dasharo/dasharo-tools
0
0
Fork 0
mirror of https://github.com/Dasharo/dasharo-tools.git synced 2026-03-06 14:51:33 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
dasharo-tools/vboot/resign

45 lines
1.2 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
source "${SCRIPT_DIR}/../common.sh"
usage() {
cat <<EOF
This script resigns (for Verified Boot) already signed INPUT_ROM with keys from
KEYS_DIRECTORY for Verified Boot. Please refer to the Dasharo documentation for
more information:
https://docs.dasharo.com/common-coreboot-docs/vboot_signing/
Usage: $0 INPUT_ROM KEYS_DIRECTORY
Arguments:
INPUT_ROM path to the input firmware file
KEYS_DIRECTORY path to directory where generated keys should be located
Example usage:
$0 protectli_vault_cml_v1.0.16.rom keys
EOF
exit 0
}
INPUT_ROM="$(readlink -f $1)"
KEYS_DIRECTORY="$(readlink -f $2)"
OUTPUT_ROM="${INPUT_ROM%.*}_resigned.rom"
source "${SCRIPT_DIR}/env"
[ -z "${INPUT_ROM}" ] && echo "INPUT_ROM not given" && usage
[ -z "${KEYS_DIRECTORY}" ] && echo "KEYS_DIRECTORY not given" && usage
docker run --rm -v ${PWD}:${PWD} -w ${PWD} \
-v ${KEYS_DIRECTORY}:${KEYS_DIRECTORY} ${CONTAINER} \
/vboot/scripts/image_signing/sign_firmware.sh \
"${INPUT_ROM}" \
"${KEYS_DIRECTORY}/vboot" \
"${OUTPUT_ROM}"
errorCheck "Failed to resign firmware file"
echo "The ${INPUT_ROM} was resigned and saved as: ${OUTPUT_ROM}"
Reference in New Issue View Git Blame Copy Permalink