| xf.li | aa4d92f | 2023-09-13 00:18:58 -0700 | [diff] [blame^] | 1 | #!/bin/bash |
| 2 | |
| 3 | IN_FILE=$1 |
| 4 | WORK_DIR=$2 |
| 5 | OUT_FILE=$3 |
| 6 | PRIV_KEY=$4 |
| 7 | SignImage=$5 |
| 8 | |
| 9 | VERITY_DIR=$WORK_DIR/verity |
| 10 | |
| 11 | rm -rf $VERITY_DIR $OUT_FILE $OUT_FILE.pad |
| 12 | mkdir -p $VERITY_DIR |
| 13 | |
| 14 | # 1.pad |
| 15 | let size="$(stat -c%s $IN_FILE)" pad="128*1024" offset="0" pad="(pad - ((size + offset) % pad)) % pad" newsize='size + pad' |
| 16 | echo $size $newsize |
| 17 | dd if=$IN_FILE of=$OUT_FILE bs=$newsize count=1 conv=sync |
| 18 | cp -v $OUT_FILE $OUT_FILE.pad |
| 19 | |
| 20 | # 2. gen raw_table and hash_tree |
| 21 | veritysetup format $OUT_FILE $VERITY_DIR/hash_tree > $VERITY_DIR/raw_table |
| 22 | if [ $? -ne 0 ]; then |
| 23 | echo "generate squashfs dm-verity veritysetup format error!" |
| 24 | exit 1 |
| 25 | fi |
| 26 | |
| 27 | # 3. gen signature of raw_table |
| 28 | #openssl dgst -sha256 -binary -sign $PRIV_KEY $VERITY_DIR/raw_table > $VERITY_DIR/sign |
| 29 | $SignImage -i $VERITY_DIR/raw_table -o $VERITY_DIR/raw_table.signed -k $PRIV_KEY |
| 30 | if [ $? -ne 0 ]; then |
| 31 | echo "generate squashfs dm-verity sign error!" |
| 32 | exit 1 |
| 33 | fi |
| 34 | dd if=$VERITY_DIR/raw_table.signed of=$VERITY_DIR/sign bs=640 count=1 status=none |
| 35 | |
| 36 | # 4. padding sign, raw_table and hash_tree to input file |
| 37 | zxic_generate_squashfs_verity $OUT_FILE $VERITY_DIR/sign $VERITY_DIR/raw_table $VERITY_DIR/hash_tree |
| 38 | if [ $? -ne 0 ]; then |
| 39 | echo "generate squashfs dm-verity error!" |
| 40 | exit 1 |
| 41 | fi |