brillo_update_payload revision be998f47ccb02c5f118f73e79729e9187c39e919
1be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma#!/bin/bash 2be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 3be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Copyright 2015 The Chromium OS Authors. All rights reserved. 4be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Use of this source code is governed by a BSD-style license that can be 5be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# found in the LICENSE file. 6be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 7be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Script to generate a Brillo update for use by the update engine. 8be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# 9be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# usage: brillo_update_payload COMMAND [ARGS] 10be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# The following commands are supported: 11be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# generate generate an unsigned payload 12be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# hash generate a payload or metadata hash 13be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# sign generate a signed payload 14be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# 15be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Generate command arguments: 16be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --payload generated unsigned payload output file 17be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --source_image if defined, generate a delta payload from the specified 18be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# image to the target_image 19be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --target_image the target image that should be sent to clients 20be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# 21be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Hash command arguments: 22be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --unsigned_payload the input unsigned payload to generate the hash from 23be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --signature_size signature sizes in bytes in the following format: 24be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# size1:size2[:...]" 25be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --payload_hash_file if defined, generate a payload hash and output to the 26be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# specified file 27be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --metadata_hash_file if defined, generate a metadata hash and output to the 28be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# specified file 29be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# 30be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Sign command arguments: 31be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --unsigned_payload the input unsigned payload to insert the signatures 32be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --payload the output signed payload 33be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --signature_size signature sizes in bytes in the following format: 34be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# size1:size2[:...]" 35be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# --payload_signature_file the payload signature files in the following format: 36be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# payload_signature1:payload_signature2[:...]" 37be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Note that the number of signature sizes and payload signatures have to match. 38be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 39be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Load common CrOS utilities. Inside the chroot this file is installed in 40be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# /usr/lib/crosutils. This script may also be called from a zipfile, in which 41be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# case common.sh will be in the current directory. 42be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumafind_common_sh() { 43be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma local thisdir="$(dirname "$(readlink -f "$0")")" 44be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma local common_paths=(/usr/lib/crosutils "${thisdir}") 45be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma local path 46be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 47be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma SCRIPT_ROOT="${common_paths[0]}" 48be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma for path in "${common_paths[@]}"; do 49be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma if [[ -r "${path}/common.sh" ]]; then 50be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma SCRIPT_ROOT="${path}" 51be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma break 52be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma fi 53be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma done 54be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 55be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # We have to fake GCLIENT_ROOT in case we're running inside 56be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # au_zip enviroment. GCLIENT_ROOT detection became fatal. 57be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ "${SCRIPT_ROOT}" == "${thisdir}" ]] && export GCLIENT_ROOT="." 58be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 59be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 60be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumafind_common_sh 61be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma. "${SCRIPT_ROOT}/common.sh" || exit 1 62be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 63be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Check that a command is specified 64be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumaif [[ $# -lt 1 ]]; then 65be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo "Please specify a command [generate|hash|sign]" 66be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma exit 1 67be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumafi 68be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 69be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Parse command 70be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacase "$1" in 71be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma generate|hash|sign) 72be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma COMMAND=$1 73be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma ;; 74be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma *) 75be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo "Unrecognized command:" $1 76be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma exit 1 77be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma ;; 78be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumaesac 79be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 80be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumashift 81be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 82be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Flags 83be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string payload "" "Path to output the generated payload file." 84be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string target_image "" "Path to the target image that should be sent to clients." 85be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string source_image "" "Optional: Path to a source image. If specified, this makes\ 86be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma a delta update." 87be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string unsigned_payload "" "Path to the generated unsigned payload." 88be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string signature_size "" "Signature sizes in bytes in the following format: \ 89be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma size1:size2[:...]" 90be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string payload_hash_file "" "Optional: Path to output payload hash file." 91be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string metadata_hash_file "" "Optional: Path to output metadata hash file." 92be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string payload_signature_file "" "The payload signatures in the \ 93be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma following format: payload_signature1:payload_signature2[:...]" 94be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDEFINE_string work_dir "/tmp" "Where to dump temporary files." 95be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 96be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Parse command line flag arguments 97be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaFLAGS "$@" || exit 1 98be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumaeval set -- "${FLAGS_ARGV}" 99be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 100be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaSRC_KERNEL=$(mktemp --tmpdir="${FLAGS_work_dir}" old_kern.dat.XXXXXX) 101be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaSRC_ROOT=$(mktemp --tmpdir="${FLAGS_work_dir}" old_root.dat.XXXXXX) 102be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDST_KERNEL=$(mktemp --tmpdir="${FLAGS_work_dir}" new_kern.dat.XXXXXX) 103be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaDST_ROOT=$(mktemp --tmpdir="${FLAGS_work_dir}" new_root.dat.XXXXXX) 104be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 105be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacleanup() { 106be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma local err="" 107be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma rm -f "${SRC_KERNEL}" || err=1 108be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma rm -f "${SRC_ROOT}" || err=1 109be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma rm -f "${DST_KERNEL}" || err=1 110be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma rm -f "${DST_ROOT}" || err=1 111be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 112be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # If we are cleaning up after an error, or if we got an error during 113be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # cleanup (even if we eventually succeeded) return a non-zero exit 114be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # code. This triggers additional logging in most environments that call 115be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # this script. 116be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma if [[ -n "${err}" ]]; then 117be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Cleanup encountered an error." 118be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma fi 119be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 120be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 121be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacleanup_on_error() { 122be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma trap - INT TERM ERR EXIT 123be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma cleanup 124be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Cleanup success after an error." 