5 if [ ! -d ${TMP_DIR} ]; then
11 if [ -d ${TMP_DIR} ]; then
14 echo "********** Package Signing End **********"
18 # CheckFile FILE MESSAGE
26 # CheckNull VAR MESSAGE
44 echo "Checking argument..."
46 for ARGUMENT in ${ArgumentList[@]}; do
47 CheckFile ${ARGUMENT} ${ARGUMENT}" not exist"
50 if [ -z ${SIGNED_FILE} ]; then
55 BASENAME=/usr/bin/basename
56 OPENSSL=/usr/bin/openssl
67 echo "Checking tool..."
69 for TOOL in ${ToolList[@]}; do
70 CheckFile ${TOOL} ${TOOL}" not exist"
76 ExtractFromPKCSFile() {
77 echo "Extract from PKCS file..."
79 KEY=${TMP_DIR}/key.pem
80 ${OPENSSL} pkcs12 -in ${PKCS} -nocerts -passin pass:${PKCS_PASSWORD} -passout pass:${PKCS_PASSWORD} -out ${KEY}
83 CERT=${TMP_DIR}/cert.pem
84 ${OPENSSL} pkcs12 -in ${PKCS} -clcerts -nokeys -passin pass:${PKCS_PASSWORD} -out ${CERT}
91 echo "Signing file..."
93 SIGNATURE=${TMP_DIR}/$(${BASENAME} ${FILE}).sign
94 CheckNull ${SIGNATURE} "Failed to name signature"
96 ${OPENSSL} dgst -sha256 -sign ${KEY} -passin pass:${PKCS_PASSWORD} -out ${SIGNATURE} ${FILE}
97 CheckFile ${SIGNATURE} "Failed to sign"
99 SIGNATURE_SIZE=$(${STAT} -c %s ${SIGNATURE})
100 CheckNull ${SIGNATURE_SIZE} "Failed to get the size of signature"
104 CERT_CONVERTED_SIZE=""
106 echo "Converting certificate..."
108 CERT_CONVERTED=${TMP_DIR}/$(${BASENAME} ${CERT}).der
109 CheckNull ${CERT_CONVERTED} "Failed to name converted certificate"
111 ${OPENSSL} x509 -in ${CERT} -outform DER -out ${CERT_CONVERTED}
112 CheckFile ${CERT_CONVERTED} "Failed to convert certificate"
114 CERT_CONVERTED_SIZE=$(${STAT} -c %s ${CERT_CONVERTED})
115 CheckNull ${CERT_CONVERTED_SIZE} "Failed to get the size of converted certificate"
119 MAGIC_NUMBER="TOTA_SIGNED"
121 echo "Attaching signature..."
123 RESULT_FILE=${TMP_DIR}/result
125 echo -n ${MAGIC_NUMBER} > ${RESULT_FILE}
126 cat ${SIGNATURE} ${CERT_CONVERTED} >> ${RESULT_FILE}
127 ${PERL} -e "print pack('L', ${SIGNATURE_SIZE})" >> ${RESULT_FILE}
128 ${PERL} -e "print pack('L', ${CERT_CONVERTED_SIZE})" >> ${RESULT_FILE}
132 echo "Verifying signature..."
134 EXPECTED_SIZE=$(expr ${#MAGIC_NUMBER} + ${SIGNATURE_SIZE} + ${CERT_CONVERTED_SIZE} + 8)
135 REAL_SIZE=$(${STAT} -c %s ${RESULT_FILE})
137 if [ ${EXPECTED_SIZE} -ne ${REAL_SIZE} ]; then
138 echo "Invalid result size : Expected("${EXPECTED_SIZE}") Real("${REAL_SIZE}")"
144 echo "Inserting signature..."
146 if [ ${FILE} != ${SIGNED_FILE} ]; then
147 cp ${FILE} ${SIGNED_FILE}
150 cat ${RESULT_FILE} >> ${SIGNED_FILE}
155 echo "********** Package Signing Start **********"
157 if [ "$#" -lt 3 ]; then
158 echo "Usage : sign_upg.sh PKCS_FILE PKCS_PASSWORD FILE_NAME [SIGNED_FILE_NAME]"
159 echo " - PKCS_FILE should include private key and certificate"
160 echo " - If SIGNED_FILE_NAME is NULL, signature will be overwritten to FILE_NAME"
175 echo "Succeed to sign file!"