Skip to content

Instantly share code, notes, and snippets.

@skull-squadron

skull-squadron/verify

Last active July 30, 2025 06:34
Show Gist options
  • Save skull-squadron/4c46aa0df9e22fd4f002eef5d57bae37 to your computer and use it in GitHub Desktop.
Save skull-squadron/4c46aa0df9e22fd4f002eef5d57bae37 to your computer and use it in GitHub Desktop.
Download ZIP
Improved Supermicro™ signature verification tool for Linux, Mac, FreeBSD, etc.
Raw
verify
#!/bin/sh
if [ $# != 2 ]; then
echo >&2
echo >&2 "$(basename "$0") <file> <signature_file>"
echo >&2
exit 1
fi
check_signature() {
public_key="$(cd "$(dirname "$0")" && pwd)"/PublicKey.pem
openssl dgst \
-verify "$public_key" \
-sha512 \
-sigopt rsa_padding_mode:pss \
-sigopt rsa_pss_saltlen:-1 \
-signature "$2" "$1"
}
cleanup() {
[ -n "$tmp_sig" ] && [ -e "$tmp_sig" ] && rm -f "$tmp_sig"
}
tmp_sig=
# shellcheck disable=2154
trap 'e=$?; trap - INT HUP TERM QUIT PIPE; cleanup; exit $e' INT HUP TERM QUIT PIPE
tmp_sig=$(mktemp)
# shellcheck disable=2181
if [ $? != 0 ] || [ -z "$tmp_sig" ] || [ ! -e "$tmp_sig" ]; then
echo >&2 "$(basename "$0"): Failed to create temporary file for signature."
exit 1
fi
result=0
openssl dgst -sha512 -binary "$1" >"$tmp_sig" || result=1
output= fd=1
if [ "$result" = 0 ]; then
output=$(check_signature "$tmp_sig" "$2")
[ $? = 0 ] || result=1 fd=2
fi
echo >&$fd "$1: ${output}"
cleanup
exit $result
Raw
verify-all
#!/bin/sh
verify='./verify' #### <-- Only adjust to path of `verify` script ...
cleanup() {
[ -n "$files_checked" ] && [ -e "$files_checked" ] && rm -f "$files_checked"
[ -n "$files_found" ] && [ -e "$files_found" ] && rm -f "$files_found"
}
files_checked=
files_found=
# shellcheck disable=2154
trap 'e=$?; trap - INT HUP TERM QUIT PIPE; cleanup; exit $e' INT HUP TERM QUIT PIPE
files_checked=$(mktemp)
files_found=$(mktemp)
if [ ! -e "$files_checked" ] || [ ! -e "$files_found" ]; then
echo >&2 "$(basename "$0"): Failed to create temporary files."
exit 1
fi
result=0
while read -r line; do
signed_file=$(echo "$line" | cut -d';' -f2)
signature_file=$(echo "$line" | cut -d';' -f1)
if [ -n "$signature_file" ] && [ -n "$signed_file" ] && [ "$signature_file" != "$signed_file" ]; then
sh "$verify" "$signed_file" "$signature_file" || result=1
echo "$signed_file" >> "$files_checked"
echo "$signature_file" >> "$files_checked"
fi
#### vvvvv And adjust lines between here vvvvv
done <<FILES
./IPMICFG/DOS, Windows, Linux, UEFI, FreeBSD/IPMICFG_1.36.0_build.250225.sig;./IPMICFG/DOS, Windows, Linux, UEFI, FreeBSD/IPMICFG_1.36.0_build.250225.zip
./IPMICFG/VMware ESXi/IPMICFG_1.36.0_build.250225_ESXi.sig;./IPMICFG/VMware ESXi/IPMICFG_1.36.0_build.250225_ESXi.zip
./IPMIView/IPMIView_2.23.0_build.250519_bundleJRE_Linux_x64.sig;./IPMIView/IPMIView_2.23.0_build.250519_bundleJRE_Linux_x64.tar.gz
