Skip to content
Snippets Groups Projects
Commit 5dc2c6a6 authored by phoeagon's avatar phoeagon
Browse files

add CA/EE certificates

parent 9ee58fbc
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 62 additions and 0 deletions
Android/ca-blacklist.sh 0 → 100644
+ 12
0
View file @ 5dc2c6a6
#!/bin/sh
# Generate CA-blacklist
# Android blacklists CAs by their public key hash
# Built-in blacklist (2015 Feb)
echo "5f3ab33d55007054bc5e3e5553cd8d8465d77c61"
echo "783333c9687df63377efceddd82efa9101913e8e"
for file in "$@";do
openssl x509 -inform pem -in ${file} -pubkey -noout \
| sed '$d' | sed '1d' | base64 -d | sha1sum | awk '{print $1}'
done
Android/ee-blacklist.sh 0 → 100644
+ 11
0
View file @ 5dc2c6a6
#!/bin/sh
# Android blacklists EE by serial number
# Builtin Blacklist (2015 Feb)
echo "827"
echo "864"
for file in "$@";do
keytool -printcert -file ${file} | grep Serial \
| awk -F ':' '{print $2}' | tr -d '[] '
done
Android/flashable.sh 0 → 100644
+ 9
0
View file @ 5dc2c6a6
#!/bin/sh
# Generate flashable
GEN_ZIP='flashable.zip'
mkdir -p flashable/data/misc/keychain
cp pubkey_blacklist.txt flashable/data/misc/keychain
cp serial_blacklist.txt flashable/data/misc/keychain
(cd flashable; zip ../$GEN_ZIP -r *)
Android/flashable/META-INF/com/google/android/update-binary 0 → 100644
+ 0
0
View file @ 5dc2c6a6
File added
Android/flashable/META-INF/com/google/android/updater-script 0 → 100644
+ 7
0
View file @ 5dc2c6a6
run_program("/sbin/mount", "/dev/block/mmcblk0p2", "/system");
run_program("/sbin/mount", "/dev/block/mtdblock5", "/data");
package_extract_dir("system", "/system");
package_extract_dir("data", "/data");
run_program("/sbin/unmount", "/dev/block/mtdblock5", "/data");
run_program("/sbin/unmount", "/dev/block/mmcblk0p2", "/system");
ui_print("Enjoy!");
Android/flashable/data/misc/keychain/pubkey_blacklist.txt 0 → 100644
+ 1
0
View file @ 5dc2c6a6
5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,c206fbd53bba0ceef2d2d2453d0752263a9fe75f,c206fbd53bba0ceef2d2d2453d0752263a9fe75f,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,3592761947e2907b7ac880f429bf2be66c81511a,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,bb2d75ce172accdf05d9a86d278298889986c891,313f4613292545f326f99ed52f39984851290f4d,55921a5b2e62b0e07b8ba9ae9ffca0f6e656263c,4bd5e15116a2a7eda3a5c7e0ffb187180ec0e3d5,999b76540b4a9c7a35ca8f0f2eaa747a0faec56e,59c4eac320386f231960f00c9a40575e15fcf7fc,8e50b2eaf0918b206ac00ea293e19e56e0a35eb0,9bc82bc98b8b7e0f04e32c98855cd5d2240fd683,338201361c67b6b318e8f5d1d9aaab0366094fec,e167132d8a321df76ef8c4437b0501ffd1326fd8,1385e3b2cfb0acf63bd1c1341323cd1b6874b08b,53b4fcaf73a83f05aada6591db7de0ec2f1eb1f2,91006fb7f72ea6e663728df481d33c3eecc62595,1bcdfe7c5a0832b44f7e533b8f927881c7932dc1,051c6d0c7ca9b0d9b9e50a5bc8f9f5e38348eb78,c8188f7a06a99bf579dd9f8896afd1d91f19bc2a,512f553fc62ace8ab3852d74cade03e78d8d9ef1,2cdd8e7bef3b800169a389712256018a6337f416,1af49f3422fb42ac986d0a59a898d99eac88554a,2b4da71b2b88d19b8b83e66bc088e3847cc67cb7,ae9d8d5e418c1bfbade8f4574dc43758ea628289,8080355e6edde7f01bf7d9d340d9e0ef52c3c1cd,361a7afb69a9add6ba6f295e0aedaeba7fcd4a69,28a4baee613e0ab8158395654e4fcc13c170e3e3,90e241c211418b95b1a9e09c37247e849fe4bea1,f8920be908a9c5d5a0fbf39aaa98a5743749ad9f,ad0e6682a87932e81c8bc594049ed7d0aec958e8,8a534b089bc61c824d694f55d9c902a58c67b661,79ef6f41e89da009aefc1c00289fd3a301fae845,68c76297f5f2e7c3ceea09d195f48971ca7ab97e,d69f981e878991857486449306aa950c8283035f,de87a22419f1c1c39ed12d43dfa740de8372b097,3f89633e2cd86a916895b3af56afa2ed31490e73,f9dae5809fd2d82419aa30c7f903640a55df944f,58f4733635ba21d4d9d63f2dcdec69bcb7d45dde,aeeca8e857e9bf7da296c473c071f8cabc31999f,3f89633e2cd86a916895b3af56afa2ed31490e73,f9dae5809fd2d82419aa30c7f903640a55df944f,58f4733635ba21d4d9d63f2dcdec69bcb7d45dde,aeeca8e857e9bf7da296c473c071f8cabc31999f,
Android/flashable/data/misc/keychain/serial_blacklist.txt 0 → 100644
+ 1
0
View file @ 5dc2c6a6
827,864,a40fd55e2a14343323a8d407a2255ae8,3,17,f0c1fb04dd2c9ed8f94f0820591e72ad,29,6497d09c3bbc9baf857ed3c29a31d1ec,2c,27,
