Add a script that will generate a new vblock given a kernel partition.

scripts/image_signing/resign_kernel_partition.sh

Index: scripts/image_signing/resign_kernel_partition.sh
diff --git a/scripts/image_signing/resign_kernel_partition.sh b/scripts/image_signing/resign_kernel_partition.sh
new file mode 100755
index 0000000000000000000000000000000000000000..1b88cb2b473ff5eaf091f718f6884a8eae1306cd
--- /dev/null
+++ b/scripts/image_signing/resign_kernel_partition.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# Script that just takes in a kernel partition and outputs a new vblock
+# signed with the specific keys. For use on signing servers.
+
+# vbutil_kernel must be in the system path.
+
+# Abort on error
+set -e
+
+# Check arguments
+if [ $# -ne 4 ] ; then
+  echo "usage: $0 src_kpart dst_vblock kernel_datakey kernel_keyblock"
+  exit 1
+fi
+
+# Make sure the tools we need are available.
+type -P vbutil_kernel &>/dev/null || \
+  ( echo "vbutil_kernel tool not found."; exit 1; )
+
+src_kpart=$1
+dst_vblock=$2
+kernel_datakey=$3
+kernel_keyblock=$4
+
+vbutil_kernel \
+  --repack "${dst_vblock}" \
+  --vblockonly \
+  --keyblock "${kernel_keyblock}" \
+  --signprivate "${kernel_datakey}" \
+  --oldblob "${src_kpart}"
+
+echo "New kernel vblock was output to ${dst_vblock}"
+