1 #!/bin/bash 2 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 4 # Use of this source code is governed by a BSD-style license that can be 5 # found in the LICENSE file. 6 7 # Standalone version of cros_resign_image.sh script from 8 # chromeos/src/scripts/bin/ for use on signing servers. 9 10 # Both the cgpt tool and vbutil_kernel should be in the system path. 11 12 # Load common constants and variables. 13 . "$(dirname "$0")/common.sh" 14 15 # Abort on error 16 set -e 17 18 # Check arguments 19 if [ $# -lt 4 ] || [ $# -gt 5 ] ; then 20 echo "usage: $PROG src_bin dst_bin kernel_datakey kernel_keyblock [version]" 21 exit 1 22 fi 23 24 # Make sure the tools we need are available. 25 for prereqs in vbutil_kernel cgpt; 26 do 27 type -P "${prereqs}" &>/dev/null || \ 28 { echo "${prereqs} tool not found."; exit 1; } 29 done 30 31 SRC_BIN=$1 32 DST_BIN=$2 33 KERNEL_DATAKEY=$3 34 KERNEL_KEYBLOCK=$4 35 VERSION=$5 36 37 if [ -z $VERSION ]; then 38 VERSION=1 39 fi 40 echo "Using kernel version: $VERSION" 41 42 temp_kimage=$(make_temp_file) 43 extract_image_partition ${SRC_BIN} 2 ${temp_kimage} 44 updated_kimage=$(make_temp_file) 45 46 vbutil_kernel --repack "${updated_kimage}" \ 47 --keyblock "${KERNEL_KEYBLOCK}" \ 48 --signprivate "${KERNEL_DATAKEY}" \ 49 --version "${VERSION}" \ 50 --oldblob "${temp_kimage}" 51 52 # Create a copy of the input image and put in the new vblock 53 cp "${SRC_BIN}" "${DST_BIN}" 54 replace_image_partition ${DST_BIN} 2 ${updated_kimage} 55 echo "New signed image was output to ${DST_BIN}" 56 57
