• Announcements

    • Reminder - MoDaCo position on illegal content   07/30/15

      ILLEGAL CONTENT I'd like to just reaffirm MoDaCo's position regarding piracy and illegal content in the light of some recent questions / postings. Posts will be censored by myself or my moderation team if the contain or link to: Illegal / pirated / cracked software or sites that host such softwareNintendo emulators / ROMs or sites hosting them (in light of Nintendo's legal stance)CUSTOM ROMS You may discuss and post links to custom device ROMs on MoDaCo, provided the following rules are adhered to: ROMs must not contain any illegal 3rd party software (this includes trial versions included without permission)ROMs must give full credit to the original authorISSUES If you have any issues with this policy, please contact PaulOBrien directly via PM.
    • Reminder: Selling items on the forum directly is not allowed   07/30/15

      Please note that selling items on the forum directly is not allowed by the forum rules. There is a forum for eBay auctions whereby you can list the items on eBay and link to them there. This is the ONLY forum for this type of activity. You may also advertise links to the eBay forum in your signature. Please note that selling directly in contravention of these rules will result in a warning / suspension / ban.
Sign in to follow this  
Followers 0

Tell me more about bootloader code signing, please...

3 posts in this topic

Posted · Report post

Hi all.

I just downloaded these: http://www.mediafire.com/?67cezkql2z4j4jc

and installed the "1 mfld-pos-installer-v1.5-a.exe" in a virtual machine, and when you look in the installation folder, there are two certificates: "cdc.cer" and "adb.cer" and a few tools.

Does anyone know:

1/ What these two certificates are?

2/ What the tools are, and how they are used?

When I double-click the *.cer (certificate) files - NOT installing them, up pops something about keys etc, and seems to show HEX values. I know virtually nothing about cryptography etc, but would someone else download these and have a play **DISCONNECT** your OSD **FIRST*** :P and tell me what's going on? Are these proprietary tools, and are those two certificates the ones that are needed to sign our OWN ROMS?

Very lost, but kinda, sorta know what this all is, as I was once an iOS dev, and I had to sign apps :)

Thanks - laymans terms if you please :D

0

Share this post


Link to post
Share on other sites

Posted · Report post

if i remember also there was a way to get into MEDFIELD mode on the osd running gingerbread, maybe the tool was to be used in that mode ?

0

Share this post


Link to post
Share on other sites

Posted · Report post

Are these proprietary tools, and are those two certificates the ones that are needed to sign our OWN ROMS?

These are probably public certificates. We'll need the private ones to sign firmware and fool the OSD into running custom roms.

These work in a "private/public" pair combination. The signer has the private key, and the receiver the public key to check the signer's private key is legitimate.

This is how secure websites load on the Internet; You have the public keys in your browser to check authenticity, and the CA (Certificate Authority) has the private keys to sign certificates with, which are sent to your browser by the website.

I'll be honest, the math they use utterly baffles me, but it's damned impressive.

And no, you can't derive the private keys from the public keys :)

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

MoDaCo is part of the MoDaCo.network, © Paul O'Brien 2002-2015. MoDaCo uses IntelliTxt technology.