Commit 1ae3d7ecb5ec3f4dbc47124d786adb6df84edbb6
1 parent
e071bbf9
verifySig tidyup
Showing
1 changed file
with
3 additions
and
4 deletions
tools/rpi-eeprom-digest
| @@ -34,7 +34,7 @@ checkDependencies() { | @@ -34,7 +34,7 @@ checkDependencies() { | ||
| 34 | if ! command -v xxd > /dev/null; then | 34 | if ! command -v xxd > /dev/null; then |
| 35 | die "xxd not found. Try installing the xxd package." | 35 | die "xxd not found. Try installing the xxd package." |
| 36 | fi | 36 | fi |
| 37 | - fi | 37 | + fi |
| 38 | } | 38 | } |
| 39 | 39 | ||
| 40 | usage() { | 40 | usage() { |
| @@ -93,10 +93,9 @@ verifySig() { | @@ -93,10 +93,9 @@ verifySig() { | ||
| 93 | sig_file="${1}" | 93 | sig_file="${1}" |
| 94 | [ -f "${sig_file}" ] || die "Signature file ${sig_file} not found" | 94 | [ -f "${sig_file}" ] || die "Signature file ${sig_file} not found" |
| 95 | sig_hex="$(grep rsa2048 "${sig_file}" | cut -f 2 -d ' ')" | 95 | sig_hex="$(grep rsa2048 "${sig_file}" | cut -f 2 -d ' ')" |
| 96 | - echo ${sig_hex} | xxd -c 4096 -p -r > "${TMP_DIR}/sig.bin" | ||
| 97 | - | ||
| 98 | [ -n "${sig_hex}" ] || die "No RSA signature in ${sig_file}" | 96 | [ -n "${sig_hex}" ] || die "No RSA signature in ${sig_file}" |
| 99 | - sha256=$(sha256sum "${IMAGE}" | awk '{print $1}') | 97 | + |
| 98 | + echo ${sig_hex} | xxd -c 4096 -p -r > "${TMP_DIR}/sig.bin" | ||
| 100 | "${OPENSSL}" dgst -verify "${KEY}" -signature "${TMP_DIR}/sig.bin" "${IMAGE}" || die "${IMAGE} not verified" | 99 | "${OPENSSL}" dgst -verify "${KEY}" -signature "${TMP_DIR}/sig.bin" "${IMAGE}" || die "${IMAGE} not verified" |
| 101 | } | 100 | } |
| 102 | 101 |