2ae5100d70
This script allows image signing indipendend of the actual build
process, to run on a master server after receiving freshly backed
images. Idea is to avoid storying private keys on third party builders
while still beeing to be able to sign packages.
Run ./scripts/sign_images.sh with the following env vars:
* TOP_DIR where to search for sysupgrade.bin images
* BUILD_KEY place of key-build{,.pub,.ucert}
* REMOVE_OTHER_SIGNATURES removes signatures added by e.g. buildbots
Only sysupgrade.bin files are touched as factory.bin signatures wouldn't
be evaluated on stock from.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
||
|---|---|---|
| .. | ||
| config | ||
| flashing | ||
| arm-magic.sh | ||
| brcmImage.pl | ||
| bundle-libraries.sh | ||
| checkpatch.pl | ||
| clang-gcc-wrapper | ||
| clean-package.sh | ||
| cleanfile | ||
| cleanpatch | ||
| combined-ext-image.sh | ||
| combined-image.sh | ||
| config.guess | ||
| config.rpath | ||
| config.sub | ||
| deptest.sh | ||
| diffconfig.sh | ||
| dl_cleanup.py | ||
| dl_github_archive.py | ||
| download.pl | ||
| env | ||
| ext-toolchain.sh | ||
| feeds | ||
| fixup-makefile.pl | ||
| functions.sh | ||
| gen_image_generic.sh | ||
| gen-dependencies.sh | ||
| get_source_date_epoch.sh | ||
| getver.sh | ||
| ipkg-build | ||
| ipkg-make-index.sh | ||
| ipkg-remove | ||
| json_add_image_info.py | ||
| kconfig.pl | ||
| linksys-image.sh | ||
| make-ipkg-dir.sh | ||
| md5sum | ||
| metadata.pm | ||
| mkhash.c | ||
| mkits-qsdk-ipq-image.sh | ||
| mkits.sh | ||
| om-fwupgradecfg-gen.sh | ||
| package-metadata.pl | ||
| pad_image | ||
| patch-kernel.sh | ||
| patch-specs.sh | ||
| portable_date.sh | ||
| qemustart | ||
| redboot-script.pl | ||
| relink-lib.sh | ||
| remote-gdb | ||
| rstrip.sh | ||
| sign_images.sh | ||
| slugimage.pl | ||
| srecimage.pl | ||
| strip-kmod.sh | ||
| symlink-tree.sh | ||
| sysupgrade-tar.sh | ||
| target-metadata.pl | ||
| time.pl | ||
| timestamp.pl | ||
| ubinize-image.sh | ||