Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-10-30 14:09:00 -04:00
Code Issues Projects Releases Packages Wiki Activity
DivestOS/Scripts/Generate_Verified_Boot_Hashes.sh
Tad e666a4a891 Update CVE patchers 
TODO: maybe split CVE-2022-23960/4.9 to get back?

Signed-off-by: Tad <tad@spotco.us>
2022-04-19 14:38:44 -04:00

45 lines
2.1 KiB
Bash
Raw Blame History

#!/bin/sh
#grep "verity\.mk" Build/*/device/*/*/*.mk -l
VERITY_DEVICES=('Amber' 'angler' 'bullhead' 'cheeseburger' 'cheryl' 'dragon' 'dumpling' 'flounder' 'marlin' 'mata' 'oneplus3' 'sailfish' 'shamu' 'z2_plus');
#grep "AVB_ENABLE" Build/*/device/*/*/*.mk -l
AVB_DEVICES=('akari' 'alioth' 'aura' 'aurora' 'avicii' 'beryllium' 'blueline' 'bonito' 'bramble' 'coral' 'crosshatch' 'davinci' 'enchilada' 'fajita' 'flame' 'FP3' 'guacamole' 'guacamoleb' 'hotdog' 'hotdogb' 'lavender' 'lmi' 'pro1' 'raphael' 'redfin' 'sargo' 'sunfish' 'taimen' 'vayu' 'walleye' 'xz2c');
#TODO: Make this a function?
echo "================================================================================";
echo "Verity Keys";
echo "================================================================================";
for f in */verifiedboot_relkeys.der.x509
do
device=$(dirname $f);
if [[ " ${VERITY_DEVICES[@]} " =~ " ${device} " ]]; then
echo "Device: $device";
sha1=$(cat $f | openssl dgst -sha1 -c | sed 's/(stdin)= //' | tr [a-z] [A-Z]);
sha256=$(cat $f | openssl dgst -sha256 | sed 's/(stdin)= //' | tr [a-z] [A-Z]);
#echo -e "\tSHA-1:"; #TODO: Figure out how this is actually calculated, perhaps lacks the actual certificate infomation due to mincrypt?
#echo -e "\t\t$sha1";
echo -e "\tSHA-256:";
echo -e "\t\t${sha256:0:16}";
echo -e "\t\t${sha256:16:16}";
echo -e "\t\t${sha256:32:16}";
echo -e "\t\t${sha256:48:16}";
fi;
done
echo "================================================================================";
echo "AVB Keys";
echo "================================================================================";
for f in */avb_pkmd.bin
do
device=$(dirname $f);
if [[ " ${AVB_DEVICES[@]} " =~ " ${device} " ]]; then
echo "Device: $device";
sha256=$(cat $f | openssl dgst -sha256 | sed 's/(stdin)= //' | tr [a-z] [A-Z]);
#echo -e "\tID:"; #Not really needed
#echo -e "\t\t${sha256:0:8}";
echo -e "\tSHA-256:";
echo -e "\t\t${sha256:0:16}";
echo -e "\t\t${sha256:16:16}";
echo -e "\t\t${sha256:32:16}";
echo -e "\t\t${sha256:48:16}";
fi;
done
echo "================================================================================";
Reference in a new issue View git blame Copy permalink