Signature Files for /e/OS builds

Hello everyone,

just wanted to ask a quick question on why there are apparently no signature files and corresponding keys available for the different ROMs out there? There’s the checksums, but they don’t provide a proof of authenticity. Particularly for a privacy focused OS like /e/OS this seems like a strange choice.

Is it not necessary and I’m too paranoid or are there complications with the many ROM-Maintainers out there having to sign all this? Am I overlooking something completely?

It would be great to have an answer on this, as I couldn’t find anything on this forum or the wider internet.

Best Regards and thank you all for your amazing work!

the zips are not separately signed again on the images host - but you can verify the build key that the zip is internally signed with. /e/ should release the pubkey to their releasekey centrally. Then you could obtain that through TLS from a different host than images.ecloud.global and/or ask a handful existing users to post the pubkey. That protects against a compromise of the images host, but obviously not the build system.

When you have the pubkey, you can use it with https://github.com/LineageOS/update_verifier to verify flashable zips / OTAs (TIL Lineage has an online method).

1 Like

source: /e/OS release pubkey from my phone install

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP8l6FVxWggRjkLeKCGS
ux7B7xoK5/SDTsndflp4kkVSorPCiLvZwWB+eG1EnM90GoQQNgzB4HnlhV4WYnZ7
0v2X+pbmndoNou4FEE3BQn6HWjwXwRxkj7gJ9V2V5Sozf6z+ZpGsIO6G8UdXJ/Sq
qrpO1Kpdv2KIAFl3uw3NGIIpYRNvS2Zan614JlqP1aYsX6ppPpmSKznkCID0Gjv7
BAMvkI6IRKT5mvAplr2XS9u8ikALaeOI5NjbVnh9JRUYuxpT5sMw03hmEV93H7QU
rWaP4H8zqOSPH55ezum4I/CHhY3x7uR/3cH3iU6TgRmj8rjcFaw1epPXplx4UtQs
aQIDAQAB
-----END PUBLIC KEY-----

quick HOWTO for existing users that trust:

adb pull /system/etc/security/otacerts.zip
unzip otacerts.zip
openssl x509 -in releasekey.x509.pem -noout -pubkey > eelo_pubkey
python3 update_verifier.py eelo_pubkey e-2.0-r-2024061102000-dev-codename.zip

or compare the full key or fingerprint to other users

openssl x509 -in releasekey.x509.pem -noout -pubkey -outform DER | openssl sha256 -c
SHA2-256(stdin)= af:c0:79:f3:1a:28:4b:a2:c1:9a:0b:46:33:49:75:0d:5d:1d:f3:c7:f5:9b:84:8a:89:fb:20:e7:52:ec:66:de
2 Likes

Thanks for the quick and thorough reply!

I will need some time to try all this and see if it works for me, but at least from what I can make out at first glance your answer is more than I could have asked for! Again, many thanks, will probably close the topic soon :slight_smile:

To add to what @tcecyk wrote

/e/OS release pubkey can also be found in the downloadable .zip under /your-eOS-ROM/META-INF/com/android/otacert if you don’t have a phone running /e/OS already.

I generated the checksum using this file and got the same hash value as @tcecyk

openssl x509 -in otacert -noout -pubkey -outform DER | openssl sha256 -c
SHA2-256(stdin)= af:c0:79:f3:1a:28:4b:a2:c1:9a:0b:46:33:49:75:0d:5d:1d:f3:c7:f5:9b:84:8a:89:fb:20:e7:52:ec:66:de

I don’t know if this thread is the right place for it, but I’d welcome people sharing their hash values here so others can compare/verify theirs. Still, it would be great to have a central resource for image signatures.

docs on OTA signing are here - https://source.android.com/docs/core/ota/sign_builds

A signed target-files zip can be converted into a signed OTA update zip

In my current understanding of that docs section, the releasekey verifies the whole ota zip via a signature in a file footer. It does as fallback (if no other key was supplied for this) also sign individual apks in the image before being bundled into the ota zip - but that is already secondary.

to clarify, that is the (sha256) fingerprint of the rsa pubkey just for comparison, not an image-file checksum. Verifying the signed zip file contents happens in update_verifier.py at rsa_pkcs1v15_verify() where “message” is the zip-file minus the signature byte length