hockeymikey
commented
3 years ago Open hockeymikey opened 3 years ago
hockeymikey
commented
3 years ago hockeymikey
commented
3 years ago https://source.android.com/devices/tech/ota/sign_builds search for dev-keys
SkewedZeppelin
commented
2 years ago Here is my script to sign builds: https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L178-L384
And script to generate keys: https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Generate_Signing_Keys.sh
You should even be able to activate verified boot on this device with a few tweaks:
hockeymikey
commented
2 years ago @SkewedZeppelin Very cool. So what's verified boot, does that ensure that say nobody flashes other stuff over the top (or tampers with the system in sinister ways too of course) and its not relocking the bootloader, right? Just wanna get my head around it more, would effect different builds in the future with say Magick and MicroG prepackaged in that case an additional channels for users to pick from.
SkewedZeppelin
commented
2 years ago Verified boot would prohibit any changes to the system partitions, unless they were signed with the same keys. It is only enforcing when the bootloader is locked.
It is actually possible to maintain working Magisk with a bootloader locked, verified boot enabled system. But it isn't something I've personally tried. There is a user here who maintained personal builds that did such, you can skim their repos for related Magisk bits: https://github.com/Geofferey
microG works regardless of any of that. Just apply the signature spoofing patch, have the apk installed, and also the permission whitelist. This repo is a good reference for that: https://github.com/MSe1969/android_prebuilts_prebuiltapks
Here are the signature spoofing patches:
https://wiki.lineageos.org/signing_builds.html#generating-an-install-package