diff options
author | Mike Frysinger <vapier@chromium.org> | 2017-05-05 17:04:26 -0400 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-05-10 11:58:19 -0700 |
commit | 1aabe7111e6e71d48bb3d684880489f14b39b17e (patch) | |
tree | 76131ec8ba686fc0cff08371022b338f8f86a269 | |
parent | 42f57403aee12cebfcf314d2f9fa9cd00cb5aae2 (diff) | |
download | vboot-1aabe7111e6e71d48bb3d684880489f14b39b17e.tar.gz |
image_signing: output pubkey in DER format
BRANCH=None
BUG=chromium:718184
TEST=new imageloader works
Change-Id: I430ed616954c820d3d1607eefd4f8e1c60863a8f
Reviewed-on: https://chromium-review.googlesource.com/497914
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Greg Kerr <kerrnel@chromium.org>
-rwxr-xr-x | scripts/image_signing/insert_container_publickey.sh | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/scripts/image_signing/insert_container_publickey.sh b/scripts/image_signing/insert_container_publickey.sh index 8724e051..8cd60e4a 100755 --- a/scripts/image_signing/insert_container_publickey.sh +++ b/scripts/image_signing/insert_container_publickey.sh @@ -39,9 +39,14 @@ main() { mount_image_partition "${image}" 3 "${rootfs}" fi + # Imageloader likes DER as a runtime format as it's easier to read. + local tmpfile=$(mktemp) + trap "rm -f '${tmpfile}'" EXIT + openssl pkey -pubin -in "${pub_key}" -out "${tmpfile}" -pubout -outform DER + sudo install \ -D -o root -g root -m 644 \ - "${pub_key}" "${rootfs}/${key_location}/oci-container-key-pub.pem" + "${tmpfile}" "${rootfs}/${key_location}/oci-container-key-pub.der" info "Container verification key was installed." \ "Do not forget to resign the image!" } |