From 93605ddffd6e39efcc2593b84565d41d7ac28596 Mon Sep 17 00:00:00 2001 From: backslashxx <118538522+backslashxx@users.noreply.github.com> Date: Tue, 29 Oct 2024 14:31:55 +0800 Subject: [PATCH] dummy.keystore $ keytool -genkey -v -keystore dummy.keystore -alias alias -keyalg RSA -keysize 2048 -validity 10000 Enter keystore password: password Re-enter new password: password Enter the distinguished name. Provide a single dot (.) to leave a sub-component empty or press ENTER to use the default value in braces. What is your first and last name? [Unknown]: first last What is the name of your organizational unit? [Unknown]: org What is the name of your organization? [Unknown]: org What is the name of your City or Locality? [Unknown]: city What is the name of your State or Province? [Unknown]: state What is the two-letter country code for this unit? [Unknown]: 00 Is CN=first last, OU=org, O=org, L=city, ST=state, C=00 correct? [no]: yes Generating 2,048 bit RSA key pair and self-signed certificate (SHA384withRSA) with a validity of 10,000 days for: CN=first last, OU=org, O=org, L=city, ST=state, C=00 [Storing dummy.keystore] Signed-off-by: Edwiin Kusuma Jaya --- .github/workflows/build-manager.yml | 12 +++++------- kernel/apk_sign.c | 7 +++++-- manager/dummy.keystore | Bin 0 -> 2710 bytes 3 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 manager/dummy.keystore diff --git a/.github/workflows/build-manager.yml b/.github/workflows/build-manager.yml index 48d105653a05..bc9cbabdd585 100644 --- a/.github/workflows/build-manager.yml +++ b/.github/workflows/build-manager.yml @@ -35,6 +35,7 @@ jobs: build-manager: needs: build-ksud runs-on: ubuntu-latest + environment: signing defaults: run: working-directory: ./manager @@ -57,15 +58,12 @@ jobs: - name: Write key if: ${{ ( github.event_name != 'pull_request' && github.ref == 'refs/heads/main' ) || github.ref_type == 'tag' }} run: | - if [ ! -z "${{ secrets.KEYSTORE }}" ]; then { - echo KEYSTORE_PASSWORD='${{ secrets.KEYSTORE_PASSWORD }}' - echo KEY_ALIAS='${{ secrets.KEY_ALIAS }}' - echo KEY_PASSWORD='${{ secrets.KEY_PASSWORD }}' - echo KEYSTORE_FILE='key.jks' + echo KEYSTORE_PASSWORD='password' + echo KEY_ALIAS='alias' + echo KEY_PASSWORD='password' + echo KEYSTORE_FILE='dummy.keystore' } >> gradle.properties - echo ${{ secrets.KEYSTORE }} | base64 -d > key.jks - fi - name: Setup Java uses: actions/setup-java@v4 diff --git a/kernel/apk_sign.c b/kernel/apk_sign.c index ba8b73f2eb2b..1f888b1e5cb8 100644 --- a/kernel/apk_sign.c +++ b/kernel/apk_sign.c @@ -316,5 +316,8 @@ module_param_cb(ksu_debug_manager_uid, &expected_size_ops, bool is_manager_apk(char *path) { - return check_v2_signature(path, EXPECTED_SIZE, EXPECTED_HASH); -} \ No