domenico/openwrt-master
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit
Some checks failed
Build Kernel / Build all affected Kernels (push) Has been cancelled
Details
Build all core packages / Build all core packages for selected target (push) Has been cancelled
Details
Build and Push prebuilt tools container / Build and Push all prebuilt containers (push) Has been cancelled
Details
Build Toolchains / Build Toolchains for each target (push) Has been cancelled
Details
Build host tools / Build host tools for linux and macos based systems (push) Has been cancelled
Details
Coverity scan build / Coverity x86/64 build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
domenico
2025-06-24 14:35:53 +02:00
commit c06fb25d1f
9263 changed files with 1750214 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
scripts/sign_images.sh Executable file
View File

@@ -0,0 +1,27 @@
#!/bin/sh
# directory where search for images
TOP_DIR="${TOP_DIR:-./bin/targets}"
# key to sign images
BUILD_KEY="${BUILD_KEY:-key-build}" # TODO unify naming?
# remove other signatures (added e.g. by buildbot)
REMOVE_OTER_SIGNATURES="${REMOVE_OTER_SIGNATURES:-1}"
# find all sysupgrade images in TOP_DIR
# factory images don't need signatures as non OpenWrt system doesn't check them anyway
for image in $(find $TOP_DIR -type f -name "*-sysupgrade.bin"); do
# check if image actually support metadata
if fwtool -i /dev/null "$image"; then
# remove all previous signatures
if [ -n "$REMOVE_OTER_SIGNATURES" ]; then
while [ "$?" = 0 ]; do
fwtool -t -s /dev/null "$image"
done
fi
# run same operation as build root does for signing
cp "$BUILD_KEY.ucert" "$image.ucert"
usign -S -m "$image" -s "$BUILD_KEY" -x "$image.sig"
ucert -A -c "$image.ucert" -x "$image.sig"
fwtool -S "$image.ucert" "$image"
fi
done