Quote:
Originally Posted by nicolasmart
I don't know am I doing something wrong or KindleTool has some problems but I'm trying to sign the recovery2 package of a stock 5.8.10 with the pubprodkey02.pem (just to check would it install if it ever was unpacked) and when it's done, it says "unknown bundle". If I sign it with developer key or pubprodkey01.pem it works but the Kindle doesn't like that one (the certificate used from Amazon is pubprodkey02.pem) and it gives me Update Error 4.
When I give KindleTool argument "-k" and link it to the psig certificate I extracted from the original firmware, KindleTool just overrides my key with the default one.
Could someone tell me if they had that problem with KindleTool before?
|
You cannot sign the packages with the
pubprodkey01.pem - that is the
public
production key part of a public-private keypair. Amazon holds the private key and does not give it out... that is the whole point.
The signatures are generated with amazons private key when they make then. then the updates are checked by using the public key with some mathematics I do not understand.
KindleTool probably has an error using the public key as a private key, and fails, defaulting to the developer private key that the folks on this forum have put together.
If we could sign things with amazons production key, we wouldn't need to jailbreak
