[Please help] The avbtool command couldn’t patch PEM to sign my new custom vbmeta.img
[Please help] The avbtool command couldn’t patch PEM to sign my new custom vbmeta.img
(14-05-2021, 04:57 AM)hd_scania But unfortunately, are there vbmeta_pad.py for Android 11+ based firmware? My current stock firmware is Android 11 based.
Code:% sudo ./avbtool info_image --image keys/vbmeta.img
Minimum libavb version: 1.0
Header Block: 256 bytes
Authentication Block: 576 bytes
Auxiliary Block: 6784 bytes
Public key (sha1): 4b08c0ac5e043a6ea153b5573f4e9a4a163586b7
Algorithm: SHA256_RSA4096
Rollback Index: 0
Flags: 0
Rollback Index Location: 0
Release String: 'avbtool 1.1.0'
Descriptors:
Chain Partition descriptor:
Partition Name: recovery
Rollback Index Location: 5
Public key (sha1): 4b08c0ac5e043a6ea153b5573f4e9a4a163586b7
Chain Partition descriptor:
Partition Name: prism
Rollback Index Location: 10
Public key (sha1): 4b08c0ac5e043a6ea153b5573f4e9a4a163586b7
Chain Partition descriptor:
Partition Name: optics
Rollback Index Location: 11
Public key (sha1): 4b08c0ac5e043a6ea153b5573f4e9a4a163586b7
Prop: com.android.build.boot.os_version -> '11'
Prop: com.android.build.boot.security_patch -> '2021-05-01'
Prop: com.android.build.system.os_version -> '11'
Prop: com.android.build.system.security_patch -> '2021-05-01'
Prop: com.android.build.vendor.os_version -> '11'
Prop: com.android.build.vendor.security_patch -> '2021-05-01'
Hash descriptor:
Image Size: 14592528 bytes
Hash Algorithm: sha256
Partition Name: boot
Salt: 4ffb60369f22e58b651def4b1f542010e0f86893f606c6c56ac9e0541fb429c8
Digest: f281e0eccb48303ea69cbe3167a90ad60f0844fd326d36e1be5bed2db0967be5
Flags: 0
Hash descriptor:
Image Size: 236032 bytes
Hash Algorithm: sha256
Partition Name: bootloader
Salt: f927e0e2d15bde3d9f8962d09e956f3241a0acf326b1b4a44a7956095177e9f7
Digest: 41f6dcc8fb70ca0db71064abde5393ecc5d73754a96632b7bc771d537e31ea48
Flags: 0
Hash descriptor:
Image Size: 1261488 bytes
Hash Algorithm: sha256
Partition Name: lk
Salt: 0a902aeb436b1a4193fe2e17f0a841a24ac36d76849f38526da8bb085e112826
Digest: 88fb433cedb7f2d2f63392299cf1451be21aa200dcb6b51175065988ef5b4773
Flags: 0
Hash descriptor:
Image Size: 769248 bytes
Hash Algorithm: sha256
Partition Name: tee1
Salt: 06ddedc81645b86397000cab411c4630fdd9b38dce69c9946ce58d5e880c32e6
Digest: 7b71a09ea532f3a39c26caf204c5a967441a8fa51a8699bf84dc9fb6d99919b5
Flags: 0
Hashtree descriptor:
Version of dm-verity: 1
Image Size: 4194304 bytes
Tree Offset: 4194304
Tree Size: 36864 bytes
Data Block Size: 4096 bytes
Hash Block Size: 4096 bytes
FEC num roots: 2
FEC offset: 4231168
FEC size: 40960 bytes
Hash Algorithm: sha256
Partition Name: odm
Salt: 44ada8b3fa94014e47a255404f73f42a0b1bd3300c4253f6d8c160ed889ba4b4
Root Digest: 46d6766f06dce9dc0696be45fd51e07183c91916ccc8f50ba7a121681c79da87
Flags: 0
Hashtree descriptor:
Version of dm-verity: 1
Image Size: 863334400 bytes
Tree Offset: 863334400
Tree Size: 6803456 bytes
Data Block Size: 4096 bytes
Hash Block Size: 4096 bytes
FEC num roots: 2
FEC offset: 870137856
FEC size: 6881280 bytes
Hash Algorithm: sha256
Partition Name: product
Salt: 9d06f632977f1a82d6df0a7e5fa5ff53869fd135509b17f9ae7f864159df4d93
Root Digest: f2d69223a89de6b6c0d88be4939e6d0b8b06186d6c19062b288f8c8e96daaf75
Flags: 0
Hashtree descriptor:
Version of dm-verity: 1
Image Size: 3775029248 bytes
Tree Offset: 3775029248
Tree Size: 29732864 bytes
Data Block Size: 4096 bytes
Hash Block Size: 4096 bytes
FEC num roots: 2