./IPMIView/IPMIView_2.23.0_build.250519_Windows.sig;./IPMIView/IPMIView_2.23.0_build.250519_Windows.zip
./SMCIPMITool/SMCIPMITool_2.29.0_build.250214_bundleJRE_Linux_x64.sig;./SMCIPMITool/SMCIPMITool_2.29.0_build.250214_bundleJRE_Linux_x64.tar.gz
./SMCIPMITool/SMCIPMITool_2.29.0_build.250214_bundleJRE_Windows.sig;./SMCIPMITool/SMCIPMITool_2.29.0_build.250214_bundleJRE_Windows.zip
./SUM extension package for GD2 firmware management/AddOn_GD2_Linux_x86_64_20231108.tar.gz.sig;./SUM extension package for GD2 firmware management/AddOn_GD2_Linux_x86_64_.tar.gz
./Super Diagnostics Offline (SDO)/SuperDiag_1.10.1_20250305.zip.sig;./Super Diagnostics Offline (SDO)/SuperDiag_1.10.1_20250305.zip
./Super Guardians/smckmip_docker_image_pkg.sig;./Super Guardians/smckmip_docker_image_pkg.zip
./SuperCloud Composer (SCC)/SCC_v2.5.0_Build_241018_Pack_241021.tar.sig;./SuperCloud Composer (SCC)/SCC_v2.5.0_Build_241018_Pack_241021.tar.gz
./SuperCloud Composer (SCC)/SCC_v3.9.0_Build_250529_Pack_250611.tar.sig;./SuperCloud Composer (SCC)/SCC_v3.9.0_Build_250529_Pack_250611.tar.gz
./Supermicro Management Plug-in for Microsoft SCOM/Supermicro_SCOM_Management_Plugin_2.1.0_build.240906.sig;./Supermicro Management Plug-in for Microsoft SCOM/Supermicro_SCOM_Management_Plugin_2.1.0_build.240906.zip
./Supermicro Management Plug-in for Nagios/nagios_supermicro_redfish_1.3.0_build.240709_Linux.sig;./Supermicro Management Plug-in for Nagios/nagios_supermicro_redfish_1.3.0_build.240709_Linux.tar.gz
./Supermicro Management Plug-in for VMware vCenter/Supermicro_Management_Plugin_for_vCenter_3.0.0_build_241210.sig;./Supermicro Management Plug-in for VMware vCenter/Supermicro_Management_Plugin_for_vCenter_3.0.0_build_241210.zip
./Supermicro Power Manager (SPM)/SPM_1.12.0_build.230109_Linux_x64.tar.sig;./Supermicro Power Manager (SPM)/SPM_1.12.0_build.230109_Linux_x64.tar.gz
./Supermicro Power Manager (SPM)/SPM_1.12.0_build.230109_Windows_x64.sig;./Supermicro Power Manager (SPM)/SPM_1.12.0_build.230109_Windows_x64.zip
./Supermicro Server Manager (SSM)/SSM_6.1.0_1267_OVA.sig;./Supermicro Server Manager (SSM)/SSM_6.1.0_1267_OVA.zip
./Supermicro Server Manager (SSM)/SSM_6.1.0_build.1267_linux.sig;./Supermicro Server Manager (SSM)/SSM_6.1.0_build.1267_linux.zip
./Supermicro Server Manager (SSM)/SSM_6.1.0_build.1267_windows.sig;./Supermicro Server Manager (SSM)/SSM_6.1.0_build.1267_windows.zip
./Supermicro SuperDoctor 5 (SD5)/SD5_5.21.0_build.1112_linux.sig;./Supermicro SuperDoctor 5 (SD5)/SD5_5.21.0_build.1112_linux.zip
./Supermicro SuperDoctor 5 (SD5)/SD5_5.21.0_build.1112_windows.sig;./Supermicro SuperDoctor 5 (SD5)/SD5_5.21.0_build.1112_windows.zip
./Supermicro SuperDoctor 5 (SD5)/SuperDoctor5UpdatePackage_5.21.0_build.1112_20250521135903.sig;./Supermicro SuperDoctor 5 (SD5)/SuperDoctor5UpdatePackage_5.21.0_build.1112_20250521135903.zip
