On Wed, Oct 25, 2017 at 12:02 PM, Charlie Huang <
huan....@gmail.com> wrote:
> Hi,Julius.
>
> I've done the re sign as you instructed, but still not working. Do I have to
> at least build once the firmware for my board inside chroot? Or I just
> deploy the crotsdk, and then re sign the recovery image. And Hana is one of
> the latest board, does it still use the same boot loader as before?
> Thanks a lot for ur help.
You are resigning the official recovery image to use developer keys.
You don't need to build any code for this, just resign the official
image you can download. (In fact, your main problem is that you can't
update the firmware directly because you can't boot anything at the
moment... right?) Hana uses newer firmware than Kip, but the basics
about how recovery images are signed have never changed in Chrome OS
history and still apply just as well.
If this doesn't work, confirm that the problem you're seeing is
actually the same as the one from the thread you originally responded
to. When you boot in recovery mode and press TAB, you should see a
line "gbb.recovery_key: c14bd720b70d97394257e3e826bd8f43de48d4ed". Do
you see that (with exactly that hash)? Also, what exactly do you mean
when you say "not working"... when you put your modified recovery
image into the Chromebook does it say "this device does not contain
Chrome OS"?
You can double-check that you did all the resigning correctly by
pasting the output of:
sudo futility show /dev/sdc2 -k /usr/share/vboot/devkeys/recovery_key.vbpubk
(It should say things like "Signature: valid", "Body verification
succeeded" and show a whole kernel command line.)