2ae5100d70
This script allows image signing indipendend of the actual build process, to run on a master server after receiving freshly backed images. Idea is to avoid storying private keys on third party builders while still beeing to be able to sign packages. Run ./scripts/sign_images.sh with the following env vars: * TOP_DIR where to search for sysupgrade.bin images * BUILD_KEY place of key-build{,.pub,.ucert} * REMOVE_OTHER_SIGNATURES removes signatures added by e.g. buildbots Only sysupgrade.bin files are touched as factory.bin signatures wouldn't be evaluated on stock from. Signed-off-by: Paul Spooren <mail@aparcar.org> |
||
---|---|---|
.. | ||
config | ||
flashing | ||
arm-magic.sh | ||
brcmImage.pl | ||
bundle-libraries.sh | ||
checkpatch.pl | ||
clang-gcc-wrapper | ||
clean-package.sh | ||
cleanfile | ||
cleanpatch | ||
combined-ext-image.sh | ||
combined-image.sh | ||
config.guess | ||
config.rpath | ||
config.sub | ||
deptest.sh | ||
diffconfig.sh | ||
dl_cleanup.py | ||
dl_github_archive.py | ||
download.pl | ||
env | ||
ext-toolchain.sh | ||
feeds | ||
fixup-makefile.pl | ||
functions.sh | ||
gen-dependencies.sh | ||
gen_image_generic.sh | ||
get_source_date_epoch.sh | ||
getver.sh | ||
ipkg-build | ||
ipkg-make-index.sh | ||
ipkg-remove | ||
json_add_image_info.py | ||
kconfig.pl | ||
linksys-image.sh | ||
make-ipkg-dir.sh | ||
md5sum | ||
metadata.pm | ||
mkhash.c | ||
mkits-qsdk-ipq-image.sh | ||
mkits.sh | ||
om-fwupgradecfg-gen.sh | ||
package-metadata.pl | ||
pad_image | ||
patch-kernel.sh | ||
patch-specs.sh | ||
portable_date.sh | ||
qemustart | ||
redboot-script.pl | ||
relink-lib.sh | ||
remote-gdb | ||
rstrip.sh | ||
sign_images.sh | ||
slugimage.pl | ||
srecimage.pl | ||
strip-kmod.sh | ||
symlink-tree.sh | ||
sysupgrade-tar.sh | ||
target-metadata.pl | ||
time.pl | ||
timestamp.pl | ||
ubinize-image.sh |