Factory Reformat Tool - Dev Cert

CyanLabs has 1U5T-14G386-BB 3.2.17209 Factory Reformat Tool - Dev Cert.
As the name implies, the major difference is a certificate. This package contains one with

subject=/C=US/O=Ford Motor Company/CN=Ford Motor Company DEV Internal SyncGen3 Issuing CA
issuer=/C=US/O=Ford Motor Company/CN=Ford Motor Company DEV Internal Offline Policy CA

It easy to check that signature validation fails with regular production package (take Version.der from any official package)

openssl smime -verify -inform DER -in ./Version.der -CAfile ./extracted-1U5T-14G386-BB/etc/security/ford_cert.pem -partial_chain -purpose smimesign -out ./Version.inf

Update_radio.sh scripts are the same. So, I bet that after launching this reformat tool you wouldn’t be able to install regular SYNC package due to signature validation failing, would you?

Another difference is that the DEV version contains telnetd and devnp-asix.so. It might be possible to use AX88772 based usb ethernet adapter and replace certificate with a production one. But I am afraid of bricking my APIM and wouldn’t like to try it.

This tutorial states that DEV version should be used. But this one recommends to use production one. Also there is a mismatch between the recommended downgrade versions. Is there a mistake? I used a production version (1U5T-14G386-CB) with 3.4.19200 and it worked for me.

My question: what is the intention for this DEV version, do we have any other package signed with DEV certificate? Did anyone launch this reformat tool?

You would need to modify your SYNC APIM in the first place to be able to run this Dev package.
You need to have a APIM with a Dev Cert (AKA a Development APIM not a Production one)

If you modify the package you break the signature check, if you can somehow get AX88772 working prior to modification then you could in theory replace the cert, but at that point you have no need to be modding the unit as you already have access.

That seems to be a typo and i have since corrected it, thanks.

it’s a package on Ford servers, just like any other known package they are in my DB, it’s intention is for Developer APIMs as above. You can’t launch it.

Copy and paste error on my part. Funny spellcheck didn’t get that… :grinning: