Signature question

[melontini]

Hello again. 😅

This might be a silly question, but...

While I was messing around with the lk. server, I noticed that changing the model also changed the signature part of the key. I assume that the same thing happens on the lkf. server.

Does this mean that if I edit the serial and model encoded in the key and somehow write the key to reserve1, the fastboot test will pass?

[turistu]

I assume that the format of the unlockCode is signature of $stuff + $stuff (everything hex encoded); if the $stuff changes, the sig changes too. If you modify the $stuff, the sig will not match anymore.

And if the sig is based on some kind of asymmetric crypto algorithm (as I suspect it is), then you cannot just modify & re-sign it -- unless you trick the unlock server or its operators into leaking the private key ;-).

I may be of course totally wrong -- I haven't spent much time over that, because I had assumed that it's not possible to just modify the opporeserve1 or other partition without rooting the phone; it would be too easy if it were.

somehow write the key to reserve1

Are you able to do that on a locked phone?

[rapperskull]

Are you able to do that on a locked phone?

Technically, you should be able to do that with the MSM tool (or at least a modified version), but as of today I think there's no way to access it without paying someone for an access code.

[melontini]

This makes me wonder why the check passes if that's the case. Since we do send a different model from our own.

But would that matter with an X.509 certificate anyway? I only have a super basic understanding of how they work, but as far as I understand the signature is just validation with no additional info attached...?

Although my "game theory" is based on the assumption that they use the same server software just with a different whitelist.

As per writing, not really sure. Maybe it's possible with EDL, but reserve1 might be md5/sha checked, since it's a firmware file. Or maybe it's possible to have a fake server setup with a domain redirect, since you have mentioned that the app doesn't do any validation. That's insane amount of effort for something that may not work.

[turistu]

Maybe I'm not getting what you're trying to say (and I don't get what X.509 has to do with it ;-)), but a crypto signature of some piece of data is just like a checksum / hash, the difference being that a) you need a private key to generate it, b) you need a public key to verify it, and c) you're not supposed to be able to fake it.

If everything works as I assume, then the unlock server is using a private key to sign that piece of data (which used to include only the serial number, but now has changed to also include the model name + some other garbage), and the bootloader uses the public key to verify it before checking its content.

This makes me wonder why the check passes if that's the case. Since we do send a different model from our own.

The generated unlock code did NOT use to include the phone model. And, apparently, the bootloader on some phone models only cares about the serial number, ignoring the rest.

[turistu]

Are you able to do that on a locked phone?

Technically, you should be able to do that with the MSM tool (or at least a modified version), but as of today I think there's no way to access it without paying someone for an access code.

Being able to write to the oplus/opporeserve1 partition via EDL would open a wealth of possibilities. It would be great to know if it's at all possible (without paying anybody anything, of course ;-)).

[melontini]

Yeah, I probably missed the plot on this one, sorry.

I mentioned X.509 because the VerifyHashWithRSASignature function references this protocol: gEfiQcomASN1X509ProtocolGuid, but I think I misunderstood how this system works.

As per the model, I know that they append the model with the new system. Do you also mean that they started using it to generate the signature itself? This would be pretty sad, since it breaks both the bypass and all the discontinued devices.

[turistu]

This would be pretty sad, since it breaks both the bypass and all the discontinued devices.

Unless they bring up back their server, my hack is pretty much dead anyways.

But as long as the lk. server still works, I think it may be possible to trick it into generating a working unlock code (by taking advantage of how shoddily implemented their server code is -- more on that later).

But that's utterly useless if there's no way to write that code inside oppo/oplusreserve1 ;-(.