./Supermicro Thin-Agent Service (TAS)/TAS_1.10.1_build.250409.sig;./Supermicro Thin-Agent Service (TAS)/TAS_1.10.1_build.250409.zip
./Supermicro Update Manager (SUM)/sum_1.3.0_UEFI_x86_64_20220519.zip.sig;./Supermicro Update Manager (SUM)/sum_1.3.0_UEFI_x86_64_20220519.zip
./Supermicro Update Manager (SUM)/sum_2.14.0_BSD_x86_64_20240215.tar.gz.sig;./Supermicro Update Manager (SUM)/sum_2.14.0_BSD_x86_64_20240215.tar.gz
./Supermicro Update Manager (SUM)/sum_2.14.0_Linux_arm64_20240215.tar.gz.sig;./Supermicro Update Manager (SUM)/sum_2.14.0_Linux_arm64_20240215.tar.gz
./Supermicro Update Manager (SUM)/sum_2.14.0_Linux_x86_64_20240215.tar.gz.sig;./Supermicro Update Manager (SUM)/sum_2.14.0_Linux_x86_64_20240215.tar.gz
./Supermicro Update Manager (SUM)/sum_2.14.0_Win_x86_64_20240215.zip.sig;./Supermicro Update Manager (SUM)/sum_2.14.0_Win_x86_64_20240215.zip
./SuperServer Automation Assistant (SAA)/saa_1.3.0_BSD_x86_64_20250414.tar.gz.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_BSD_x86_64_20250414.tar.gz
./SuperServer Automation Assistant (SAA)/saa_1.3.0_ESXi7.0.0_x86_64_20250414.zip.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_ESXi7.0.0_x86_64_20250414.zip
./SuperServer Automation Assistant (SAA)/saa_1.3.0_ESXi8.0.0_x86_64_20250414.zip.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_ESXi8.0.0_x86_64_20250414.zip
./SuperServer Automation Assistant (SAA)/saa_1.3.0_Linux_arm64_20250414.tar.gz.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_Linux_arm64_20250414.tar.gz
./SuperServer Automation Assistant (SAA)/saa_1.3.0_Linux_x86_64_20250414.tar.gz.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_Linux_x86_64_20250414.tar.gz
./SuperServer Automation Assistant (SAA)/saa_1.3.0_UEFI_arm64_20250423.zip.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_UEFI_arm64_20250423.zip
./SuperServer Automation Assistant (SAA)/saa_1.3.0_UEFI_x86_64_20250423.zip.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_UEFI_x86_64_20250423.zip
./SuperServer Automation Assistant (SAA)/saa_1.3.0_Win_x86_64_20250414.zip.sig;./SuperServer Automation Assistant (SAA)/saa_1.3.0_Win_x86_64_20250414.zip
./SuperServer Automation Assistant (SAA)/SAA_Migration_Guide_1.0.0_20241017.zip.sig;./SuperServer Automation Assistant (SAA)/SAA_Migration_Guide_1.0.0_20241017.zip
./SuperServer Automation Assistant (SAA)/UEFI_SAA_Migration_Guide_1.0.0_20241017.zip.sig;./SuperServer Automation Assistant (SAA)/UEFI_SAA_Migration_Guide_1.0.0_20241017.zip
FILES
#### ^^^^^ And adjust lines between here ^^^^^
sort "$files_checked" > "$files_checked".tmp && mv "$files_checked".tmp "$files_checked"
find . -type f | sort > "$files_found" || result=1
echo 'Missing file(s):'
comm -23 "$files_checked" "$files_found" || results=1
echo 'Unverified file(s):'
comm -13 "$files_checked" "$files_found" || results=1
cleanup
exit "$result"
@skull-squadron
Copy link
Author

