Page 13 of 15

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 22 Feb 2017, 21:29
by parrotgeek1
critor wrote:
parrotgeek1 wrote:
critor wrote:Where are the signature keys in Boot2 4.0.3.49 and 3.0.0.0DVT ?
I suppose ControlX could just patch them when you'd like to install+run a DVT OS. :)

cant find them, sorry

Ok, found several of them.

For 1024-bits RSA keys, search for :
Code: Select all
30 81 89 02 81 81 00 [128 bytes: the key] 02 03 01 00 01

There is one in the CX 3.0.0.0 DVT Boot2 image.

For 2048-bits RSA keys, search for :
Code: Select all
30 82 01 0A 02 82 01 01 00 [256 bytes: the key] 02 03 01 00 01

There are 7-8 of them in all tested CX/CM Boot2 images.
I don't know which one is used for the OS.

parrotgeek1 wrote:have you found nboot vulnerability fix for boot1 yet? I need it, see above

For Boot1 3.0.0.0 DVT ?
Sorry, I don't know how to patch it. :(


No, for 3.0.0.99. I am loading a modified copy of boot1 INSTEAD of boot2.

Interesting about the different CM key.

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 22 Feb 2017, 21:30
by parrotgeek1
critor wrote:Ok, CX Boot2 DVT and production have both following 2048-bits keys :
- BA EA ...
- A5 4F ...

CX DVT Boot2 3.0.0.0 is using the BA EA... key to validate TI-Nspire.cer.

CX production Boot2 are using the A5 EF... key to validate TI-Nspire.cer.

CM Boot2 don't have the A5 EF... key, but a D3 C1... key used to validate TI-Nspire.cer.

That's why CX Boot2 4.0.3 with ControlX currently cannot launch CX DVT or CM OSes.


Do you mean A5 EA or A5 4A? You said both.

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 22 Feb 2017, 22:09
by critor
A5 4F, sorry.

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 22 Feb 2017, 23:54
by critor
Ok, new ControlX option let you switch your calculator between release and development modes :
Image Image

In development mode, you can install and run development OSes, like the CX 3.0.0.1045 OS with the integrated theme editor. :bj:

This is done by patching the 2048-bits RSA keys used for validating TI-Nspire.cer in the Boot2.

It should be possible to install and run CM OSes soon, as the problem is also related to different RSA keys.

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 23 Feb 2017, 00:30
by parrotgeek1
critor wrote:Ok, new ControlX option let you switch your calculator between release and development modes :
Image Image

In development mode, you can install and run development OSes, like the CX 3.0.0.1045 OS with the integrated theme editor. :bj:

This is done by patching the 2048-bits RSA keys used for validating TI-Nspire.cer in the Boot2.

It should be possible to install and run CM OSes soon, as the problem is also related to different RSA keys.

Speaking of development OSes, how did you convince TI to send you newer ones?! They didn't when I asked.

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 23 Feb 2017, 00:42
by critor
3.0 DVT OSes were dumped on prototypes.
TI did share DVT OSes privately for the first and last time in 2011, versions 3.6.

I apparently didn't manage to convince them, since I never got more recent DVT Oses.

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 23 Feb 2017, 01:22
by parrotgeek1
critor wrote:3.0 DVT OSes were dumped on prototypes.
TI did share DVT OSes privately for the first and last time in 2011, versions 3.6.

I apparently didn't manage to convince them, since I never got more recent DVT Oses.

I mean, WHY did they share DVT OS? Did you ask?

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 23 Feb 2017, 01:28
by critor
We did, yes.

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 23 Feb 2017, 01:54
by parrotgeek1
critor wrote:We did, yes.

Interesting. I guess they trust you.
Is that the "3.2.0.776" on wiki?

Re: Patching 4.4.0.532 CAS to run on Non-CAS

Unread postPosted: 23 Feb 2017, 16:04
by critor
3.2.0.776 is a DVT OS, yes.