EasyManua.ls Logo

GE MDS ORBIT ECR - 9.0 APPENDIX D - Managing Signed Firmware

GE MDS ORBIT ECR
463 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
MDS 05-6632A01, Rev. F MDS Orbit MCR/ECR Technical Manual 415
9.0 APPENDIX D Managing Signed Firmware
The GE MDS code signing tool (CST) is a command line program that can be run on Windows or Linux.
Running the CST and passing the “--help” argument will print the following usage info:
pkgsigner --help
GEMDS Firmware Packaging Signing Utility (pkgsigner) 06-6671A01 Rev. 0.3.0
Built: Jan 7 2013 11:25:34
Usage:
To verify and sign a package:
pkgsigner -v verifycert -k privkey -P password -p pubcert -f infile -o outfile
where: verifycert = The filepath a public certificate to be used to verify the
signature of the infile if and the infile has been
previously signed.
privkey = The filepath for the private key to be used to create
a signed package.
password = The optional password, if the private key is encrypted
pubcert = The filepath for the public certificate corresponding to
the privkey. This is used to store a hash of the certificate
information, to aide lookup of the appropriate public key
during signature verification
infile = The filepath for package file (input)
outfile = The filepath for signed package file (output)
To display package info and verification status:
pkgsigner -l -v verifycert -f infile
where: verifycert = The filepath a public certificate to be used to verify the
signature of the infile if and the infile has been
previously signed.
infile = The filepath for package file (input)
Users can verify that a firmware package file came from GE MDS by using the CST. The following
example shows how to verify a signed firmware package file came from GE MDS by using the firmware
file ge_signed_package.mpk and by using the GE MDS provided public certificate ge_pubcert.pem.
./pkgsigner -l -v ge_pubcert.pem -f ge_signed_package.mpk
Processing file: 'ge_signed_package.mpk'
Package ID: 20121101
NumImages: 4
NumSignatures: 1
Image #0 : Bootloader version 2012.07-g644d99
Image #1 : Kernel version 3.0.15-mds-gc00
Image #2 : RootFS version 0.0.4
Image #3 : CompFS version 0.0.0
Package version: 0.0.4
Signature #1 validation was successful.

Table of Contents

Related product manuals