diff options
Diffstat (limited to 'meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh')
-rw-r--r-- | meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh new file mode 100644 index 000000000..bbaf15d7d --- /dev/null +++ b/meta-quanta/meta-gbs/recipes-gbs/gbs-bmc-update/files/bmc-verify.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +sigfile="/tmp/bmc.sig" +imagebmc="/run/initramfs/image-bmc" +bmcimage="/run/initramfs/bmc-image" +publickey="/etc/activationdata/OpenBMC/publickey" +bmclog="/tmp/update-bmc.log" + +if [ -f $publickey ];then + r="$(openssl dgst -verify $publickey -sha256 -signature $sigfile $bmcimage)" + echo "$r" > $bmclog + if [[ "Verified OK" == "$r" ]]; then + mv $bmcimage $imagebmc + rm -f $sigfile + exit 0 + else + exit 1 + fi +else + echo "No $publickey file" > $bmclog + exit 1 +fi |