summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ecd0a55)
raw | patch | inline | side by side (parent: ecd0a55)
author | Andrew F. Davis <afd@ti.com> | |
Tue, 19 Nov 2019 14:42:24 +0000 (09:42 -0500) | ||
committer | Andrew F. Davis <afd@ti.com> | |
Tue, 19 Nov 2019 14:42:24 +0000 (09:42 -0500) |
This script generates, uses, and then removes some temporary files. When
multiple instance of this script are run this can cause a race between
these actions on the same file. Use 'mktemp' to generate unique temporary
files to prevent this issue and make this tool multi-invocation safe.
Signed-off-by: Andrew F. Davis <afd@ti.com>
multiple instance of this script are run this can cause a race between
these actions on the same file. Use 'mktemp' to generate unique temporary
files to prevent this issue and make this tool multi-invocation safe.
Signed-off-by: Andrew F. Davis <afd@ti.com>
scripts/secure-binary-image.sh | patch | blob | history |
index a8080f7acf8d32daa75cca3deb6a0b640c046b6e..36d5da1ac3500eac28a8cb094a1f6ef944ac0f6a 100755 (executable)
# Parameters to get populated into the x509 template
HS_SED_OPTS="-e s/TEST_IMAGE_LENGTH/${HS_IMAGE_SIZE}/ "
HS_SED_OPTS+="-e s/TEST_IMAGE_SHA_VAL/${HS_SHA_VALUE}/"
+TMPX509=$(mktemp) || exit 1
+cat ${PREFIX}/scripts/x509-template.txt | sed ${HS_SED_OPTS} > ${TMPX509}
# Generate x509 certificate
-cat ${PREFIX}/scripts/x509-template.txt | sed ${HS_SED_OPTS} > temp-x509.txt
-openssl req -new -x509 -key ${PREFIX}/keys/custMpk.pem -nodes -outform DER -out temp-x509.cert -config temp-x509.txt -sha512
+TMPCERT=$(mktemp) || exit 1
+
+openssl req -new -x509 -key ${PREFIX}/keys/custMpk.pem -nodes -outform DER -out ${TMPCERT} -config ${TMPX509} -sha512
# Append x509 certificate
-cat temp-x509.cert $INPUT_FILE > $OUTPUT_FILE
+cat ${TMPCERT} $INPUT_FILE > $OUTPUT_FILE
# Cleanup
-rm -f temp-x509.txt temp-x509.cert
+rm -f ${TMPX509} ${TMPCERT}