mirrors/asuswrt-merlin.ng
1
0
Fork 0
mirror of https://github.com/gnuton/asuswrt-merlin.ng.git synced 2025-05-19 16:02:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
asuswrt-merlin.ng/release/src-rt-5.02axhnd.675x/hostTools/imagetools/image.sign

44 lines
1.3 KiB
Perl
Executable file
Raw Permalink Blame History

#!/usr/bin/env perl
use strict;
use warnings;
use bytes;
####
#### This currently assembles images for GEN3 devices with puresqubi ONLY
####
unless ($ENV{SECURE_BOOT_ARCH} eq 'GEN3') {die "Not supported $ENV{SECURE_BOOT_ARCH}"};
sub shell {
if (defined $_[1]) {
print "$_[0]\n";
}
my $res = `$_[0]`;
($? == 0) or die "ERROR: $!";
print "$res";
return $res;
}
print "-- args @ARGV --- \n";
my @args = @ARGV;
my $CFE_ROM = $ENV{WDIR}.'/'.$ENV{CFE_ROM_BN};
my $RSA_PRIV_KEY= $ENV{FLD_KEY};
my $SFX = defined $ENV{FLD_ENC}?$ENV{FLD_ENC}:'';
if ($args[0] eq "mfg") {
$RSA_PRIV_KEY = $ENV{MFG_KEY};
$SFX = defined $ENV{MFG_ENC}?$ENV{MFG_ENC}:'';
if ( $ENV{SECURE_BOOT_TURNKEY} eq "y" ) {
$CFE_ROM = $ENV{WDIR}.'/'.$ENV{CFE_ROM_TK_BN};
}
}
#
# Generate Hashblock signature
#
shell("cat $ENV{WDIR}/.hashes.$args[0] | openssl dgst -sign $RSA_PRIV_KEY -keyform pem -sha256 -sigopt \\
rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -out $ENV{WDIR}/.hashes.$args[0].sig",1);
#
# Generate CFEROM+AuthHDR signature
shell("cat $ENV{WDIR}/.header.$args[0] $CFE_ROM$SFX | openssl dgst -sign $RSA_PRIV_KEY -keyform pem -sha256 \\
-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -out $ENV{WDIR}/.auth.header.$args[0].sig");
Reference in a new issue View git blame Copy permalink