Output

$ ./verify-all
./IPMICFG/DOS, Windows, Linux, UEFI, FreeBSD/IPMICFG_1.36.0_build.250225.zip: Verified OK
./IPMICFG/VMware ESXi/IPMICFG_1.36.0_build.250225_ESXi.zip: Verified OK
./IPMIView/IPMIView_2.23.0_build.250519_bundleJRE_Linux_x64.tar.gz: Verified OK
./IPMIView/IPMIView_2.23.0_build.250519_Windows.zip: Verified OK
./SMCIPMITool/SMCIPMITool_2.29.0_build.250214_bundleJRE_Linux_x64.tar.gz: Verified OK
./SMCIPMITool/SMCIPMITool_2.29.0_build.250214_bundleJRE_Windows.zip: Verified OK
./SUM extension package for GD2 firmware management/AddOn_GD2_Linux_x86_64_.tar.gz: Verified OK
./Super Diagnostics Offline (SDO)/SuperDiag_1.10.1_20250305.zip: Verified OK
./Super Guardians/smckmip_docker_image_pkg.zip: Verified OK
./SuperCloud Composer (SCC)/SCC_v2.5.0_Build_241018_Pack_241021.tar.gz: Verified OK
./SuperCloud Composer (SCC)/SCC_v3.9.0_Build_250529_Pack_250611.tar.gz: Verified OK
./Supermicro Management Plug-in for Microsoft SCOM/Supermicro_SCOM_Management_Plugin_2.1.0_build.240906.zip: Verified OK
./Supermicro Management Plug-in for Nagios/nagios_supermicro_redfish_1.3.0_build.240709_Linux.tar.gz: Verified OK
./Supermicro Management Plug-in for VMware vCenter/Supermicro_Management_Plugin_for_vCenter_3.0.0_build_241210.zip: Verified OK
./Supermicro Power Manager (SPM)/SPM_1.12.0_build.230109_Linux_x64.tar.gz: Verified OK
./Supermicro Power Manager (SPM)/SPM_1.12.0_build.230109_Windows_x64.zip: Verified OK
./Supermicro Server Manager (SSM)/SSM_6.1.0_1267_OVA.zip: Verified OK
./Supermicro Server Manager (SSM)/SSM_6.1.0_build.1267_linux.zip: Verified OK
./Supermicro Server Manager (SSM)/SSM_6.1.0_build.1267_windows.zip: Verified OK
./Supermicro SuperDoctor 5 (SD5)/SD5_5.21.0_build.1112_linux.zip: Verified OK
./Supermicro SuperDoctor 5 (SD5)/SD5_5.21.0_build.1112_windows.zip: Verified OK
./Supermicro SuperDoctor 5 (SD5)/SuperDoctor5UpdatePackage_5.21.0_build.1112_20250521135903.zip: Verified OK
./Supermicro Thin-Agent Service (TAS)/TAS_1.10.1_build.250409.zip: Verified OK
./Supermicro Update Manager (SUM)/sum_1.3.0_UEFI_x86_64_20220519.zip: Verified OK
./Supermicro Update Manager (SUM)/sum_2.14.0_BSD_x86_64_20240215.tar.gz: Verified OK
./Supermicro Update Manager (SUM)/sum_2.14.0_Linux_arm64_20240215.tar.gz: Verified OK
./Supermicro Update Manager (SUM)/sum_2.14.0_Linux_x86_64_20240215.tar.gz: Verified OK
./Supermicro Update Manager (SUM)/sum_2.14.0_Win_x86_64_20240215.zip: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_BSD_x86_64_20250414.tar.gz: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_ESXi7.0.0_x86_64_20250414.zip: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_ESXi8.0.0_x86_64_20250414.zip: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_Linux_arm64_20250414.tar.gz: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_Linux_x86_64_20250414.tar.gz: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_UEFI_arm64_20250423.zip: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_UEFI_x86_64_20250423.zip: Verified OK
./SuperServer Automation Assistant (SAA)/saa_1.3.0_Win_x86_64_20250414.zip: Verified OK
./SuperServer Automation Assistant (SAA)/SAA_Migration_Guide_1.0.0_20241017.zip: Verified OK
./SuperServer Automation Assistant (SAA)/UEFI_SAA_Migration_Guide_1.0.0_20241017.zip: Verified OK

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment