aiden
/
Android_boot_image_editor
mirror of https://github.com/cfig/Android_boot_image_editor
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
rc
dev
bin
android-7.1.1_r6
android-10
android-11
android-8.1.0_r2
android-9
v12.0
v13
v13_r2
v13_r3
v14_r1
v14_r2
v14_r3
v15_r1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'db3bb98466'
${ noResults }
Android_boot_image_editor/security
History
cfig d7ce4d65aa clean up and refine README 9 years ago
..
README add mkbootfs task, add Android default keys, 9 years ago
media.pk8 add mkbootfs task, add Android default keys, 9 years ago
media.x509.pem add mkbootfs task, add Android default keys, 9 years ago
platform.pk8 add mkbootfs task, add Android default keys, 9 years ago
platform.x509.pem add mkbootfs task, add Android default keys, 9 years ago
shared.pk8 add mkbootfs task, add Android default keys, 9 years ago
shared.x509.pem add mkbootfs task, add Android default keys, 9 years ago
testkey.pk8 add mkbootfs task, add Android default keys, 9 years ago
testkey.x509.pem add mkbootfs task, add Android default keys, 9 years ago
verity.pk8 add mkbootfs task, add Android default keys, 9 years ago
verity.x509.pem add mkbootfs task, add Android default keys, 9 years ago
verity_key add mkbootfs task, add Android default keys, 9 years ago

README 

The following commands were used to generate the test key pairs:

  development/tools/make_key testkey  '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
  development/tools/make_key platform '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
  development/tools/make_key shared   '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
  development/tools/make_key media    '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'

The following standard test keys are currently included:

testkey -- a generic key for packages that do not otherwise specify a key.
platform -- a test key for packages that are part of the core platform.
shared -- a test key for things that are shared in the home/contacts process.
media -- a test key for packages that are part of the media/download system.

These test keys are used strictly in development, and should never be assumed
to convey any sort of validity.  When $BUILD_SECURE=true, the code should not
honor these keys in any context.


signing using the openssl commandline (for boot/system images)
--------------------------------------------------------------

1. convert pk8 format key to pem format
   % openssl pkcs8 -inform DER -nocrypt -in testkey.pk8 -out testkey.pem

2. create a signature using the pem format key
   % openssl dgst -binary -sha1 -sign testkey.pem FILE > FILE.sig

extracting public keys for embedding
------------------------------------
it's a Java tool
but it generates C code
take a look at commands/recovery/Android.mk
you'll see it running $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar