diff options
Diffstat (limited to 'scripts/keygeneration/common.sh')
-rwxr-xr-x | scripts/keygeneration/common.sh | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/scripts/keygeneration/common.sh b/scripts/keygeneration/common.sh index 1d08fdbe..b6e20c61 100755 --- a/scripts/keygeneration/common.sh +++ b/scripts/keygeneration/common.sh @@ -23,7 +23,10 @@ function alg_to_keylen { echo $(( 1 << (10 + ($1 / 3)) )) } -# Default alrogithms. +# Default algorithms. +EC_ROOT_KEY_ALGOID=7 +EC_DATAKEY_ALGOID=7 + ROOT_KEY_ALGOID=11 RECOVERY_KEY_ALGOID=11 @@ -37,13 +40,13 @@ KERNEL_DATAKEY_ALGOID=4 # Keyblock modes determine which boot modes a signing key is valid for use # in verification. -FIRMWARE_KEYBLOCK_MODE=7 +EC_KEYBLOCK_MODE=7 # Only allow RW EC firmware in non-recovery. +FIRMWARE_KEYBLOCK_MODE=7 # Only allow RW firmware in non-recovery. DEV_FIRMWARE_KEYBLOCK_MODE=6 # Only allow in dev mode. -RECOVERY_KERNEL_KEYBLOCK_MODE=11 +RECOVERY_KERNEL_KEYBLOCK_MODE=11 # Only in recovery mode. KERNEL_KEYBLOCK_MODE=7 # Only allow in non-recovery. INSTALLER_KERNEL_KEYBLOCK_MODE=10 # Only allow in Dev + Recovery. - # Emit .vbpubk and .vbprivk using given basename and algorithm # NOTE: This function also appears in ../../utility/dev_make_keypair. Making # the two implementations the same would require some common.sh, which is more |