diff options
author | Jakub Czapiga <jacz@semihalf.com> | 2022-07-04 12:34:28 +0200 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-07-22 07:46:32 +0000 |
commit | 64dd01225f64d6745a008d91fba3fcac2f1920bd (patch) | |
tree | 6d1bb9a194c763284a8d2655853b212ade295cd7 /tests/futility/test_sign_fw_main.sh | |
parent | 499b1814a76303b332c49dd5efb2c84e30b973ba (diff) | |
download | vboot-factory-foobar-15000.B.tar.gz |
futility: Add --keyset option to sign command for BIOS and kernelstabilize-14998.Bfactory-foobar-15000.B
This patch adds --keyset option for sign command for BIOS_IMAGE,
RAW_FIRMWARE, RAW_KERNEL and KERN_PREAMBLE file types. The default value
of this option is '/usr/share/vboot/devkeys'. It allows futility to load
public and private keys, and keyblocks from under this path, when they
were not provided manually using their respective options.
Files loaded by default for BIOS_IMAGE and RAW_FIRMWARE:
- ${keysetdir}/firmware_data_key.vbprivk
- ${keysetdir}/firmware.keyblock
- ${keysetdir}/kernel_subkey.vbpubk
Files loaded by default for RAW_KERNEL:
- ${keysetdir}/kernel_data_key.vbprivk
- ${keysetdir}/kernel.keyblock
File loaded by default for KERN_PREAMBLE:
- ${keysetdir}/kernel_data_key.vbprivk
BUG=none
BRANCH=none
TEST=make runfutiltests
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: Ic4026d501d88e0de7d2c6f52c7494c639d08bd15
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3740601
Auto-Submit: Jakub Czapiga <czapiga@google.com>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Commit-Queue: Julius Werner <jwerner@chromium.org>
Tested-by: Jakub Czapiga <czapiga@google.com>
Diffstat (limited to 'tests/futility/test_sign_fw_main.sh')
-rwxr-xr-x | tests/futility/test_sign_fw_main.sh | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/tests/futility/test_sign_fw_main.sh b/tests/futility/test_sign_fw_main.sh index 6ab2083b..e22f9072 100755 --- a/tests/futility/test_sign_fw_main.sh +++ b/tests/futility/test_sign_fw_main.sh @@ -30,9 +30,7 @@ dd bs=1024 count=16 if=/dev/urandom of="${TMP}.fw_main" # and the new way "${FUTILITY}" --debug sign \ - --signprivate "${KEYDIR}/firmware_data_key.vbprivk" \ - --keyblock "${KEYDIR}/firmware.keyblock" \ - --kernelkey "${KEYDIR}/kernel_subkey.vbpubk" \ + --keyset "${KEYDIR}" \ --version 12 \ --fv "${TMP}.fw_main" \ --flags 42 \ |