applications > Development > and checking USB Debugging.

2. Grab and install z4root onto your Evo from this thread:
http://forum.xda-developers.com/showthread.php?t=833953

Once you have z4root installed, run it, and choose Temporary root. This will take a few seconds to complete so be patient. It will come to a screen that says temp root was a success.

3. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.

4. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell

5. type the following into the command line:
Code:
adb shell
su

Once you type the su command, your phone will prompt asking you to click to allow superuser. Go ahead and click Allow superuser. This will allow the adb shell to get temporary root access.

6. Once you click Allow superuser, your adb shell (in your command window) should now be at a root command line prompt. You can tell if you are at a root command line by the # symbol being displayed. If you see a $ or something other than # then you are not at a root command prompt. GO back and try again :(

7. If you do indeed have a # then proceed by running the following command. Please type it exactly as you see it. If you are familiar with Linux command strings, this will look familiar.

Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

8. Your done! :D
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.

If You have already rooted your phone the process is much easier:

1. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.

2. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell

3. type the following into the command line:
Code:
adb shell
That will immediately drop you to a root command on your phone. You will see the # indicating you are at a root command prompt.

4. Proceed with the sed command below:
Code:
sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

NOW PAY ATTENTION. Once the command completes succesfully, you will not get any reports of it completing. It will simply drop back to the # prompt.
If you get an error that states something similar to "sed command not found" then you do not have busybox running on your phone. That's ok, its not the end of the world. Keep reading, were going to modify the command a little.

Run this command only if you received an error stating "sed command not found" or something similar:
Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

5. Your done!
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.



CONGRATS! You have just grabbed a backup of your RSA keys! Put these in a safe place :)

Again, if anyone has any suggestions, please feel free to let me know! Hope this helps!
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 28
    In my endeavor to get rooted on my newly aquired Evo, I learned the RSA keys can easily be jacked up by flashing the wrong stuff to your phone. So, before I went flashing, and rooting away, I wanted a good way to backup the RSA keys on my phone. There are numerous threads out there about where the keys are located, and why some software jacks them up, but this is a good way to get a dump of the keys for safe keeping.

    If anyone has any suggestions, feel free to PM me or reply below and I will update the thread as needed!

    I am going to assume you are coming from a stock un-rooted phone. This should also work with any other Rom out there as well.

    If you have already rooted your phone, you can still grab your RSA keys. See the instructions at the bottom if you have already rooted.

    Prerequisites:
    You will need to install the USB drivers for the phone. You can find several threads on the forum about getting the proper drivers for the phone. The way I did it was install HTC Sync from this site: http://www.htc.com/us/support/evo-sprint/downloads/
    This will install two sets of programs, one will be your driver package, and the other is the actual HTC Sync program. You can go into add/remove programs and remove the HTC Sync program, but leave the HTC Device drivers.

    You will also need a copy of adb in order to open a shell to the phone. This runs on your Windows machine, and connects to the phone via USB and lets you send commands to the phones shell. You can find adb all over the forums, but I have included a copy here:
    http://gigahype.net/files/adb_shell.zip
    Download that and extract it somewhere on your system. Something like C:\adb_shell will be fine. For simplicity, we will use this location in this tutorial.

    Now, lets get started:
    1. First, enable USB debugging by going to Settings > Applications > Development > and checking USB Debugging.

    2. Grab and install z4root onto your Evo from this thread:
    http://forum.xda-developers.com/showthread.php?t=833953

    Once you have z4root installed, run it, and choose Temporary root. This will take a few seconds to complete so be patient. It will come to a screen that says temp root was a success.

    3. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.

    4. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell

    5. type the following into the command line:
    Code:
    adb shell
    su

    Once you type the su command, your phone will prompt asking you to click to allow superuser. Go ahead and click Allow superuser. This will allow the adb shell to get temporary root access.

    6. Once you click Allow superuser, your adb shell (in your command window) should now be at a root command line prompt. You can tell if you are at a root command line by the # symbol being displayed. If you see a $ or something other than # then you are not at a root command prompt. GO back and try again :(

    7. If you do indeed have a # then proceed by running the following command. Please type it exactly as you see it. If you are familiar with Linux command strings, this will look familiar.

    Code:
    busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

    8. Your done! :D
    This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
    Mine was about 4575 KB in size, but the size could vary.
    You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.

    If You have already rooted your phone the process is much easier:

    1. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.

    2. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell

    3. type the following into the command line:
    Code:
    adb shell
    That will immediately drop you to a root command on your phone. You will see the # indicating you are at a root command prompt.

    4. Proceed with the sed command below:
    Code:
    sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

    NOW PAY ATTENTION. Once the command completes succesfully, you will not get any reports of it completing. It will simply drop back to the # prompt.
    If you get an error that states something similar to "sed command not found" then you do not have busybox running on your phone. That's ok, its not the end of the world. Keep reading, were going to modify the command a little.

    Run this command only if you received an error stating "sed command not found" or something similar:
    Code:
    busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

    5. Your done!
    This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
    Mine was about 4575 KB in size, but the size could vary.
    You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.



    CONGRATS! You have just grabbed a backup of your RSA keys! Put these in a safe place :)

    Again, if anyone has any suggestions, please feel free to let me know! Hope this helps!
    3
    Please backup your WHOLE wimax partiton.

    Not only are there RSA keys, but you have a user name, password and MAC address needed for Wimax to work. The best way is to backup the whole partition.

    Your wimax partition will be about 12MB in size and is a binary BLOB. The first few bytes should be "HTC-WiMAX-SQN1130"

    The command to make a backup is:

    cat < /dev/mtd/mtd0 > /sdcard/wimax.img

    Do this from an "adb shell" or a terminal emulator on your phone. You will have copied the data from your NAND (flash memory) partition #0 into a file on your sdcard named "wimax.img". Back that file up on your PC or elsewhere for good measure.

    Note that a cat < /sdcard/wimax.img > /dev/mtd/mtd0 will not restore the wimax partition. The NAND needs to be erased and written using a special program like mtd tools designed for flash memory. Amon-ra will do this for you.
    2
    Open a terminal window on your phone and Start at step 7

    This works great. Open terminal emulator on a rooted phone, if you see $ type

    su

    and hit enter. If you get a prompt, hit yes. Now you should see #. Type

    busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key

    and hit enter. You should be all set!
    1
    great thread and good info...can you modify this to include the people that already have root? thanks in advance
    1
    The easiest way for me was just to use clockwork mod. Joeykrim just made an RSA Key Checker.

    1. First check to see if you have your RSA Keys, search Joeykrim in the market. Very simple and easy to use, self explanitory.
    2. Make sure you have the latest ClockworkMod, and make a nandroid backup.
    3. Mound your sd card, look in clockworkmod --> backup, and double click your latest backup.

    And inside you should see "wimax.Ht......" . Just copy and paste that somewhere safe and you should be all set.