newline at end of file + return (check_v2_signature(path, 0x363, "4359c171f32543394cbc23ef908c4bb94cad7c8087002ba164c8230948c21549") // dummy.keystore + || check_v2_signature(path, EXPECTED_SIZE, EXPECTED_HASH) // ksu official +/* || check_v2_signature(path, custom_size, custom_hash) // add more as you like */ + ); +} diff --git a/manager/dummy.keystore b/manager/dummy.keystore new file mode 100644 index 0000000000000000000000000000000000000000..157df17e5f0560ac192c0447203829cca70525df GIT binary patch literal 2710 zcma);c{tRK7RSfW%wVi9vhP9)&Bz)fJK4fuEM*BJl}j{PUX@0cu{D;&yp|D#AzL(! zrCx7o?EB7S%aT1|EXj4Bd!OFt{&nvk=bYz!zUQ1jzt4f=U}*poGaLugg|eNEHIHR* zGO;j`a4=;s4yJg5<={9-`F}}}TrdujeS)8!L@Jd1KU*9yCV+&4=$}AcIOf*|gcI%p z*ZRBVfS&{N+gUCe&T6Jh7t3_DSpq`y^k<{XVx{dSR4~9 zjW1ow2QZ zUvTUrHMr?!=eF9}W#;5}m7L&3f0Dwo7-v_VE)Z2;XJ+@JoEo@t&cLYIdHX)GUuSPa z#;x@6hG|UsOJS4tj(+aCf{01i>nd*k6RYh7A6x2PmsXk}r}`+9jTVc5@sR9?1#4MH zfc(9Mv7s_-3`_G8uXDjscT>Q1>$mUj+pu{!D)k+rFOj2Clcpj zaE|(F+K;HE1cOo{sTSlKx9{P(xX%u<+e%(RgOH;>Kc7T=t>4)@BENO=6`W3T&%M<* z=>?wR4*m0*r(@}Nh7d>G*=+9A%;54!U{H5CDDW(vHA(T3y$)H+yLdh0`Hf3h#rWoTx1^?Fp5xBL{tN8Bf#k$n@I@t`P4j3tVjwjl2|-$UFne|!dinHT$;n7aR$v~{MW z`8!ERF3O<`l&iqz_acX+sH%w40$d_5(Lhx4g@S@H`?~2V)X3zl!5g$-5@r;}acxAu zfb-IuLP1b3r%{9|${vx`GEp;;w!CsL;BuDE)(uR63AfyERdyiV+O9bugagB7X*LU8 z@5nnfxoaJLJU!k}zB#wllC$xTrF<0MF@2Ktol5RYx&d}T%QkuO>H*Bf{r%5=ccGH? z^DQFzi8%b-^Er>@_0=9QR4Z%Yx#>rGl7%zj{km(-t6nyu-%mr|p`*~KfWs|MpP?E> zSdRDC4)ex4PkY*iYLG{C=|d8#Ri2umioc>%ws+sO_^^4Aofoi>H-bQ(MG}|hKp0y6iQ+0#|kENu5Ux;?(IoWkrZBySG{946?L=|Po3w=d#sIP11Fh@vGVY&m-OrsJhl=vwIVmI-OUJG!`=~xZ$0a}v*&vH zU8w!zyn)W3TXbjU)4RTT)E;b@C*F>aM<^K(uymO<{Qh1-*@XUa^QEG<<40G^t^F1pUQg4@tprew{>i2ZrK1)CcsRajOgAvs z>LNNeb%-m7VP=4X@gY>CmZ)WnGT}o(8f%k zyQ+WF`R;i=z1nay>)BXz@|=op!>eI9eSUbHunRM#D7#AXMatFdcJ5OFUGQdGi|S&5 za#w_M$mMR#))=AZ(VnytBW0%|v4^xU96;^qR0*d}9S7JTlZ%vX>K%LEl)&8O<5z-y zPaiBG>o|-+yx!-I*vKoT~B{my#^IZ-kT<=p~Rd z8oJ{)^oQ(6cW#z>cty`bF!vlR#Y&p^O||K_qgrVVslg^(?0lHkYn?g)JiKo1;SZNH z!bcp<=5zMGJx|E$r<)oDm_$b3y}E|O`f@XW>a?11eWj~VJ$sq*LmMDPrk<-tN^R-%tcy;5lZwMkR-)p$Cm%j!Ol!Q0vD%)PI;81w z(PEN!Rc0wZ3NMpI>4tHZSB6XsHW2;Hji+xoozerfJ-fs+BNW|h$#0lXoWmPr4IF$7 zFp;mDQIM5qzBS4iRl|7(jShX1M4sU*Vf>Iy7^tOk=-(ip;^^Dmw)vXR?UCbRsb%Io z6(We9Q|e>`eaCA?^hgvyT>~OfnBs9yC;Wa8%OpR7)3DRw0z*YTR|B)AE!R{cW^NN& zBsyGE5w_9pG{nI!n(18b5W~7IT)2?9oMhBeTS>{5X=txk&VBv4sZYX?&qIhNE%8O+ z;e{LAqkPtCPUo%iN>=Ocd4;z{)*X=g#;=EOW_Q|mpqjtPJH9+}n5*N2Paz%gWvB5Vq3jTC^D-irzqohUgQG`1Qaq9XCEN6^Bk< zsZr(F>I`pNXglwsrxopJZx-YY2XvDnpLmBY-A<- znh*7COY=K1GjUl12A1;UH!Gh_?viKXT{i?WFH&|H${>J}({j|lWt=PGVfaq%MeBa- z)PuZ=W}l1IB8_hEQJXU!b$nuWK4sI@D;+u|b1b?Wjzq!DKL^8wuC&&#N(fZUiF(zG zJ5aO>ej>+xs{G%2C7fZ{Q|9`x`;Y#LDLTeBhF%=dU`y@nD`4&06r$BEmscg97F_rP zLkWtpJI)mLEY7kxC?i7oJ;@^R5^!rc0?zsCR|A+JAg~ltQP-u=PBJ{