Google Nexus 7 (2012) Issues with Signing Android Factory Images, ROMs and OTA Files.

Rahul Uppalwar

New member
Nov 18, 2013
1
0
0
Visit site
I am doing R&D on FOTA(Firmware Update Over the Air) using Nexus 7-Wifi(grouper). For which I followed the following steps.

1. Downloaded the android source from source.android.com for v 4.2.2_r1 and v 4.3_r1
2. Downloaded the binaries for grouper, extract it to my source folder.
3. Then I compiled the source code using following commands.
i. source build/envsetup.sh
ii. lunch full_grouper-userdebug
iii. make -j8 dist
4. After few tries, I had success in compiling the source for Nexus 7(grouper).
5. I got following files in $out/source_4.2.2/dist folder
-----------------------------------------------
adb*
android-common-carousel.jar
android-common.jar
android-info.txt
android-support-v13.jar
android-support-v4.jar
android-support-v7-gridlayout.jar
build.prop
com.android.nfc_extras.jar
fastboot*
full_grouper-apps-eng.root.zip
full_grouper-emulator-eng.root.zip
full_grouper-img-eng.root.zip
full_grouper-ota-eng.root.zip
full_grouper-symbols-eng.root.zip
full_grouper-target_files-eng.root.zip
gpl_source.tgz
guava.jar
installed-files.txt
jsr305.jar
mkbootfs*
mkbootimg*
mkyaffs2image*
mp4parser.jar
package-stats.txt
ramdisk.img
signapk.jar
vendor_owner_info.txt
-----------------------------------------------
6. Then I generated my own keys using /development/tools/make_key tool for media, testkey, releasekey, shared, platform.
Assume my keys are locate at /keys folder.
7. Then I created a signed target zip file using following command.
/source/build/tools/releasetools/sign_target_files_apks -v -p ../host/linux-x86 -d /keys full_grouper-target_files-eng.root.zip signed_target_files.zip
8. From signed target zip file I create
/source/build/tools/releasetools/img_from_target_files -v -p ../host/linux-x86 signed_target_files.zip signed_img_from_target_files.zip
9. Then I flashed the signed_img_from_target_files.zip using fastboot command using the following script:
----------------------------------------------------------------------
fastboot oem unlock
fastboot erase boot
fastboot erase cache
fastboot erase recovery
fastboot erase system
fastboot erase userdata
fastboot reboot-bootloader
sleep 10
fastboot -w update signed_img_from_target_files.zip
----------------------------------------------------------------------
10. The device gets flashed well and is working, but I am getting an log while flashing in which it is unable to find boot.sig, system.sig and recovery.sig
11. Now the otacerts.zip file contains a testkey which is not the one that I signed it with.
file located at "/system/etc/security/otacerts.zip" on device.
12. Now since the otacerts.zip is signed with the default key it gives a mismatch error which I tried to flash an OTA update which is signed by the my custom key.

Now my doubt is:
How can I add boot.sig, recovery.sig and system.sig to signed_img_from_target_files.zip?
Is there anything I am doing wrong?
Does the recovery checks the current ROM keys from "/system/etc/security/otacerts.zip"?
What is the correct procedure to sign the OTA update?
 

Trending Posts

Forum statistics

Threads
942,409
Messages
6,913,963
Members
3,158,402
Latest member
MickTavia