seems like a good & safe idea - to create an update.zip that, let's say, will just put a txt file in /system of original froyo or GB
[MB526] Motorola Defy Plus new sources: 4.5.2-109_DHT-25 , 4.5.3-109_DPP-14
- Thread starter omyg
- Start date
seems like a good & safe idea - to create an update.zip that, let's say, will just put a txt file in /system of original froyo or GB
They were dealing with different engineering_key.p12 file. If you look in kernel sources released in 2010 (Defy too) this file was protected by different password.
Which 2010 Defy release did you test?
Tried Defy EMARA Release (engineering_key.p12 from 21.10.2010 08:12)
is protected by 'password' too.
---------- Post added at 09:47 PM ---------- Previous post was at 09:44 PM ----------
If someone can provide me one i can test it with my spare defy+.
Isn't this key just the one from aosp? I can't check if they match right now.
https://github.com/CyanogenMod/android_system_core/blob/ics/fastboot/engineering_key.p12
Expiry dates certainly match. Sounds like a red herring to me...
https://github.com/CyanogenMod/android_system_core/blob/ics/fastboot/engineering_key.p12
Expiry dates certainly match. Sounds like a red herring to me...
Last edited:
its obius that is the same key and it will have same matching MD5 so if some one try it with password, then we will see the diferences!
Err what? They're identical. The password on both is password. That's why the hashes are the same.
Sent from my MB525 using XDA App
uh... I don't THINK it'll work but I guess if anyone would bother trying taking a shot at it that's better than nothing.
I recently had to wipe my computer so I lost all the devving stuff but I'll watch to see if anything turns out.
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
2
Doesn't the fastboot sources give us helpful information?
specially the "engineering_key.p12" file
download here
http://sourceforge.net/projects/mot...em-core.tar.gz/download?use_mirror=netcologne
it looks like for signing they use a passphrase, but it worth a second & third look anyway1I can only confirm, that engineering_key.p12 from Defy source is the same as engineering_key.p12 from other Motorola sources ( crc32 = D86356858 ).
I can also confirm, that previously posted Defy sources (2011-11-03) also have the same engineering_key.p12
http://sourceforge.net/projects/motodefyplus.motorola/files/DefyPlus/
DEFYPLUS 4.5.1-134_DFP-74
DEFYPLUS 4.5.1-134_DFP-82
DEFYPLUS 4.5.1-134_DFP-89
Little update: Motorola also posted newer source on the link from first post:
http://sourceforge.net/projects/motodefyplus.motorola/files/DefyPlusGC/
4.5.2-109_DHT-25 - new firmware uploaded 10 hours ago !
4.5.3-109_DPP-14 - this firmware was RE-UPLOADED 10 hours ago !1
password is the right password for this file but currently i dont know if the bootloader is signed with that key - but its possible...
But also i think it would be too easy
Maybe someone can try fastboot with that 'unlock' password?
---------- Post added at 04:13 PM ---------- Previous post was at 04:05 PM ----------
The pkcs file is still 'secured' by password "password"...1not much I can do right now...
./p12topem.sh engineering_key password
^ this command extract engineering_key.pem from engineering_key.p12 container (using password)
you can see, that original alias was "engkey" (not "engineering_key")
openssl x509 -in engineering_key.pem -noout -enddate
notAfter=Jul 16 21:25:06 2035 GMT
^ this is expiration time for this cert, I think this prooves that it was not recently randomly generated (this is good news) - see below to compare it with other certificate (which can be generated with provided shell scripts by openssl)
/system/core/fastboot/
so, here we can find:
genkey.sh - to generate random pem key 2048 and pack to p12 using password
p12topem.sh - to extract .pem file from .p12 file
signfile.sh - to sign any file using .pem (i.e. generate text.txt.sign for text.txt )
for research, we can use genkey.sh to generate similar engkey.pem and engkey.p12 ourself:
./genkey.sh engkey password
this command generates genkey.pem , pack it to genkey.p12 , and deletes genkey.pem
./p12topem.sh engkey password
this command unpacks engkey.pem from engkey.p12 (so we can use it to sign files)
./signfile.sh engineering_key test.txt password
this command generates 256 byte signature with sign prefix ( in this case test.txt.sign )
so, after I generated random engkey.pem (engkey.p12) using this tools, I got similar key to provided engineering_key.pem (engineering_key.p12), but what is interesting - date is significantly different
openssl x509 -in engkey.pem -noout -enddate
notAfter=May 28 14:53:37 2039 GMT
openssl x509 -in engkey.pem -noout -enddate
notAfter=May 28 15:18:48 2039 GMT
^ this is examples of expire dates for recent random cert, compare it with date of provided file:
openssl x509 -in engineering_key.pem -noout -enddate
notAfter=Jul 16 21:25:06 2035 GMT
that mean it is not random key, or it is random key which was generated with this tools 4 years ago1
IMHO someone should compile fastboot - as i know we currently have no fastboot with our defy ?!
Entering fastboot will perhaps let us unlock bootloader?
I have no system ready with the android source and compilers... So maybe
someone else can do this but i dont know if there is something else to do with
compiled fastboot than signing it?!
May knowledge about bootloaders is at a minimum
but - information i these files tell us where to place kernel etc?!
Code:memcpy(hdr->magic, BOOT_MAGIC, BOOT_MAGIC_SIZE); hdr->kernel_size = kernel_size; hdr->ramdisk_size = ramdisk_size; hdr->second_size = second_size; hdr->kernel_addr = base + 0x00008000; hdr->ramdisk_addr = base + 0x01000000; hdr->second_addr = base + 0x00F00000; hdr->tags_addr = base + 0x00000100; hdr->page_size = page_size;
The mkbootimg.c file and dependencies are also interesting..
