Re: [cbootimage PATCH v3 5/5] Add two sample scripts to do rsa signing for T210 bootimage

[Stephen Warren <swarren-3lzwWm7+Weoh9ZMKESR00Q@public.gmane.org>]

On 10/08/2015 08:00 PM, Jimmy Zhang wrote:
> Stephen Warren wrote at Thursday, October 08, 2015 1:58 PM:
>> On 10/08/2015 01:38 PM, Jimmy Zhang wrote:
>>> sign.sh runs openssl and other linux utilities to generate rsa-pss
>>> signatures for a prebuilt bootimage and inject signatures and rsa
>>> modulus into bct directly.
>>>
>>> Syntax: sign.sh <bootimage> <rsa_key.pem>
>>>
>>> sign-by-update.sh is similar to sign.sh. The difference is the
>>> signatures update are done by cbootimage with configuration keywords
>>> "RsaKeyModulusFile", "RsaPssSigBlFile", and "RsaPssSigBctFile".
>>> Comparing to sign.sh, this script is relatively simple to be ported to
>>> T124/T114.
>>>
>>> Syntax: sign-by-update.sh <bootimage> <rsa_key.pem>

>>> diff --git a/sign-by-update.sh b/sign-by-update.sh
>>
>> Let's put these example files in an examples directory or something like that.
>>
>> Should we update the Makefile to install the examples into some doc
>> directory?
> 
> I am not sure how to change Makefile.

I'm sure Allen can give you an example quickly, although just having the
files in the source distribution (in a sub-dir) is probably fine for now.

>>> +$DD bs=1 if=$KEY_FILE.mod of=$KEY_FILE.mod.tmp skip=8 count=512
>>
>> I'd suggest using cut for that in case the prefix changes; `cut -d= f2`.
> 
> Not sure how to use 'cut'. Instead, will use 'sed'

You can can just use the cut command I gave, this maps to this as the
entire replacement for dd:

cut -d= -f2 < $KEY_FILE.mod > $KEY_FILE.mod.tmp