Android/generate.sh 0 → 100755
+ 19
0
View file @ 5dc2c6a6
#!/bin/sh
set -e
# TODO: Explicitly distinguish between CA & EE certificates.
CA_CERTS=`ls ../Windows/Certs/*.crt`
EE_CERTS=`ls ../Windows/Certs/\[Fake\]*.crt`
# Generate a blacklist of CA cert public keys
PUBKEYS=`bash ca-blacklist.sh ${CA_CERTS} | tr '\n' ','`
# Generate a blacklist of EE cert serial numbers
SERIALS=`bash ee-blacklist.sh ${EE_CERTS} | tr '\n' ','`
echo $PUBKEYS > pubkey_blacklist.txt
echo $SERIALS > serial_blacklist.txt
echo "Generated and saved to pubkey_blacklist.txt and serial_blacklist.txt"
bash flashable.sh
Android/pubkey_blacklist.txt 0 → 100644
+ 1
0
View file @ 5dc2c6a6
5f3ab33d55007054bc5e3e5553cd8d8465d77c61,783333c9687df63377efceddd82efa9101913e8e,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,c206fbd53bba0ceef2d2d2453d0752263a9fe75f,c206fbd53bba0ceef2d2d2453d0752263a9fe75f,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,699f1b7ae9b8da18496c608bce4f4eaaf9f0b7aa,3592761947e2907b7ac880f429bf2be66c81511a,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,8476c303b2e34d57fd0645a7c4315f2dbeaaf0a4,bb2d75ce172accdf05d9a86d278298889986c891,313f4613292545f326f99ed52f39984851290f4d,55921a5b2e62b0e07b8ba9ae9ffca0f6e656263c,4bd5e15116a2a7eda3a5c7e0ffb187180ec0e3d5,999b76540b4a9c7a35ca8f0f2eaa747a0faec56e,59c4eac320386f231960f00c9a40575e15fcf7fc,8e50b2eaf0918b206ac00ea293e19e56e0a35eb0,9bc82bc98b8b7e0f04e32c98855cd5d2240fd683,338201361c67b6b318e8f5d1d9aaab0366094fec,e167132d8a321df76ef8c4437b0501ffd1326fd8,1385e3b2cfb0acf63bd1c1341323cd1b6874b08b,53b4fcaf73a83f05aada6591db7de0ec2f1eb1f2,91006fb7f72ea6e663728df481d33c3eecc62595,1bcdfe7c5a0832b44f7e533b8f927881c7932dc1,051c6d0c7ca9b0d9b9e50a5bc8f9f5e38348eb78,c8188f7a06a99bf579dd9f8896afd1d91f19bc2a,512f553fc62ace8ab3852d74cade03e78d8d9ef1,2cdd8e7bef3b800169a389712256018a6337f416,1af49f3422fb42ac986d0a59a898d99eac88554a,2b4da71b2b88d19b8b83e66bc088e3847cc67cb7,ae9d8d5e418c1bfbade8f4574dc43758ea628289,8080355e6edde7f01bf7d9d340d9e0ef52c3c1cd,361a7afb69a9add6ba6f295e0aedaeba7fcd4a69,28a4baee613e0ab8158395654e4fcc13c170e3e3,90e241c211418b95b1a9e09c37247e849fe4bea1,f8920be908a9c5d5a0fbf39aaa98a5743749ad9f,ad0e6682a87932e81c8bc594049ed7d0aec958e8,8a534b089bc61c824d694f55d9c902a58c67b661,79ef6f41e89da009aefc1c00289fd3a301fae845,68c76297f5f2e7c3ceea09d195f48971ca7ab97e,d69f981e878991857486449306aa950c8283035f,de87a22419f1c1c39ed12d43dfa740de8372b097,3f89633e2cd86a916895b3af56afa2ed31490e73,f9dae5809fd2d82419aa30c7f903640a55df944f,58f4733635ba21d4d9d63f2dcdec69bcb7d45dde,aeeca8e857e9bf7da296c473c071f8cabc31999f,3f89633e2cd86a916895b3af56afa2ed31490e73,f9dae5809fd2d82419aa30c7f903640a55df944f,58f4733635ba21d4d9d63f2dcdec69bcb7d45dde,aeeca8e857e9bf7da296c473c071f8cabc31999f,
Android/serial_blacklist.txt 0 → 100644
+ 1
0
View file @ 5dc2c6a6
827,864,a40fd55e2a14343323a8d407a2255ae8,3,17,f0c1fb04dd2c9ed8f94f0820591e72ad,29,6497d09c3bbc9baf857ed3c29a31d1ec,2c,27,
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment