harald/VerityBook
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

mkrelease.sh: add --nosign option

Browse source
This commit is contained in:
Harald Hoyer 2018-09-13 10:15:54 +02:00
parent 44e7216ae7
commit c275d3c6d8
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
mkrelease.sh
View file

@ -5,6 +5,7 @@ usage() {
Usage: $PROGNAME [OPTION] Usage: $PROGNAME [OPTION]
-h, --help Display this help -h, --help Display this help
--nosign Don't sign the EFI executable
--certdir DIR Use DIR as certification CA for EFI signing --certdir DIR Use DIR as certification CA for EFI signing
EOF EOF
} }
@ -12,6 +13,7 @@ EOF
TEMP=$( TEMP=$(
getopt -o '' \ getopt -o '' \
--long certdir: \ --long certdir: \
--long nosign \
--long help \ --long help \
-- "$@" -- "$@"
) )
@ -30,6 +32,10 @@ while true; do
CERTDIR="$(readlink -e $2)" CERTDIR="$(readlink -e $2)"
shift 2; continue shift 2; continue
;; ;;
'--nosign')
NOSIGN="1"
shift 1; continue
;;
'--help') '--help')
usage usage
exit 0 exit 0
@ -51,8 +57,10 @@ IMAGE="${BASEDIR}/$(jq -r '.name' ${JSON})-$(jq -r '.version' ${JSON})"
( (
cd "$IMAGE" cd "$IMAGE"
pesign -c DB -s ${CERTDIR:+--certdir $CERTDIR} -i bootx64.efi -o bootx64-signed.efi if ! [[ $NOSIGN ]]; then
mv bootx64-signed.efi bootx64.efi pesign -c DB -s ${CERTDIR:+--certdir $CERTDIR} -i bootx64.efi -o bootx64-signed.efi
mv bootx64-signed.efi bootx64.efi
fi
[[ -f sha512sum.txt ]] || sha512sum * > sha512sum.txt [[ -f sha512sum.txt ]] || sha512sum * > sha512sum.txt
[[ -f sha512sum.txt.sig ]] || gpg2 --detach-sign sha512sum.txt [[ -f sha512sum.txt.sig ]] || gpg2 --detach-sign sha512sum.txt
) )