ROM签名盒子刷机解包打包签名工具_rom签名工具,机顶盒刷机包签名资源-CSDN文库

共10个文件

exe：4个

jar：3个

pem：1个

ROM签名

固件签名

解包打包

5星 · 超过95%的资源需积分: 50 139 浏览量 2022-04-06 18:12:07 上传评论 3 收藏 3.41MB RAR 举报

ROM签名，固件签名，以及解包打包是Android系统开发中的关键步骤，尤其在盒子刷机过程中至关重要。本文将深入探讨这些概念，并介绍相应的工具及其使用方法。 ROM签名是指对Android ROM进行数字签名的过程，以确保其来源可信且未被篡改。在Android系统中，每个安装的应用和系统组件都需要对应的有效签名才能正常运行。ROM签名主要使用APKSigner或V2签名方案，这些工具能生成公钥和私钥对，私钥用于签署ROM，公钥则在设备端验证签名，确保安全。固件签名则是对设备上的固件图像（如bootloader、kernel、recovery等）进行签名，目的是保护固件不被非法修改，确保设备安全性和稳定性。固件签名通常涉及使用特定的签名工具，如fastboot或mke2fs工具，它们会利用密钥对固件进行加密签名。解包打包是Android开发中的常见操作，主要用于查看、修改和重新构建ROM。这个过程涉及到对ZIP格式的ROM文件进行解压，修改其中的文件，然后重新打包成可刷入设备的格式。常用的工具有WinRAR、7-Zip或专门的Android工具如SDK Platform Tools中的`zipalign`和`aapt`。`zipalign`优化APK的内存对齐，提高运行效率，而`aapt`处理资源文件并生成对应的R类。对于"盒子刷机"，这里通常指的是智能电视盒或其他基于Android系统的设备。这类设备的刷机过程往往需要先解锁bootloader，然后使用fastboot工具刷入新的kernel或recovery，最后通过Odin、TWRP或ClockworkMod Recovery等工具刷入签名过的ROM。这个过程需要开发者具备一定的技术知识，同时也需要谨慎操作，以免导致设备变砖。签名工具是完成上述任务的关键。这些工具可以生成签名文件，对ROM或固件进行签名，也可以帮助开发者解包、打包和调整ROM。例如，APKSigner用于签署APK文件，JTags则可以对整个系统固件进行签名，而WinRAR或7-Zip则用于基本的打包解包操作。 ROM签名、固件签名和解包打包是Android系统定制和设备刷机过程中的基础步骤，涉及到安全验证、系统稳定性和个性化需求。理解并熟练掌握这些工具和流程，对于IT专业人员尤其是Android开发者来说至关重要。在实际操作时，务必遵循安全规范，备份好原始数据，以免造成不必要的损失。

