diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2015-02-05 10:44:54 -0800 |
|---|---|---|
| committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-03-10 23:45:26 +0000 |
| commit | 3855e2e948f235c7e4725e5a33b06878fa7b3130 (patch) | |
| tree | 3fc38f3a8f225d326ab481bd9919843fdea7ddfa /tests | |
| parent | add997fa941ef1a65207bee909a88e368a9b3d22 (diff) | |
| download | vboot-3855e2e948f235c7e4725e5a33b06878fa7b3130.tar.gz | |
futility: show sha1sums for private keys too
Because all of our private key structs carry around the openssl
struct rsa_st data blobs, we can use those blobs to extract the
corresponding public key and generate a digest of it.
This lets us match our public and private keys without having to
rely on the filenames. There's no crypto verification without
actually *using* them, of course, but it's handy for quick reference.
BUG=chromium:231574
BRANCH=none
TEST=make runtests
This also adds a test to ensure that all the public and private
keys generated from the same .pem file have the same sha1sums.
Change-Id: If83492437e3ef37f7c4ebca4675336b75f631901
Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/246768
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'tests')
| -rwxr-xr-x | tests/futility/test_create.sh | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/tests/futility/test_create.sh b/tests/futility/test_create.sh index e1d8d334..3c1d38e2 100755 --- a/tests/futility/test_create.sh +++ b/tests/futility/test_create.sh @@ -34,6 +34,13 @@ for sig in rsa1024 rsa2048 rsa4096 rsa8192; do done done +# Demonstrate that the sha1sums are the same for all the keys created from the +# same .pem files, both public and private, vb1 and vb21. +for sig in rsa1024 rsa2048 rsa4096 rsa8192; do + num=$(${FUTILITY} show ${TMP}_key_${sig}.* | grep sha1sum | uniq | wc -l) + [ "$num" -eq "1" ] +done + # cleanup rm -rf ${TMP}* exit 0 |