-
Notifications
You must be signed in to change notification settings - Fork 9
wfairclough/android_aosp_keys
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
For detailed information on key types and image signing, please see: https://source.android.com/devices/tech/ota/sign_builds.html The test keys in this directory are used in development only and should NEVER be used to sign packages in publicly released images (as that would open a major security hole). key generation -------------- The following commands were used to generate the test key pairs: development/tools/make_key testkey '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]' development/tools/make_key platform '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]' development/tools/make_key shared '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]' development/tools/make_key media '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]' signing using the openssl commandline (for boot/system images) -------------------------------------------------------------- 1. convert pk8 format key to pem format % openssl pkcs8 -inform DER -nocrypt -in testkey.pk8 -out testkey.pem 2. create a signature using the pem format key % openssl dgst -binary -sha1 -sign testkey.pem FILE > FILE.sig building the java keystore -------------------------- Run the `./buildkeystore.sh` script List keystore certificate fingerprints -------------------------------------- keytool -list -keystore <STORE_FILE> -storepass <STORE_PASSWORD> extracting public keys for embedding ------------------------------------ dumpkey.jar is a Java tool that takes an x.509 certificate in PEM format as input and prints a C structure to standard output: $ java -jar out/host/linux-x86/framework/dumpkey.jar build/target/product/security/testkey.x509.pem {64,0xc926ad21,{1795090719,2141396315,950055447,2581568430,4268923165,1920809988,546586521,3498997798,1776797858,3740060814,1805317999,1429410244,129622599,1422441418,1783893377,1222374759,2563319927,323993566,28517732,609753416,1826472888,215237850,4261642700,4049082591,3228462402,774857746,154822455,2497198897,2758199418,3019015328,2794777644,87251430,2534927978,120774784,571297800,3695899472,2479925187,3811625450,3401832990,2394869647,3267246207,950095497,555058928,414729973,1136544882,3044590084,465547824,4058146728,2731796054,1689838846,3890756939,1048029507,895090649,247140249,178744550,3547885223,3165179243,109881576,3944604415,1044303212,3772373029,2985150306,3737520932,3599964420},{3437017481,3784475129,2800224972,3086222688,251333580,2131931323,512774938,325948880,2657486437,2102694287,3820568226,792812816,1026422502,2053275343,2800889200,3113586810,165549746,4273519969,4065247892,1902789247,772932719,3941848426,3652744109,216871947,3164400649,1942378755,3996765851,1055777370,964047799,629391717,2232744317,3910558992,191868569,2758883837,3682816752,2997714732,2702529250,3570700455,3776873832,3924067546,3555689545,2758825434,1323144535,61311905,1997411085,376844204,213777604,4077323584,9135381,1625809335,2804742137,2952293945,1117190829,4237312782,1825108855,3013147971,1111251351,2568837572,1684324211,2520978805,367251975,810756730,2353784344,1175080310}} This is called by build/core/Makefile to incorporate the OTA signing keys into the recovery image.
About
The platform keys that are used as test keys for the AOSP build
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published