diff options
| author | Randall Spangler <rspangler@chromium.org> | 2011-05-04 12:46:54 -0700 |
|---|---|---|
| committer | Bill Richardson <wfrichar@chromium.org> | 2011-05-17 17:30:31 -0700 |
| commit | 662219ed70ca73b2eb38eb98b1b75e6767bff4d9 (patch) | |
| tree | 92bc14643f2f1e93564792a8067a489c59e8a4d5 | |
| parent | 61ed22c647704bf27f928a7b53491ec20a3a2e82 (diff) | |
| download | vboot-0.12.433.B109.tar.gz | |
create_new_keys.sh uses key versions file0.12.433.B620.12.433.B1090.12.433.B
BUG=chromium-os:14904
TEST=manual:
./create_new_keys.sh
verify that keys are created
edit key.versions to change versions to 10 20 30 40
./create_new_keys.sh
verify that keys are created with versions from the file
(cherry picked from commit 1fb83158560de5eaec4f04d021afe0594e03cc5d)
Change-Id: Ibccbdb18d376663647ce9f164e680a9a1710c907
Reviewed-on: http://gerrit.chromium.org/gerrit/1054
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
| -rwxr-xr-x | scripts/keygeneration/create_new_keys.sh | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/scripts/keygeneration/create_new_keys.sh b/scripts/keygeneration/create_new_keys.sh index cf6ee97e..a33e2a7f 100755 --- a/scripts/keygeneration/create_new_keys.sh +++ b/scripts/keygeneration/create_new_keys.sh @@ -9,12 +9,29 @@ # Load common constants and functions. . "$(dirname "$0")/common.sh" +# File to read current versions from. +VERSION_FILE="key.versions" + +# ARGS: <version_type> +get_version() { + local version_type=$1 + version=$(sed -n "s#^${version_type}=\(.*\)#\1#pg" ${VERSION_FILE}) + echo $version +} + +# Get the key versions for normal keypairs +FKEY_VERSION=$(get_version "firmware_key_version") +# Firmware version is the kernel subkey version. +KSUBKEY_VERSION=$(get_version "firmware_version") +# Kernel data key version is the kernel key version. +KDATAKEY_VERSION=$(get_version "kernel_key_version") + # Create the normal keypairs make_pair root_key $ROOT_KEY_ALGOID -make_pair firmware_data_key $FIRMWARE_DATAKEY_ALGOID -make_pair dev_firmware_data_key $DEV_FIRMWARE_DATAKEY_ALGOID -make_pair kernel_subkey $KERNEL_SUBKEY_ALGOID -make_pair kernel_data_key $KERNEL_DATAKEY_ALGOID +make_pair firmware_data_key $FIRMWARE_DATAKEY_ALGOID $FKEY_VERSION +make_pair dev_firmware_data_key $DEV_FIRMWARE_DATAKEY_ALGOID $FKEY_VERSION +make_pair kernel_subkey $KERNEL_SUBKEY_ALGOID $KSUBKEY_VERSION +make_pair kernel_data_key $KERNEL_DATAKEY_ALGOID $KDATAKEY_VERSION # Create the recovery and factory installer keypairs make_pair recovery_key $RECOVERY_KEY_ALGOID @@ -42,4 +59,3 @@ make_keyblock installer_kernel $INSTALLER_KERNEL_KEYBLOCK_MODE installer_kernel_ # firmware, which is built separately (and some of which can't be changed after # manufacturing). If you update these keys, you must coordinate the changes # with the BIOS people or you'll be unable to boot the resulting images. - |