ffho-firmware-website/scripts/sign.sh

#!/bin/sh

manifest="$1"
keyfile="$2"

if [ $# != 2 ]; then
	echo "Usage: `basename $0` manifest_file keyfile" >&2
	exit 1
fi

if [ ! -w "${manifest}" ]; then
	echo "ERROR: Manifest \"${manifest}\" does not exists or is not writeable!" >&2
	exit 1
fi

if [ ! -r "${keyfile}" ]; then
	echo "ERROR: Keyfile \"${keyfile}\" does not exist or is not readable!" >&2
	exit 1
fi

echo -en "Signing '${manifest}' with '${keyfile}' using ECDSA, this might take some time ... "

BRANCH=$(grep -i branch "${manifest}" | cut -d"=" -f 2)

upper="$(mktemp)"
lower="$(mktemp)"

awk "BEGIN    { sep=0 }
     /^---\$/ { sep=1; next }
              { if(sep==0) print > \"$upper\";
                else       print > \"$lower\"}" \
    "${manifest}"

if type "ecdsautil" > /dev/null 2>&1; then
	ecdsautil sign "${upper}" < "${keyfile}" >> "${lower}"
elif type "ecdsasign" > /dev/null 2>&1; then
	ecdsasign "${upper}" < "${keyfile}" >> "${lower}"
else
	echo "ERROR: ecdsautil not found" >&2
	exit 1
fi

cat  "${upper}"  > "${manifest}"
echo ---        >> "${manifest}"
cat  "${lower}" >> "${manifest}"
rm -f -- "${upper}" "${lower}"

echo "done"