| #!/bin/bash |
| |
| # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| # |
| # Generate test keys for use by the tests. |
| |
| # Load common constants and variables. |
| . "$(dirname "$0")/common.sh" |
| |
| set -e |
| |
| sha_types=( 1 256 512 ) |
| |
| # Generate RSA test keys of various lengths. |
| function generate_keys { |
| key_index=0 |
| key_name_base="${TESTKEY_DIR}/key_rsa" |
| for i in "${key_lengths[@]}" |
| do |
| key_base="${key_name_base}${i}" |
| if [ -f "${key_base}.keyb" ]; then |
| key_index=$((key_index + 1)) |
| continue |
| fi |
| |
| # Extract exponent from key_length name, if necessary |
| exp="F4" |
| bits=$i |
| if [ "${i##*_exp}" != "${i}" ]; then |
| exp="${i##*_exp}" |
| bits="${i%%_exp${exp}}" |
| fi |
| |
| openssl genrsa "-${exp}" -out "${key_base}.pem" "${bits}" |
| # Generate self-signed certificate from key. |
| openssl req -batch -new -x509 -key "${key_base}.pem" \ |
| -out "${key_base}.crt" |
| |
| # Generate pre-processed key for use by RSA signature verification code. |
| "${BIN_DIR}/dumpRSAPublicKey" -cert "${key_base}.crt" > "${key_base}.keyb" |
| |
| alg_index=0 |
| for sha_type in "${sha_types[@]}" |
| do |
| alg=$((key_index * 3 + alg_index)) |
| # wrap the public key |
| "${FUTILITY}" vbutil_key \ |
| --pack "${key_base}.sha${sha_type}.vbpubk" \ |
| --key "${key_base}.keyb" \ |
| --version 1 \ |
| --algorithm ${alg} |
| |
| # wrap the private key |
| "${FUTILITY}" vbutil_key \ |
| --pack "${key_base}.sha${sha_type}.vbprivk" \ |
| --key "${key_base}.pem" \ |
| --algorithm ${alg} |
| alg_index=$((alg_index} + 1)) |
| done |
| key_index=$((key_index + 1)) |
| done |
| } |
| |
| mkdir -p ${TESTKEY_DIR} |
| generate_keys |