aboutsummaryrefslogtreecommitdiffstats
path: root/scripts
diff options
context:
space:
mode:
authorPaul Spooren <mail@aparcar.org>2022-03-28 03:29:09 +0100
committerPaul Spooren <mail@aparcar.org>2022-03-29 21:41:06 +0100
commit8822a8d850ba2df69b81289758959bb90643a696 (patch)
tree33ad9112b2efa936a963405af8fcbfd50a44e763 /scripts
parent5e34b316c5b3bf06a1d748cb5569d28b8334820f (diff)
downloadupstream-8822a8d850ba2df69b81289758959bb90643a696.tar.gz
upstream-8822a8d850ba2df69b81289758959bb90643a696.tar.bz2
upstream-8822a8d850ba2df69b81289758959bb90643a696.zip
build: store sha256_unsigned in JSON
Introduce `sha256_unsigned` which is a checksum of the image _before_ a signature is attached. This is helpful to compare image reproducibility. Since the `.sha256sum` file is located in the $(KDIR) folder, switch $(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR) itself is not stored inside the resulting JSON file, so it can be replaced. Signed-off-by: Paul Spooren <mail@aparcar.org>
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/json_add_image_info.py16
1 files changed, 12 insertions, 4 deletions
diff --git a/scripts/json_add_image_info.py b/scripts/json_add_image_info.py
index 4608996f02..9aa2a19e45 100755
--- a/scripts/json_add_image_info.py
+++ b/scripts/json_add_image_info.py
@@ -11,8 +11,8 @@ if len(argv) != 2:
exit(1)
json_path = Path(argv[1])
-bin_dir = Path(getenv("BIN_DIR"))
-file_path = bin_dir / getenv("FILE_NAME")
+file_path = Path(getenv("FILE_DIR")) / getenv("FILE_NAME")
+
if not file_path.is_file():
print("Skip JSON creation for non existing file", file_path)
@@ -37,7 +37,14 @@ def get_titles():
device_id = getenv("DEVICE_ID")
-file_hash = hashlib.sha256(file_path.read_bytes()).hexdigest()
+hash_file = hashlib.sha256(file_path.read_bytes()).hexdigest()
+
+if file_path.with_suffix(file_path.suffix + ".sha256sum").exists():
+ hash_unsigned = (
+ file_path.with_suffix(file_path.suffix + ".sha256sum").read_text().strip()
+ )
+else:
+ hash_unsigned = hash_file
file_info = {
"metadata_version": 1,
@@ -52,7 +59,8 @@ file_info = {
{
"type": getenv("FILE_TYPE"),
"name": getenv("FILE_NAME"),
- "sha256": file_hash,
+ "sha256": hash_file,
+ "sha256_unsigned": hash_unsigned,
}
],
"device_packages": getenv("DEVICE_PACKAGES").split(),