From 2c41d5e07900efd02e2d4041837669ec2490fe68 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@chromium.org>
Date: Wed, 4 Dec 2019 01:46:26 -0500
Subject: keygeneration: add helper for generating update payload keys

We don't use this anywhere as we've only ever generated one key so
far.  But we never wrote this down, so this is more documentation.

BUG=None
TEST=ran the code manually
BRANCH=None

Change-Id: Ia9a318c686b1ad7ab1de31899b49ce73a4d5ad9f
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1947554
Reviewed-by: George Engelbrecht <engeg@google.com>
---
 scripts/keygeneration/common.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/scripts/keygeneration/common.sh b/scripts/keygeneration/common.sh
index 7482dfcd..21d5334e 100644
--- a/scripts/keygeneration/common.sh
+++ b/scripts/keygeneration/common.sh
@@ -110,6 +110,14 @@ make_pair() {
   rm -f "${base}_${len}.pem" "${base}_${len}.crt" "${base}_${len}.keyb"
 }
 
+# Used to generate keys for signing update payloads.
+make_au_payload_key() {
+  local dir=$1
+  local priv="${dir}/update_key.pem"
+  local pub="${dir}/update-payload-key-pub.pem"
+  openssl genrsa -out "${priv}" 2048
+  openssl rsa -pubout -in "${priv}" -out "${pub}"
+}
 
 # Emit a .keyblock containing flags and a public key, signed by a private key
 # flags are the bitwise OR of these (passed in decimal, though)
-- 
cgit v1.2.1