Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash -e
- # Copyright 2020 Pyckle
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- IMG_TO_SIGN=$1
- SIGNED_IMG_OUT=${2:-"$IMG_TO_SIGN.signed.bin"}
- SALT_SIG_1="57c5375741c30ca9ebcb36713db4ba51"
- SALT_SIG_2="ab0dff19af8842cdb70a86b4b68d23f7"
- MAGIC_COFFEE=00c0ffee
- if [ -z "$IMG_TO_SIGN" ] || [ ! -f "$IMG_TO_SIGN" ] ; then
- echo "Usage $0 <image to sign> <out img>"
- exit
- fi
- if [ -f "$SIGNED_IMG_OUT" ] ; then
- echo "Cowardly refusing to clobber $SIGNED_IMG_OUT"
- exit
- fi
- SECOND_TO_LAST_COFFEE=$(tail -c 24 "$IMG_TO_SIGN"|head -c4|xxd -p)
- LAST_COFFEE=$(tail -c 4 "$IMG_TO_SIGN"|xxd -p)
- INPUT_SIZE="$(stat --printf="%s" "$IMG_TO_SIGN")"
- if [ "$LAST_COFFEE" == "$MAGIC_COFFEE" ] ; then
- echo "Image is already single signed. Removing first signature."
- INPUT_SIZE=$(expr $INPUT_SIZE - 20)
- if [ $SECOND_TO_LAST_COFFEE == "$MAGIC_COFFEE" ] ; then
- echo "Image is already double signed. Removing second signature."
- INPUT_SIZE=$(expr $INPUT_SIZE - 20)
- fi
- else
- echo "Image is unsigned. Adding both signatures."
- fi
- head -c "$INPUT_SIZE" "$IMG_TO_SIGN" > "$SIGNED_IMG_OUT"
- # add some extra padding. This is done on all of the firmware that is on D-link's site.
- # if it is already there, it hopefully shouldn't hurt things
- echo -n "c0ffeesign" >> "$SIGNED_IMG_OUT"
- function addSignature()
- {
- SALT="$1"
- SIGNATURE=$( (echo "$SALT" | xxd -r -p ; cat "$SIGNED_IMG_OUT") | md5sum -b | awk '{print $1}')
- echo "Salted MD5 Signature is $SIGNATURE"
- echo -n "$SIGNATURE$MAGIC_COFFEE" | xxd -r -p >> "$SIGNED_IMG_OUT"
- }
- addSignature $SALT_SIG_1
- addSignature $SALT_SIG_2
- echo "Signing complete. Signed firmware written to $SIGNED_IMG_OUT"
Add Comment
Please, Sign In to add comment