jnsp
August 13, 2018, 7:08pm
1
After downloading the latest official LineageOS build from here , I wanted to verify the files signature using keytool
and instructions provided by LineageOS here .
$ keytool -J-Duser.language=en -list -printcert -jarfile ~/Downloads/lineage-15.1-20180813-nightly-FP2-signed.zip
Not a signed jar file
Am I missing something or is the build not properly signed?
Roboe
August 13, 2018, 9:50pm
2
Same here:
$ sha256sum -c lineage-15.1-20180813-nightly-FP2-signed.zip.sha256sum
lineage-15.1-20180813-nightly-FP2-signed.zip: OK
$ keytool -J-Duser.language=en -list -printcert -jarfile lineage-15.1-20180813-nightly-FP2-signed.zip
Not a signed jar file
I tried with last 14.1:
$ sha256sum -c lineage-14.1-20180808-nightly-FP2-signed.zip.sha256sum
lineage-14.1-20180808-nightly-FP2-signed.zip: OK
$ keytool -J-Duser.language=en -list -printcert -jarfile lineage-14.1-20180808-nightly-FP2-signed.zip
Signer #1:
Signature:
Owner: CN=LineageOS, OU=LineageOS, O=LineageOS, L=Seattle, ST=Washington, C=US
Issuer: CN=LineageOS, OU=LineageOS, O=LineageOS, L=Seattle, ST=Washington, C=US
Serial number: e10413c773c3c54f
Valid from: Sat Jan 07 05:21:25 CET 2017 until: Wed May 25 06:21:25 CEST 2044
Certificate fingerprints:
MD5: F2:CA:AA:A7:2F:D6:34:FE:70:D7:5C:41:43:6C:5E:14
SHA1: 9B:6D:F9:06:2A:1A:76:E6:E0:07:B1:1F:C2:EF:CB:EF:4B:32:F2:23
SHA256: 51:83:25:EF:7F:96:C0:D1:19:4C:2E:85:6B:04:0D:63:61:66:FF:B8:46:71:7D:72:FA:87:F4:FA:E5:BE:7B:BB
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 72 96 32 27 D6 6C 4C 4D 5F A0 91 6A C2 2C 79 3C r.2'.lLM_..j.,y<
0010: D4 5F 43 5C ._C\
]
]
#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
]
#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 72 96 32 27 D6 6C 4C 4D 5F A0 91 6A C2 2C 79 3C r.2'.lLM_..j.,y<
0010: D4 5F 43 5C ._C\
]
]
So it seems like a 15.1 issue, indeed.
1 Like
Signature is not done anymore with keytool. You can use this here: http://github.com/LineageOS/update_verifier
Kudos to: luca0204008, nicknitewolf, harryyoud to provide me the answer.
Chris
6 Likes
jnsp
August 14, 2018, 11:55am
4
Thanks!
$ python3 update_verifier.py lineageos_pubkey ~/Downloads/lineage-15.1-20180813-nightly-FP2-signed.zip
verified successfully
1 Like
system
Closed
November 12, 2018, 11:56am
5
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.