summaryrefslogtreecommitdiff
path: root/scripts/keygeneration/uefi/increment_db_child_key.sh
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/keygeneration/uefi/increment_db_child_key.sh')
-rwxr-xr-xscripts/keygeneration/uefi/increment_db_child_key.sh47
1 files changed, 47 insertions, 0 deletions
diff --git a/scripts/keygeneration/uefi/increment_db_child_key.sh b/scripts/keygeneration/uefi/increment_db_child_key.sh
new file mode 100755
index 00000000..216aacde
--- /dev/null
+++ b/scripts/keygeneration/uefi/increment_db_child_key.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+# Copyright 2018 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# Script to increment UEFI DB child key.
+
+# Load common constants and variables.
+. "$(dirname "$0")/uefi_common.sh"
+
+# Abort on errors.
+set -e
+
+if [ $# -lt 1 ]; then
+ cat <<EOF
+ Usage: $0 <keyset directory> [board name]
+
+ Increments the UEFI DB child key in the specified keyset.
+EOF
+ exit 1
+fi
+
+KEY_DIR="$1"
+BOARD_NAME="$2" # Optional.
+
+main() {
+ check_uefi_key_dir_name "${KEY_DIR}"
+
+ load_current_uefi_key_versions "${KEY_DIR}"
+ new_db_child_key_ver=$(increment_uefi_version "${KEY_DIR}" \
+ "db_child_key_version")
+
+ cd "${KEY_DIR}"
+ backup_existing_db_child_keypair "${CURR_DB_CHILD_KEY_VER}"
+
+ cat <<EOF
+Generating new UEFI DB child key version.
+
+New DB child key version: ${new_db_child_key_ver}.
+EOF
+ make_db_child_keypair "${CURR_DB_KEY_VER}" "${new_db_child_key_ver}" \
+ "${BOARD_NAME}"
+ write_updated_uefi_version_file "${CURR_PK_KEY_VER}" "${CURR_KEK_KEY_VER}" \
+ "${CURR_DB_KEY_VER}" "${new_db_child_key_ver}"
+}
+
+main "$@"
View Lorry Controller Status