blob: fe206f821770792c0e248f75d0c9875851f2053f [file] [log] [blame]
# Copyright 2018 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Script to increment UEFI DB child key.
# Load common constants and variables.
. "$(dirname "$0")/"
# Abort on errors.
set -e
if [ $# -ne 1 ]; then
cat <<EOF
Usage: $0 <keyset directory>
Increments the UEFI DB child key in the specified keyset.
exit 1
main() {
check_uefi_key_dir_name "${KEY_DIR}"
load_current_uefi_key_versions "${KEY_DIR}"
new_db_child_key_ver=$(increment_uefi_version "${KEY_DIR}" \
cd "${KEY_DIR}"
backup_db_child_keypair "${CURR_DB_CHILD_KEY_VER}"
cat <<EOF
Generating new UEFI DB child key version.
New DB child key version: ${new_db_child_key_ver}.
make_db_child_keypair "${CURR_DB_KEY_VER}" "${new_db_child_key_ver}"
write_updated_uefi_version_file "${CURR_PK_KEY_VER}" "${CURR_KEK_KEY_VER}" \
"${CURR_DB_KEY_VER}" "${new_db_child_key_ver}"
main "$@"