125be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 126be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 127be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacleanup_on_exit() { 128be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma trap - INT TERM ERR EXIT 129be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma cleanup 130be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 131be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 132be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumatrap cleanup_on_error INT TERM ERR 133be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumatrap cleanup_on_exit EXIT 134be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 135be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumavalidate_generate() { 136be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_payload}" ]] || 137be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify an output filename with --payload FILENAME" 138be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 139be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_target_image}" ]] || 140be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify a target image with --target_image FILENAME" 141be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 142be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 143be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacmd_generate() { 144be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma DELTA="${FLAGS_TRUE}" 145be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma PAYLOAD_TYPE="delta" 146be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma if [[ -z "${FLAGS_source_image}" ]]; then 147be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma DELTA="${FLAGS_FALSE}" 148be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma PAYLOAD_TYPE="full" 149be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma fi 150be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 151be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo "Generating ${PAYLOAD_TYPE} update" 152be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 153be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma cros_generate_update_payload --extract --image "${FLAGS_target_image}" \ 154be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma --kern_path "${DST_KERNEL}" --root_path "${DST_ROOT}" \ 155be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma --work_dir "${FLAGS_work_dir}" --outside_chroot 156be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 157be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma if [[ "${DELTA}" -eq "${FLAGS_TRUE}" ]]; then 158be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma cros_generate_update_payload --extract \ 159be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma --src_image "${FLAGS_source_image}" \ 160be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma --src_kern_path "${SRC_KERNEL}" --src_root_path "${SRC_ROOT}" \ 161be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma --work_dir "${FLAGS_work_dir}" --outside_chroot 162be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 163be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo md5sum of src kernel: 164be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma md5sum "${SRC_KERNEL}" 165be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 166be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo md5sum of src root: 167be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma md5sum "${SRC_ROOT}" 168be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma fi 169be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 170be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma GENERATOR_ARGS=( 171be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # Common payload args: 172be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -out_file="${FLAGS_payload}" 173be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # Target image args: 174be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -new_image="${DST_ROOT}" 175be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -new_kernel="${DST_KERNEL}" 176be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma ) 177be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 178be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma if [[ "${DELTA}" -eq "${FLAGS_TRUE}" ]]; then 179be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma GENERATOR_ARGS+=( 180be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma # Source image args: 181be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -old_image="${SRC_ROOT}" 182be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -old_kernel="${SRC_KERNEL}" 183be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma ) 184be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma fi 185be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 186be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo "Running delta_generator with args: ${GENERATOR_ARGS[@]}" 187be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma "${GENERATOR}" "${GENERATOR_ARGS[@]}" 188be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 189be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo "Done generating ${PAYLOAD_TYPE} update." 190be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 191be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 192be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumavalidate_hash() { 193be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_signature_size}" ]] || 194be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify signature size with --signature_size SIZES" 195be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 196be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_unsigned_payload}" ]] || 197be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify the input unsigned payload with \ 198be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma--unsigned_payload FILENAME" 199be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 200be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_metadata_hash_file}" ]] || 201be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_payload_hash_file}" ]] || 202be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify --metadata_hash_file FILENAME \ 203be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumaor --payload_hash_file FILENAME" 204be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 205be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 206be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacmd_hash() { 207be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma if [[ -n "${FLAGS_metadata_hash_file}" ]]; then 208be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma "${GENERATOR}" \ 209be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -in_file="${FLAGS_unsigned_payload}" \ 210be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -signature_size="${FLAGS_signature_size}" \ 211be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -out_metadata_hash_file="${FLAGS_metadata_hash_file}" 212be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma fi 213be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 214be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma if [[ -n "${FLAGS_payload_hash_file}" ]]; then 215be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma "${GENERATOR}" \ 216be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -in_file="${FLAGS_unsigned_payload}" \ 217be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -signature_size="${FLAGS_signature_size}" \ 218be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -out_hash_file="${FLAGS_payload_hash_file}" 219be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma fi 220be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo "Done generating hash." 221be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 222be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 223be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumavalidate_sign() { 224be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_signature_size}" ]] || 225be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify signature size with --signature_size SIZES" 226be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 227be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_unsigned_payload}" ]] || 228be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify the input unsigned payload with \ 229be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma--unsigned_payload FILENAME" 230be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 231be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_payload}" ]] || 232be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify the output signed payload with \ 233be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma--payload FILENAME" 234be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 235be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma [[ -n "${FLAGS_payload_signature_file}" ]] || 236be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma die "Error: you must specify the payload signature file with \ 237be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma--payload_signature_file SIGNATURES" 238be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 239be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 240be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacmd_sign() { 241be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma "${GENERATOR}" \ 242be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -in_file="${FLAGS_unsigned_payload}" \ 243be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -signature_size="${FLAGS_signature_size}" \ 244be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -signature_file="${FLAGS_payload_signature_file}" \ 245be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma -out_file="${FLAGS_payload}" 246be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma echo "Done signing payload." 247be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma} 248be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 249be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# TODO: Extract the input zip files once the format is finalized 250be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 251be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma# Sanity check that the real generator exists: 252be998f47ccb02c5f118f73e79729e9187c39e919Jason KusumaGENERATOR="$(which delta_generator)" 253be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma[[ -x "${GENERATOR}" ]] || die "can't find delta_generator" 254be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma 255be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumacase "$COMMAND" in 256be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma generate) validate_generate 257be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma cmd_generate 258be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma ;; 259be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma hash) validate_hash 260be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma cmd_hash 261be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma ;; 262be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma sign) validate_sign 263be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma cmd_sign 264be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusuma ;; 265be998f47ccb02c5f118f73e79729e9187c39e919Jason Kusumaesac 266