FEC offset: 3804762112
FEC size: 30081024 bytes
Hash Algorithm: sha256
Partition Name: system
Salt: dcb169f26737b4025df472c3bcccff1d178f346b1e04913a593a1b9bfc9c3cae
Root Digest: a43d877bf747a0e8f19f6311249af37862d1aacab2112910f1963381ff69848f
Flags: 0
Hashtree descriptor:
Version of dm-verity: 1
Image Size: 513945600 bytes
Tree Offset: 513945600
Tree Size: 4055040 bytes
Data Block Size: 4096 bytes
Hash Block Size: 4096 bytes
FEC num roots: 2
FEC offset: 518000640
FEC size: 4096000 bytes
Hash Algorithm: sha256
Partition Name: vendor
Salt: e64f73094a6b5f611f60a305565fdd374981ded0c0ab927dff321cd2f22eaf06
Root Digest: fdb87f57c6b1d8efba5dc4357c9f940ff29cff8852d277ac22aaafd7ebdcaa39
Flags: 0
%(12-03-2020, 11:51 PM)hovatek Download vbmeta_pad.py based on your phone's android from the links below (unzip after downloading)
- For Android 10 (usually with 00 50 00 00 padding), download zipped vbmeta_pad.py @ https://mega.nz/file/NWQkTBYJ#Hu28sW9lMh...tsCWg7gNuk
- For Android 9 (usually with 00 40 00 00 padding) devices, download zipped vbmeta_pad.py @ https://mega.nz/#!5vJGyAib!Q-j402gC_lAO1...zO5MgB6ivg
- For Android 8.x (usually with 00 30 00 00 padding), download this zipped vbmeta_pad.py @ https://mega.nz/file/FLY0Eb4Q#zP0YHJPtbH...prKuqBJdR8 or vbmeta_pad.py
(14-05-2021, 06:19 AM)hd_scania Command bugs? The PEM keys are ok
Code:% sudo python avbtool make_vbmeta_image --key PubliCert.TWRP.AOSP11.SM-A125F.hd_scania.pem --algorithm SHA256_RSA4096 --flag 2 --chain_partition bootloader:1:keys/bootloader.keys.bin --chain_partition odm:2:keys/odm.keys.bin --chain_partition tee1:3:keys/tee1.keys.bin --chain_partition lk:4:keys/lk.keys.bin --output vbmeta.TWRP.AOSP11.SM-A125F.hd_scania.img
avbtool: Error getting public key: b'unable to load Public Key\n140674809644416:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: PUBLIC KEY\n'
% cat PubliCert.TWRP.AOSP11.SM-A125F.hd_scania.pem
-----BEGIN CERTIFICATE-----
MIIELTCCAxWgAwIBAgIJANEwmqM2Fs8EMA0GCSqGSIb3DQEBBQUAMGwxCzAJBgNV
BAYTAktSMRQwEgYDVQQIEwtTb3V0aCBLb3JlYTEOMAwGA1UEBxMFU3V3b24xJjAk
BgNVBAoTHVNhbXN1bmcgRWxlY3Ryb25pY3MgQ28uLCBMdGQuMQ8wDQYDVQQLEwZN
b2JpbGUwHhcNMTMxMjE2MDg1MDI4WhcNMjMxMjE0MDg1MDI4WjBsMQswCQYDVQQG
EwJLUjEUMBIGA1UECBMLU291dGggS29yZWExDjAMBgNVBAcTBVN1d29uMSYwJAYD
VQQKEx1TYW1zdW5nIEVsZWN0cm9uaWNzIENvLiwgTHRkLjEPMA0GA1UECxMGTW9i
aWxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjoOavjEbusT83Dv
LvsSVrq4y9HhUmZYnVX5VaOgsp7qUM5ntD9zSxR5JQ9QWCbCKh5RDy+ewnXmFcAV
L2MW5zxn6eI58e5e1Uonx9SnaID5JQHOhKImzH5/1qqVjs467nTTVpkXZOzrzLhs
EOau34Q/AlZ5QO0gh0TDr7YYHbry7Ie+gYePA/9gcB5UzbLQPz2oNGQPlB9e4KSw
4XNXu8BfguRltQbkJkm8/BD93vKN7MIbsxIYCzIIBjv/J79ho4NQqzpky9PFzCt/
KL1Ts7DsoQ6r3GeDgebc1ques18UXUZ1wenHy5k4ruCl6ZJ7QaxzHyEta/RT+VOC
j3IuwwIDAQABo4HRMIHOMB0GA1UdDgQWBBQp+BW4OYblL74MNaxtLPuKS1Ky4DCB
ngYDVR0jBIGWMIGTgBQp+BW4OYblL74MNaxtLPuKS1Ky4KFwpG4wbDELMAkGA1UE
BhMCS1IxFDASBgNVBAgTC1NvdXRoIEtvcmVhMQ4wDAYDVQQHEwVTdXdvbjEmMCQG
A1UEChMdU2Ftc3VuZyBFbGVjdHJvbmljcyBDby4sIEx0ZC4xDzANBgNVBAsTBk1v
YmlsZYIJANEwmqM2Fs8EMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
AEKg+91c2q1OKoP89QAQCKlLXKQNaaGQisMLISeBAkfF8npSPmftDSu9IPMTR9ZG
2AwCgH1SoI4cBqKJviU1M41IHTC3qJXRAv52Mjfv47AbkVyzLvE5YL/9R9zY+ER/
4KFvye4EvsybB9l0B8eoF/Pk4olX2KrhqkP8EtcDr47VI+FloeHGFef9DSvUz3Np
MQMp4jdNBUZ57mXwKRl1pMgz3f+Cgwi9zWmK9/lf+w0OXKBXxB+vhGMpg/7Y/Ohj
B4OHj7fOFedOEZlSmois41gknKgxyzvd1Xig7QcpIYUgH9FMPZxzhgMElY6zOroC
SYgfWsLmjJM+Q9nMhCMaJf0=
-----END CERTIFICATE-----
%
(15-05-2021, 01:55 AM)hd_scania ...
