-fwtool_pre_upgrade() {
- fwtool -q -i /dev/null "$1"
+fwtool_check_signature() {
+ [ $# -gt 1 ] && return 1
+
+ [ ! -x /usr/bin/ucert ] && {
+ if [ "$REQUIRE_IMAGE_SIGNATURE" = 1 ]; then
+ return 1
+ else
+ return 0
+ fi
+ }
+
+ if ! fwtool -q -s /tmp/sysupgrade.ucert "$1"; then
+ echo "Image signature not found"
+ [ "$REQUIRE_IMAGE_SIGNATURE" = 1 -a "$FORCE" != 1 ] && {
+ echo "Use sysupgrade -F to override this check when downgrading or flashing to vendor firmware"
+ }
+ [ "$REQUIRE_IMAGE_SIGNATURE" = 1 ] && return 1
+ return 0
+ fi
+
+ ucert -V -m "$1" -c "/tmp/sysupgrade.ucert" -P /etc/opkg/keys
+
+ return $?
}
fwtool_check_image() {
if ! fwtool -q -i /tmp/sysupgrade.meta "$1"; then
echo "Image metadata not found"
+ [ "$REQUIRE_IMAGE_METADATA" = 1 -a "$FORCE" != 1 ] && {
+ echo "Use sysupgrade -F to override this check when downgrading or flashing to vendor firmware"
+ }
[ "$REQUIRE_IMAGE_METADATA" = 1 ] && return 1
return 0
fi