From 6a28c0405050ba829e0fac3a202441b1bea4ac30 Mon Sep 17 00:00:00 2001 From: "Andrey V.Kosteltsev" Date: Fri, 5 Aug 2022 03:12:46 +0300 Subject: Add BIOS image-full signature for compatibility --- BIOS/gen-bios-tarball | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/BIOS/gen-bios-tarball b/BIOS/gen-bios-tarball index e4dcea6..9160451 100755 --- a/BIOS/gen-bios-tarball +++ b/BIOS/gen-bios-tarball @@ -21,7 +21,7 @@ Options: -v, --version Specify the version of bios image file. -e, --extended-version Specify the Extended Version of bios image file -c, --compatible-name Specify the name of bios image in tarball. - Default: 'bios-image'. + Default: 'image-hostfw'. -h, --help Display this help text and exit. ' @@ -48,6 +48,7 @@ cM5FN5UeMcwz+yjfHAsePMkcmMaU7jUCQHlg9+N8upXuIo7Dqj2zOU7nMmkgvSNE 6ATvfP1Vrx4CbP11eKXbCsZ9OGPHSgyvVjn68oY5ZP3uPsIattoN7dE2BRfuJm7m F0nIdUAhR0yTfKM= -----END PRIVATE KEY----- + ' do_sign=true @@ -57,7 +58,7 @@ outfile="" machine="" version="" extended_version="" -compatible_name="bios-image" +compatible_name="image-hostfw" while [[ $# -gt 0 ]]; do key="$1" @@ -171,6 +172,7 @@ if [[ -n "${machine}" ]]; then fi if [[ "${do_sign}" == true ]]; then + signature_files= private_key_name=$(basename "${private_key_path}") key_type="${private_key_name%.*}" echo KeyType="${key_type}" >> $manifest_location @@ -178,9 +180,17 @@ if [[ "${do_sign}" == true ]]; then for file in $files_to_sign; do openssl dgst -sha256 -sign "${private_key_path}" -out "${file}.sig" "$file" + signature_files="${signature_files} ${file}.sig" done - additional_files="*.sig" + if [ -n "$signature_files" ]; then + sort_signature_files=`echo "$signature_files" | tr ' ' '\n' | sort | tr '\n' ' '` + cat $sort_signature_files > image-full + openssl dgst -sha256 -sign ${private_key_path} -out image-full.sig image-full + signature_files="${signature_files} image-full.sig" + fi + + additional_files="${signature_files}" fi tar -czvf $outfile $files_to_sign $additional_files -- cgit v1.2.3