| #!/bin/bash |
| |
| # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| # |
| # Generate test keys for use by the tests. |
| |
| # Load common constants and variables. |
| . "$(dirname "$0")/common.sh" |
| |
| set -e |
| |
| sha_types=( 1 256 512 ) |
| |
| # Generate RSA test keys of various lengths. |
| function generate_keys { |
| key_index=0 |
| key_name_base="${TESTKEY_DIR}/key_rsa" |
| for i in ${key_lengths[@]} |
| do |
| key_base="${key_name_base}${i}" |
| if [ -f "${key_base}.keyb" ]; then |
| key_index=$((${key_index} + 1)) |
| continue |
| fi |
| |
| # Extract exponent from key_length name, if necessary |
| exp="F4" |
| bits=$i |
| if [ "${i##*_exp}" != "${i}" ]; then |
| exp="${i##*_exp}" |
| bits="${i%%_exp${exp}}" |
| fi |
| |
| openssl genrsa -${exp} -out ${key_base}.pem ${bits} |
| # Generate self-signed certificate from key. |
| openssl req -batch -new -x509 -key ${key_base}.pem \ |
| -out ${key_base}.crt |
| |
| # Generate pre-processed key for use by RSA signature verification code. |
| ${BIN_DIR}/dumpRSAPublicKey -cert ${key_base}.crt \ |
| > ${key_base}.keyb |
| |
| alg_index=0 |
| for sha_type in ${sha_types[@]} |
| do |
| alg=$((${key_index} * 3 + ${alg_index})) |
| # wrap the public key |
| ${FUTILITY} vbutil_key \ |
| --pack "${key_base}.sha${sha_type}.vbpubk" \ |
| --key "${key_base}.keyb" \ |
| --version 1 \ |
| --algorithm ${alg} |
| |
| # wrap the private key |
| ${FUTILITY} vbutil_key \ |
| --pack "${key_base}.sha${sha_type}.vbprivk" \ |
| --key "${key_base}.pem" \ |
| --algorithm ${alg} |
| alg_index=$((${alg_index} + 1)) |
| done |
| key_index=$((${key_index} + 1)) |
| done |
| } |
| |
| mkdir -p ${TESTKEY_DIR} |
| generate_keys |