Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 01-22-2010, 04:11 AM   #1
ppe
Junior Member
ppe began at the beginning.
 
Posts: 4
Karma: 10
Join Date: Jan 2010
Device: kindle dx gw
Kindle DX global packaging + signatures

Hi,

My kindle dx global arrived today and I've been browsing this board and associated blogs since then. Its unfortunate that the documentation is scattered like this.

Anyways, I managed to get the usbnet package working. The DX global has a new deviceCode '05', so maybe jyavenard can release a new packager that uses kver=5 in case of DX global.

Can somebody pls explain to me (or better yet, document somewhere) the use of signatures on the kindle? I saw the --ex option and from examples in this forum I assume I have to use it. But I didn't really find anything on what it actually does and the packager README is not very clear at this point. Looking at the code, it appears it adds some kindle RSA key back into a keychain.

I also read that I have to remove the custom updates to appy an amazon update. But these updates all appear to be incremental, so most of the time this should not be technically necessary? Whats the issue here and how can it be fixed? How about using a more elaborate packaging system like ipkg.
ppe is offline   Reply With Quote
Old 01-22-2010, 07:39 AM   #2
jft
Enthusiast
jft began at the beginning.
 
Posts: 43
Karma: 10
Join Date: Jan 2010
Location: Germany
Device: Kindle DXi
See the author's comments for detailed information about his own creation

Edit: Great. The kver trick works like a charm. Thx.

For everybody else:

* get usbnetwork23-0.10.tar.gz
* delete update_usbnetwork-dx.bin
* in kindle_update_tool.py change kver=4 to kver=5 in line 333 and 358
* "make update_usbnetwork-dx.bin"

The last part should be clear.

The other hacks can be treated in the same way.

Last edited by jft; 01-22-2010 at 10:57 AM.
jft is offline   Reply With Quote
Old 01-23-2010, 01:56 AM   #3
jyavenard
Zealot
jyavenard has a complete set of Star Wars action figures.jyavenard has a complete set of Star Wars action figures.jyavenard has a complete set of Star Wars action figures.jyavenard has a complete set of Star Wars action figures.
 
Posts: 141
Karma: 383
Join Date: Sep 2009
Device: Kindle 2
Hi n

I will update the packager to support the DX international this week-end
jyavenard is offline   Reply With Quote
Old 01-23-2010, 07:36 AM   #4
ppe
Junior Member
ppe began at the beginning.
 
Posts: 4
Karma: 10
Join Date: Jan 2010
Device: kindle dx gw
What about the version and signature things? Yes I saw all the blog posts. But unless I overlooked something, there is no explanation in there.

Also, my dropbear server (taken from 0.10 package) either dies or actively kills the connection about 30 seconds after login. Any clues about that?
ppe is offline   Reply With Quote
Old 01-23-2010, 08:13 AM   #5
jft
Enthusiast
jft began at the beginning.
 
Posts: 43
Karma: 10
Join Date: Jan 2010
Location: Germany
Device: Kindle DXi
Ok. So here are the details about the sigs:

Quote:
he difference with earlier Kindle is that now each file in the package must be signed.
The signature is then checked against the RSA key installed in the ROM.

Unfortunately, there's no way to bypass that check .

So what we first do is install an extra RSA key in the device.
that's what the update file update_freekindle.bin is for.

update_freekindle.bin uses a "feature" (some would call it a flaw) of the tar compressor. Kindle binary package are just gzipped tar files slightly encrypted as discovered by Igor Skochinsky. When extracting the content of the update, the Kindle simply call tar on it.

Tar follows simlinks ; and we use this to write where we're not supposed to.
Quote:
What this package does is add our key to the list of keys available. So next time the Kindle will check the signatures of the files we are installing, the verification process will succeed.
And here is the funky part of the script:

Code:
# Create fake symlink
        namedir = '__dir' + str(random.randint(1000,9999))
        tarinfo = tarfile.TarInfo(namedir)
        tarinfo.type = tarfile.SYMTYPE
        tarinfo.linkname = KINDLE_HACK_DIR
        tar.addfile(tarinfo)
        
        # Create new key
        fd , tmpfile = tempfile.mkstemp()
        fs = os.fdopen(fd,"wb")
        fs.write(NEW_KEY)
        fs.close()
        tarinfo = tar.gettarinfo(tmpfile, arcname=namedir+'/'+KINDLE_HACK_KEYNAME)
        add_tarfile(tarinfo, tmpfile, tar)
        os.remove(tmpfile)
So a symlink in the tar is created that points to the dir on the kindle that includes the amazon public key. Also an entry with "our" public key in the symlink dir. Tar on the kindle extracts the symlink and then "our" key into the folder the symlink points to. Now the Kindle approves the signatures of the files included in the tar (created with "our" private key).

The public key has to be exchanged because we do not have access to the private key of amazon and so could never create valid signatures.

See wikipedia for detailed information about signatures.

Last edited by jft; 01-23-2010 at 08:19 AM.
jft is offline   Reply With Quote
Old 01-23-2010, 05:57 PM   #6
jyavenard
Zealot
jyavenard has a complete set of Star Wars action figures.jyavenard has a complete set of Star Wars action figures.jyavenard has a complete set of Star Wars action figures.jyavenard has a complete set of Star Wars action figures.
 
Posts: 141
Karma: 383
Join Date: Sep 2009
Device: Kindle 2
I have updated the packager to support the Kindle DX international from the info in that thread.

Note that I do not have one, and as such this is completely untested.
http://www.avenard.org/kindle2/packager-0.8.tar.gz
jyavenard is offline   Reply With Quote
Old 01-27-2010, 09:20 AM   #7
jft
Enthusiast
jft began at the beginning.
 
Posts: 43
Karma: 10
Join Date: Jan 2010
Location: Germany
Device: Kindle DXi
One comment to the timeout:

kill the netwatchd service ("/etc/init.d/netwatchd stop").

This daemon monitors the net access (actually the accessibility of www.amazon.com) and resets all connections if it detects a network failure.

As you enable usbNetwork you also set the default route to the usb interface. Bang.

Last edited by jft; 01-27-2010 at 10:18 AM.
jft is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Newspapers in Kindle 2 Global? guess32 Amazon Kindle 9 01-12-2010 05:08 AM
Kindle DX with Global Access? rcuadro News 1 01-05-2010 09:41 AM
Kindle DX Global coming soon? Flub News 0 01-05-2010 04:59 AM
Ended Amazon Kindle 2 With Cover And Original Packaging ifonline Flea Market 3 09-18-2009 12:35 PM


All times are GMT -4. The time now is 01:26 AM.


MobileRead.com is a privately owned, operated and funded community.