My latest gadget is a kindle 3, and of course I want to hack it.
It has already been jailbroken using an exploit in busybox’s tar command symlink handling. See here for details and updates. I installed the kindle-jailbreak-0.3.N.zip and kindle-usbnetwork-0.20.N.zip updates to let me ssh in. To enable usbnetwork, go to the "Search" screen and type ";debugOn" followed by enter, and then "~usbNetwork" followed by enter. "~help" gives the complete command list.
There’s an iptables firewall on the kindle by default preventing access to kindle-local servers from outside. However I hacked the usbnetwork scripts installed by the above to disable the inbound ssh firewall so I could just ssh into it over WIFI.
It seems to be a remarkably straightforward linux install. The main kindle applications are all implemented using a normal Java VM (Sun’s "C" Virtual Machine (CVM).
Anyway, I want to write my own kindle apps, Kindlets, as they’re called. Amazon have announced and released a closed beta of the KDK. I’ve applied for this, but never heard anything back. Some other resources are: the API docs, someone else (who has the KDK)’s open source kindlet project, and finally, a KDK emulator. Oh, the Kindle uses (wait for it…) Java CDC Personal Basis Profile (PBP) 1.1, or JSR 217. Javadocs for that are here.
I’m not willing to wait: so I’ve been exploring the system. My first discovery was how to enable full debug logging:
cp /opt/amazon/ebook/bin/start.sh /mnt/us
Edit the start.sh script, and look for the line -Ddebug=1, and change it to -Ddebug=-1 /etc/init.d/framework stop
The kindle framework should start up as normal, but if you tail -f /var/log/messages, it should be far more verbose.
From here, I knew that kindlets were just jar files with an extension of ".azw2". A bit of poking about in the emulator and filing system, I knew that the Kindlet API I want to link against is "/opt/amazon/ebook/lib/Kindlet-1.1.jar". So I copied that off, and built a simple "Hello World kindlet" using eclipse and copied it on the device into /mnt/us/documents. The source is here.
The debug logs showed I was missing some entries from the manifest file for that azw2 file. After some fiddling, I figured out a working manifest for my developer application is:
Implementation-Vendor: Andrew de Quincey
Another cycle of Rebuilding/copying/restarting framework and I now have a "ktest" entry on the main screen with "dev" next to it! However, clicking on it says "The device is not registered as a Test Kindle to run this title. Please ask the developer to add this device to the list of registered Test Kindles.". A bit more grepping in the logs shows that its looking for a developer keystore in /var/local/java/keystore/developer.keystore which is not present.
So, the next step is to determine what should be in that. All the keystores/signing appear to be standard java, so I assume it is just a matter of finding the correct entries to use.
UPDATED: The source to my "ktest" app is here. Also, the jars in /opt/amazon/ebook/sdk/lib/ are also valid to link against for KDK apps; I just pulled them off the device too.