feat(coreos-resign-swu-file.sh): add resigner for swu files

this script allows resigning of swu files

scripts/coreos-resign-swu-file.sh

@@ -0,0 +1,62 @@
+#!/usr/bin/env bash
+#title           :coreos-resign-swu-file.sh
+#description     :This script signs/resigns an already existent swu file with a
+#                 provided private key and a certificate
+#author          :Patrick Vogelaar
+#date            :20240325
+#version         :0.1
+#usage           :coreos-resign-swu-file.sh -i <in>.swu -k <key> -c <cert>
+#                 -o <output_file>
+#notes           :openssl and cpio are required
+#==============================================================================
+
+SW_DESC_FILE_NAME="sw-description"
+SW_DESC_SIG_FILE_NAME="sw-description.sig"
+FIRMWARE_TMP_DIR="firmware_tmp"
+CPIO_ORDER_FILE="cpio_order"
+
+while getopts i:k:c:o flag
+do
+	case "${flag}" in
+		i) swupdate_in_file=${OPTARG};;
+		k) key_file=${OPTARG};;
+		c) certificate=${OPTARG};;
+		o) output_file=${OPTARG};;
+		*);; # TODO: error handling -> unknown flag
+	esac
+done
+
+### Some basic checks
+if [[ -d $FIRMWARE_TMP_DIR ]]; then
+	echo "ERROR: $FIRMWARE_TMP_DIR directory alread exists in this directory"
+	exit 1
+fi
+
+if ! command -v openssl &> /dev/null
+then
+	echo "openssl could not be found"
+	exit 1
+fi
+
+if ! command -v cpio &> /dev/null
+then
+	echo "cpio could not be found"
+	exit 1
+fi
+
+
+mkdir -p $FIRMWARE_TMP_DIR
+cd $FIRMWARE_TMP_DIR || exit 1
+
+# store the exact order in a file
+cpio --quiet --list < "../$swupdate_in_file" > $CPIO_ORDER_FILE
+
+cpio --quiet -id < "../$swupdate_in_file"
+
+# resign
+openssl cms -sign -in $SW_DESC_FILE_NAME -out $SW_DESC_SIG_FILE_NAME -signer\
+        "$certificate" -inkey "$key_file" -outform DER -nosmimecap -binary
+
+# recreate the swu file
+echo "cat < $CPIO_ORDER_FILE | cpio --quiet -ov > $output_file"
+cat < $CPIO_ORDER_FILE | cpio --quiet -ov > "$output_file"