aiden
/
Android_boot_image_editor
mirror of https://github.com/cfig/Android_boot_image_editor
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
rc
dev
bin
android-7.1.1_r6
android-10
android-11
android-8.1.0_r2
android-9
v12.0
v13
v13_r2
v13_r3
v14_r1
v14_r2
v14_r3
v15_r1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1c77093f10'
${ noResults }
Android_boot_image_editor/security
History
cfig d7ce4d65aa clean up and refine README 10 years ago
..
README add mkbootfs task, add Android default keys, 10 years ago
media.pk8 add mkbootfs task, add Android default keys, 10 years ago
media.x509.pem add mkbootfs task, add Android default keys, 10 years ago
platform.pk8 add mkbootfs task, add Android default keys, 10 years ago
platform.x509.pem add mkbootfs task, add Android default keys, 10 years ago
shared.pk8 add mkbootfs task, add Android default keys, 10 years ago
shared.x509.pem add mkbootfs task, add Android default keys, 10 years ago
testkey.pk8 add mkbootfs task, add Android default keys, 10 years ago
testkey.x509.pem add mkbootfs task, add Android default keys, 10 years ago
verity.pk8 add mkbootfs task, add Android default keys, 10 years ago
verity.x509.pem add mkbootfs task, add Android default keys, 10 years ago
verity_key add mkbootfs task, add Android default keys, 10 years ago

README 

The following commands were used to generate the test key pairs:

  development/tools/make_key testkey  '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
  development/tools/make_key platform '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
  development/tools/make_key shared   '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
  development/tools/make_key media    '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'

The following standard test keys are currently included:

testkey -- a generic key for packages that do not otherwise specify a key.
platform -- a test key for packages that are part of the core platform.
shared -- a test key for things that are shared in the home/contacts process.
media -- a test key for packages that are part of the media/download system.

These test keys are used strictly in development, and should never be assumed
to convey any sort of validity.  When $BUILD_SECURE=true, the code should not
honor these keys in any context.


signing using the openssl commandline (for boot/system images)
--------------------------------------------------------------

1. convert pk8 format key to pem format
   % openssl pkcs8 -inform DER -nocrypt -in testkey.pk8 -out testkey.pem

2. create a signature using the pem format key
   % openssl dgst -binary -sha1 -sign testkey.pem FILE > FILE.sig

extracting public keys for embedding
------------------------------------
it's a Java tool
but it generates C code
take a look at commands/recovery/Android.mk
you'll see it running $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar