Validate and Re-fake-sign PKGs #31
Comments
|
if this will be added in the future, this allows us to for example, mod entry table without corrupting retail package (breaking signatures that we can't fix)? or this will work only for debug packages? regards |
|
A quick test suggests that retail PKGs are not doing the same thing for signatures as debug PKGs, so my guess is no, you can't resign a retail pkg. |
|
thanks for info regards |
|
As of da9c950 we can now validate some signatures for a Fake PKG using PkgEditor. |
|
rifs question: there i a simple way for validate all types of rifs (debug, retail...)? or we still need more keys regards |
|
Debug RIF signatures can be verified, because we have the debug RIF RSA keys. However, we don't have any of the retail RIF RSA keys, so we can't verify them. Presumably, the public key is in SAMU in order to verify retail RIFs. |
|
thanks for info regards |
There should be a way to validate a fPKG's digests/signatures, and to re-sign in case the PKG was modified. These two systems should work on the same data structure, something like what the PFS builder is using to do inode data block digests
The text was updated successfully, but these errors were encountered: