| Hi
these phones have new authentication system (done by Xiaomi)
i call it SIG, because them added new command to his Firehose programmer's.
Things to need to know:
1. QC was always implemented SW_VERSION (RollBack) tag in his certificate
validation schema, but nobody was used it before (Except Samsung and LG)
2. After FireHose is Validated, OEM manufacturer is free to add his own
secondary authentication (First was introduced in old SE phones which was need
SE validation card, now old golden idea was taken by Xiaomi and auth protocol
moved to server)
So what in fact we can do:
1. Need to Have FireHose Programmer signed to current eFuse Value
with sme HW_ID and Higher or Same SW_ID (Included RollBack Version)
tags without a SIG authentication extension.
Here is importan RollBack Version, is activated then tag value is > 0
How we can recognize it:
Unfortunatelly Sahara Protocol, not let us to read SW_ID tag and
choose right RollBack Satisfied Firehose Automatically
Fast boot "getvar:all" will show "RollBack Version" or "Anti" Variable
who reflects RollBack (SW_VERSION) value
How to check is FireHose Ready to do jobs:
Jus Open it wih notepad and look for "SW_ID"
Here You will see Hex Value string: 0000000200000003 SW_ID
Here You see RollBack (SW Version) = 2
So with this FireHose can serve : RB: 0, 1, 2 and cannot work with 3, 4, ...
How to see is FireHose Need Xiaomi Authentication or not
is same open with note pad and search for this string: "sig "
(white space is important here)
if not found "sig " - you are lucky: this FireHose not need it.
And for sure do not forget that Root CA HASH must be same as is in eFuse (QFPROM) |