资源详情

资源评论

资源推荐

收起资源包目录

盒子刷机ROM签名工具.rar （10个子文件）

签名工具

tools

testkey.pk8 1KB

signapk.jar 20KB

7za.exe 584KB

cecho.exe 26KB

lib

bcpkix.jar 585KB

bcprov.jar 2.61MB

busybox.exe 593KB

signapk-README.java 23KB

testkey.x509.pem 2KB

签名工具.exe 251KB

/* * Copyright (C) 2008 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.signapk; import java.io.BufferedInputStream; import java.io.BufferedReader; import java.io.ByteArrayOutputStream; import java.io.DataInputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.FilterOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.io.PrintStream; import java.io.RandomAccessFile; import java.security.DigestOutputStream; import java.security.GeneralSecurityException; import java.security.Key; import java.security.KeyFactory; import java.security.MessageDigest; import java.security.PrivateKey; import java.security.Signature; import java.security.SignatureException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import java.security.spec.PKCS8EncodedKeySpec; import java.util.ArrayList; import java.util.Collections; import java.util.Enumeration; import java.util.List; import java.util.Map; import java.util.TreeMap; import java.util.jar.Attributes; import java.util.jar.JarEntry; import java.util.jar.JarFile; import java.util.jar.JarOutputStream; import java.util.jar.Manifest; import java.util.regex.Pattern; import javax.crypto.Cipher; import javax.crypto.EncryptedPrivateKeyInfo; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; import sun.misc.BASE64Encoder; import sun.security.pkcs.ContentInfo; import sun.security.pkcs.PKCS7; import sun.security.pkcs.SignerInfo; import sun.security.x509.AlgorithmId; import sun.security.x509.X500Name; /** * Command line tool to sign JAR files (including APKs and OTA updates) in * a way compatible with the mincrypt verifier, using SHA1 and RSA keys. */ class SignApk { private static final String CERT_SF_NAME = "META-INF/CERT.SF"; private static final String CERT_RSA_NAME = "META-INF/CERT.RSA"; private static boolean VerboseMode = false; // Files matching this pattern are not copied to the output. private static Pattern stripPattern = Pattern.compile("^META-INF/(.*)[.](SF|RSA|DSA)$"); private static X509Certificate readPublicKey(File file) throws IOException, GeneralSecurityException { FileInputStream input = new FileInputStream(file); try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); return (X509Certificate) cf.generateCertificate(input); } finally { input.close(); } } /** * Reads the password from stdin and returns it as a string. * * @param keyFile The file containing the private key. Used to prompt the user. */ private static String readPassword(File keyFile) { // TODO: use Console.readPassword() when it's available. System.out.print("Enter password for " + keyFile + " (password will not be hidden): "); System.out.flush(); BufferedReader stdin = new BufferedReader(new InputStreamReader(System.in)); try { return stdin.readLine(); } catch (IOException ex) { return null; } } /** * Decrypt an encrypted PKCS 8 format private key. * * Based on ghstark's post on Aug 6, 2006 at * http://forums.sun.com/thread.jspa?threadID=758133&messageID=4330949 * * @param encryptedPrivateKey The raw data of the private key * @param keyFile The file containing the private key */ private static KeySpec decryptPrivateKey(byte[] encryptedPrivateKey, File keyFile) throws GeneralSecurityException { EncryptedPrivateKeyInfo epkInfo; try { epkInfo = new EncryptedPrivateKeyInfo(encryptedPrivateKey); } catch (IOException ex) { // Probably not an encrypted key. return null; } char[] password = readPassword(keyFile).toCharArray(); SecretKeyFactory skFactory = SecretKeyFactory.getInstance(epkInfo.getAlgName()); Key key = skFactory.generateSecret(new PBEKeySpec(password)); Cipher cipher = Cipher.getInstance(epkInfo.getAlgName()); cipher.init(Cipher.DECRYPT_MODE, key, epkInfo.getAlgParameters()); try { return epkInfo.getKeySpec(cipher); } catch (InvalidKeySpecException ex) { System.err.println("signapk: Password for " + keyFile + " may be bad."); throw ex; } } /** Read a PKCS 8 format private key. */ private static PrivateKey readPrivateKey(File file) throws IOException, GeneralSecurityException { DataInputStream input = new DataInputStream(new FileInputStream(file)); try { byte[] bytes = new byte[(int) file.length()]; input.read(bytes); KeySpec spec = decryptPrivateKey(bytes, file); if (spec == null) { spec = new PKCS8EncodedKeySpec(bytes); } try { return KeyFactory.getInstance("RSA").generatePrivate(spec); } catch (InvalidKeySpecException ex) { return KeyFactory.getInstance("DSA").generatePrivate(spec); } } finally { input.close(); } } /** Add the SHA1 of every file to the manifest, creating it if necessary. */ private static Manifest addDigestsToManifest(JarFile jar) throws IOException, GeneralSecurityException { Manifest input = jar.getManifest(); Manifest output = new Manifest(); Attributes main = output.getMainAttributes(); if (input != null) { main.putAll(input.getMainAttributes()); } else { main.putValue("Manifest-Version", "1.0"); main.putValue("Created-By", "1.0 (Android SignApk)"); } BASE64Encoder base64 = new BASE64Encoder(); MessageDigest md = MessageDigest.getInstance("SHA1"); byte[] buffer = new byte[4096]; int num; // We sort the input entries by name, and add them to the // output manifest in sorted order. We expect that the output // map will be deterministic. TreeMap<String, JarEntry> byName = new TreeMap<String, JarEntry>(); for (Enumeration<JarEntry> e = jar.entries(); e.hasMoreElements(); ) { JarEntry entry = e.nextElement(); byName.put(entry.getName(), entry); } for (JarEntry entry: byName.values()) { String name = entry.getName(); if (!entry.isDirectory() && !name.equals(JarFile.MANIFEST_NAME) && !name.equals(CERT_SF_NAME) && !name.equals(CERT_RSA_NAME) && (stripPattern == null || !stripPattern.matcher(name).matches())) { InputStream data = jar.getInputStream(entry); while ((num = data.read(buffer)) > 0) { md.update(buffer, 0, num); } Attributes attr = null; if (input != null) attr = input.getAttr