diff options
author | Bill Richardson <wfrichar@chromium.org> | 2010-07-01 10:22:06 -0700 |
---|---|---|
committer | Bill Richardson <wfrichar@chromium.org> | 2010-07-01 10:22:06 -0700 |
commit | abf055045802cb06c57ff2d7b187736bdcb3b138 (patch) | |
tree | be0cc0aaa1d8c64fb5402b66c975e7e7c018acd1 /tests/run_vbutil_tests.sh | |
parent | a08b5c9d032be485fe6e2790c23e8c9bb9fca2ad (diff) | |
download | vboot-abf055045802cb06c57ff2d7b187736bdcb3b138.tar.gz |
Switch to using .vbprivk for signing everything now.
This makes it much simpler to keep track of what we're doing.
vbutil_key can now wrap both .keyb and .pem keys. It figures out which is
which by trying both and just using the one that works.
vbutil_keyblock and vbutil_kernel now use .vbprivk files for signing.
replace debug() with VBDEBUG(()) in host-side sources, too.
rename PrivateKeyRead to PrivateKeyReadPem
Add real PrivateKeyRead and PrivateKeyWrite for .vbprivk files.
Review URL: http://codereview.chromium.org/2871033
Diffstat (limited to 'tests/run_vbutil_tests.sh')
-rwxr-xr-x | tests/run_vbutil_tests.sh | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/tests/run_vbutil_tests.sh b/tests/run_vbutil_tests.sh index ce86e173..abbd17b7 100755 --- a/tests/run_vbutil_tests.sh +++ b/tests/run_vbutil_tests.sh @@ -19,9 +19,9 @@ function test_vbutil_key { do echo -e "For signing key ${COL_YELLOW}RSA-$keylen/$hashalgo${COL_STOP}:" # Pack the key - ${UTIL_DIR}/vbutil_key --pack \ - --in ${TESTKEY_DIR}/key_rsa${keylen}.keyb \ - --out ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbpubk \ + ${UTIL_DIR}/vbutil_key \ + --pack ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbpubk \ + --key ${TESTKEY_DIR}/key_rsa${keylen}.keyb \ --version 1 \ --algorithm $algorithmcounter if [ $? -ne 0 ] @@ -31,8 +31,8 @@ function test_vbutil_key { # Unpack the key # TODO: should verify we get the same key back out? - ${UTIL_DIR}/vbutil_key --unpack \ - --in ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbpubk + ${UTIL_DIR}/vbutil_key \ + --unpack ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbpubk if [ $? -ne 0 ] then return_code=255 @@ -68,12 +68,22 @@ ${datahashalgo}${COL_STOP}" keyblockfile+="${data_algorithmcounter}.keyblock" rm -f ${keyblockfile} + # Wrap + ${UTIL_DIR}/vbutil_key \ + --pack ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbprivk \ + --key ${TESTKEY_DIR}/key_rsa${signing_keylen}.pem \ + --algorithm $signing_algorithmcounter + if [ $? -ne 0 ] + then + return_code=255 + fi + # Pack ${UTIL_DIR}/vbutil_keyblock --pack ${keyblockfile} \ --datapubkey \ - ${TESTKEY_SCRATCH_DIR}/key_alg${data_algorithmcounter}.vbpubk \ - --signprivate ${TESTKEY_DIR}/key_rsa${signing_keylen}.pem \ - --algorithm $signing_algorithmcounter + ${TESTKEY_SCRATCH_DIR}/key_alg${data_algorithmcounter}.vbpubk \ + --signprivate \ + ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbprivk if [ $? -ne 0 ] then return_code=255 |