1#!/bin/bash 2 3# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 4# Use of this source code is governed by a BSD-style license that can be 5# found in the LICENSE file. 6 7# Standalone version of cros_resign_image.sh script from 8# chromeos/src/scripts/bin/ for use on signing servers. 9 10# Both the cgpt tool and vbutil_kernel should be in the system path. 11 12# Load common constants and variables. 13. "$(dirname "$0")/common.sh" 14 15# Abort on error 16set -e 17 18# Check arguments 19if [ $# -lt 4 ] || [ $# -gt 5 ] ; then 20 echo "usage: $PROG src_bin dst_bin kernel_datakey kernel_keyblock [version]" 21 exit 1 22fi 23 24# Make sure the tools we need are available. 25for prereqs in vbutil_kernel cgpt; 26do 27 type -P "${prereqs}" &>/dev/null || \ 28 { echo "${prereqs} tool not found."; exit 1; } 29done 30 31SRC_BIN=$1 32DST_BIN=$2 33KERNEL_DATAKEY=$3 34KERNEL_KEYBLOCK=$4 35VERSION=$5 36 37if [ -z $VERSION ]; then 38 VERSION=1 39fi 40echo "Using kernel version: $VERSION" 41 42temp_kimage=$(make_temp_file) 43extract_image_partition ${SRC_BIN} 2 ${temp_kimage} 44updated_kimage=$(make_temp_file) 45 46vbutil_kernel --repack "${updated_kimage}" \ 47 --keyblock "${KERNEL_KEYBLOCK}" \ 48 --signprivate "${KERNEL_DATAKEY}" \ 49 --version "${VERSION}" \ 50 --oldblob "${temp_kimage}" 51 52# Create a copy of the input image and put in the new vblock 53cp "${SRC_BIN}" "${DST_BIN}" 54replace_image_partition ${DST_BIN} 2 ${updated_kimage} 55echo "New signed image was output to ${DST_BIN}" 56 57