% locate vbm|grep home/fu1i/sammie/A12
/home/fu1i/sammie/A12/AP_A125FZHU1BUE3_CL21578447_QB40061619_REV00_user_low_ship_MULTI_CERT_meta_RKEY_OS11/vbmeta.img
/home/fu1i/sammie/A12/AP_A125FZHU1BUE3_CL21578447_QB40061619_REV00_user_low_ship_MULTI_CERT_meta_RKEY_OS11/vbmeta_samsung.img
/home/fu1i/sammie/A12/BL_A125FZHU1BUE3_CL21578447_QB40061619_REV00_user_low_ship_MULTI_CERT/vbmeta.img
%
% locate pem|grep home/data/terminal/Android
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F/SM-A125F/samsung/a12/outputs/bin/avb/verity.x509.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F/SM-A125F/samsung/a12/outputs/ramdisk/PubliCert.ramdisk.TWRP.AOSP11.SM-A125F.hd_scania.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F/SM-A125F/samsung/a12/outputs/split_img/recovery.img-ramdisk/PubliCert.split.rd.TWRP.AOSP11.SM-A125F.hd_scania.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/PubliCert.TWRP.AOSP11.SM-A125F.hd_scania.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/verity.x509.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/aftl_pubkey_1.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_atx_pik.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_atx_prk.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_atx_psk.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_atx_puk.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_rsa2048.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_rsa4096.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_rsa4096_pub.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avb/test/data/testkey_rsa8192.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/aftl_pubkey_1.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_atx_pik.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_atx_prk.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_atx_psk.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_atx_puk.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_rsa2048.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_rsa4096.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_rsa4096_pub.pem
/home/data/terminal/Android/recoveries/TWRP-Samsung-A12-SM-A125F-releases/avbtool/test/data/testkey_rsa8192.pem
/home/data/terminal/Android/recoveries/android_bootable_recovery-lineage-18.1/tests/testdata/testkey_4096bits.x509.pem
/home/data/terminal/Android/recoveries/android_bootable_recovery-lineage-18.1/tests/testdata/testkey_v1.x509.pem
/home/data/terminal/Android/recoveries/android_bootable_recovery-lineage-18.1/tests/testdata/testkey_v2.x509.pem
/home/data/terminal/Android/recoveries/android_bootable_recovery-lineage-18.1/tests/testdata/testkey_v3.x509.pem
/home/data/terminal/Android/recoveries/android_bootable_recovery-lineage-18.1/tests/testdata/testkey_v4.x509.pem
/home/data/terminal/Android/recoveries/android_bootable_recovery-lineage-18.1/tests/testdata/testkey_v5.x509.pem
%
(18-05-2021, 03:16 PM)hd_scania ...
2. Why partitions for custom vbmeta are all required from stock vbmeta? But some are missing from my Samsung PIT (yes it’s a Samsung device)
(18-05-2021, 03:16 PM)hd_scania 3. Which PEM files should be used instead? ...
(19-05-2021, 11:13 AM)X3non your custom vbmeta should contain the same partitions as in the stock vbmeta, you're only looking to replace the private key used for certain partitions you wish to modifyHere, i’m left to have no ideas of which test keys should be better, but could be any test data PEM keys i’ve shown in the thread?
(19-05-2021, 11:13 AM)X3non same one used by the oem which for samsung i'd very much doubt it'll be a testkey
(02-06-2021, 12:13 PM)hd_scania vbmeta.img (in order to just disable AVB at all) and my own custom TWRP (instead of stock firmware recovery) to be replaced
(02-06-2021, 12:13 PM)hd_scania Here, i’m left to have no ideas of which test keys should be better, but could be any test data PEM keys i’ve shown in the thread?
B for System on the root: Yes
B for Seamless OTA upgrades: No
Other Treble aspects: Yes at all
(03-06-2021, 01:20 PM)hd_scania The Magisk patch sources and manager apps sppear good, but by having selected the needed files, the starting button has been always grey (stuck before starting by just having a start button touched), instead of in my theme colour (ok going on) (see the pics)
Code:B for System on the root: Yes
B for Seamless OTA upgrades: No
Other Treble aspects: Yes at all