A cool template for signing LineageOS 20.0 > builds with dev-keys.
- Make sure you have
android-toolsinstalled on your machine. - Clone this repo to
vendor/lineage-priv/keys(on your synced ROM rootdir) andcdto it. - Edit both
subjectvars ongen_keysscript to reflect your data [ref]. - Run it:
$ ./gen_keysIt will generate the certificates (defined in the .data/ folder) in vendor/lineage-priv/keys, the actual keys used to generate the certificates in ~/.android-certs/, and regenerate the makefiles as new entries are added.
Backup AT ALL COSTS your ~/.android-certs/ and vendor/lineage-priv/keys folders AND NEVER LEAK THOSE. Losing these keys could prevent you from updating your LineageOS builds with the same keys, so formatting data would be required. Leakage of these keys can compromise the security and authenticity of your builds, requiring a new pair of keys to be generated.
You can generate a public key which can be used to verify the authenticity of your builds:
- Fork and clone LineageOS/update_verifier
- Run this command:
$ openssl rsa -in ~/.android-certs/releasekey.pem -pubout -out lineageos_pubkey- Push the changes to your fork.