diff options
author | Gaurav Shah <gauravsh@chromium.org> | 2011-02-18 15:51:52 -0800 |
---|---|---|
committer | Gaurav Shah <gauravsh@chromium.org> | 2011-02-18 15:51:52 -0800 |
commit | f6af9dde86a72baa708caea3fd6bdef26bf3a0e3 (patch) | |
tree | 710154a824812c3e1365dd6d3bdeb5a9ea1af431 | |
parent | e73302caae852485fdf180baa9a443b74f565dcc (diff) | |
download | vboot-f6af9dde86a72baa708caea3fd6bdef26bf3a0e3.tar.gz |
Signer script to add update verification public key to an image
Change-Id: If51dd4f7d9e84f2f0f30506a3a9c354bc6a4b07b
BUG=chromium-os:7388
TEST=manually tested on an image, verified that the permissions on the copied key were correct.
Review URL: http://codereview.chromium.org/6543027
-rwxr-xr-x | scripts/image_signing/insert_au_publickey.sh | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/scripts/image_signing/insert_au_publickey.sh b/scripts/image_signing/insert_au_publickey.sh new file mode 100755 index 00000000..d0ee9607 --- /dev/null +++ b/scripts/image_signing/insert_au_publickey.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +# Copyright (c) 2011 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# Install an update payload verification public key to the image. + +# Load common constants and variables. +. "$(dirname "$0")/common.sh" + +main() { + set -e + + local image="$1" + local pub_key="$2" + if [ $# -ne 2 ]; then + cat <<EOF +Usage: $PROG <image.bin> <au_public_key.pem> +Installs the update verification public key <au_public_key.pem> to <image.bin>. +EOF + exit 1 + fi + local rootfs=$(make_temp_dir) + local key_location="/usr/share/update_engine/" + mount_image_partition "$image" 3 "$rootfs" + sudo mkdir -p "$rootfs/$key_location" + sudo cp "$pub_key" "$rootfs/$key_location/update-payload-key.pub.pem" + sudo chown root:root "$rootfs/$key_location/update-payload-key.pub.pem" + sudo chmod 644 "$rootfs/$key_location/update-payload-key.pub.pem" + echo "AU verification key was installed. Do not forget to resign the image!" +} + +main "$@" |