From 5acd520c00d106b5c465af374c29aba050360ffc Mon Sep 17 00:00:00 2001 From: Vadim Bendebury Date: Thu, 27 Apr 2017 17:14:09 -0700 Subject: [PATCH] cr50: use 2048 bit key for autosigned images The node locked ROs expect the RW image to be self signed with a 2048 bit key. The only case where loader-testkey-A.pem file is used is is building vanilla images which can't even run any more (they used to be good for old dev RO). Let's replace the 3072 bit key with a 2048 bit key generated by running 'openssl genrsa -3 2048 > util/signer/loader-testkey-A.pem' BRANCH=none BUG=none TEST=verified that RW signed with this key can be run by a node locked RO. Change-Id: I74d189d03acb663fde7db48815e54748163c6399 Signed-off-by: Vadim Bendebury Reviewed-on: https://chromium-review.googlesource.com/489434 Tested-by: Nicolas Boichat Reviewed-by: Marius Schilder --- util/signer/loader-testkey-A.pem | 62 +++++++++++++------------------- 1 file changed, 25 insertions(+), 37 deletions(-) diff --git a/util/signer/loader-testkey-A.pem b/util/signer/loader-testkey-A.pem index b6162bce30..ea16e603e9 100644 --- a/util/signer/loader-testkey-A.pem +++ b/util/signer/loader-testkey-A.pem @@ -1,39 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIG4AIBAAKCAYB6julYjQuar3epRzKCKxlEa35//3QFHtXvqlaJ5yuY8A0+cYbP -8l1WAILE8VIdOMLpnA+dHSjhTf4ePfOAtPsxSEQs+QA8ESiSvp5VnvzXfkDqG9Xh -bAQyKTP4pgT9pzzrk3f+S7ig3FJuGM2CTUhTr3lwYR53AZnE0iEuNNVjtzG81fzG -iyer8GtPhYJnuK4N0cZv5RwVpgecFXs4JSCNCG9lkRblQFaxyiK2oMMe4jmiSP1o -A8ocKwuE21HEHegiEqX8NvBK4DDv7HnLZ/pi416niHbATzIuOSzCuGmSTXnrUHiY -Cxb4nRUxGXZ6IZq7pzdq1RjbrMj/P2Hg86Pm+mgS40OS3PhGptJ1nVyE7VegIrts -CEQrANuaLPgVvpUtUjsLGXUJXHh+OUfULMrPAzLcuIXZDZ3LmEOT0uBOW0Q/sRfI -B7AdWyBy50zvE+zrBCN5MxwW1Pv3qLAY4YH3HSXYD1uwwG8w5/34wCOoeDBwDuDX -xQvajP//tOmGyHECAQMCggGAUbSbkF4HvHT6cNohrBy7gvJUVVT4A2nj9Rw5sUTH -u0qzfvZZ3/bo5ABXLfY2viXXRmgKaL4bQN6paX6iVc38y4WCyKYAKAtwYdRpjmn9 -5P7V8Wfj651YIXDNUG6t/m998mJP/t0lwJLhnrszrDOFjR+mSutppKu72IwWHs3j -l892feP92bIacqBHilkBmnses+Eu9UNoDm6vvWOnesNrCLBKQ7YPQ4A5y9wXJGss -v0F7wYX+RVfcEsddAzzhLWlEczbF/afBrQQozQ6aVrRIl9Y5oxUxCFq3sQV9CQtc -xAmIj7S/L74pVKJL/4w15PS8gEa8ZRT4hw2njIE10S9vt4MBpPYecyWtoibhNFQ4 -OgSN6o4HsSESm48uaXWjcWCECH212r0jZ1KA/tUifnClCdjqgki9JNP9CcWmcMIw -hdRacjscPxtYkxVZ+rnXI1OG/OLXz+qsEH2Ste48tcZsCA9FgbxOG2aGilTwPI5C -RvQbWbig6uyo1ea5cDs3tIhLAoHBAPVmSJnuBVIAAv2B+gDqPaY6Gc9tvAq5R8ef -z73tJGTvS/ei611sLqYDgSiuNJOEDP4TclX7fKPIEXnqChQn3b4bFdVd5vxDvv6u -Tcz2NYR5QZOvIpOoYF53J0nsQcO/udYdjzZ29NCrn3wV15o0Fe4b5oF16oJw6ALu -gHGyrYyPro1sl2s/kiSdKEggUUC1vW2+ikYUy8bOzXiTCwJEdYSUvm4s1P1U2R5w -o4rcNPEBdWqvqR98SI8hIzCrEMw1VQKBwH/aNGXNSHVZ8L7UmEhvT9jn7mN68SkN -1t0RIXc6OgdP4RwebnMBqlOmIgkY8Q8ucv0pqn06J21QPDKThxMEnpWaz8YULung -tNS+Mtoo0qltQSyejU6uR+My7rIQQSfuFUp4GwyGyx21F4PjvHxPvVIh7JfVf59e -ujoBSXj86fkNDgbr1f4fGRwd8TKwOPlg5QHxVXs+TjdJ0m4wSgXzamZxfydIEYpR -zEL38hMOi00Ikf7KRlflxgqRxqaxBSvGrQKBwQCjmYW79AOMAAH+VqarRtPEJrvf -nn1ce4Uvv9/T822Yn4f6bJzo8snEAlYbHs23rV3+t6GOp6htMAumnAa4GpPUEg6O -Ppn9gn9UdDPd+XkC+4ENH2xicEA++hoxSCvX1SaOvl95pKM1x7+oDo+8IrlJZ+8A -+UcBoJqsnwBLzHOzCnReSGTyKmFtvhrawDYrI9OefwbZYzKEid5QYgdW2E5YYyme -yI3+OJC+9cJcks32APjxynC/qDBfa2zLHLXdeOMCgcBVPCLuiNr45qB/OGWFn4qQ -mp7s/KDGCTnothZPfCavipYSvvRMq8bibsFbZfYKHvdTcRxTfBpI4Cght69iAxRj -vIqEDXSb6yM4fsyRcIxw84DIabOJyYVCIfR2tYDFSWOG+ryzBIdpI2UCl9L9in42 -wUhlOP+/lHwmq4ZQqJv7XglZ8o6pahC9aUt3ICX7le4BS45SKYl6MTb0IDFZTPGZ -oP9vhWEG4TLXT/a3XweIsGFUhtmP7oQHC9nEdgNyhHMCgcEAhn1Fdj7yQq50JtlD -TamB86TMRs+yB/MsU80ZhDX0D8z9Ap2fNFQdYmfkNmx93hfN7TghTySTh0oBG24F -h0WlNFk6ofw/H48K915a4Th1DEzJrR8EmoQtVtfBb5RYrv4vPUBL+nDcyUoxz3ae -43DPLzd01pTs548g65FOau5FHubkh62KLD5vltdr0LQywljouEMp1jmNPgIYPG8S -xD1m44kpRvX4qbZMk0uR421MEGQq/xJLWYk28M2m7yAtQQ6J +MIIEogIBAAKCAQEAp/kh8/NGr1GUMA6c0tq9cRhVMaMwhYCF6mkpeW/D+1k3lL5q +pkjqDcYBZG4xbhdCgEH9ppPYKzwKBVieWuqf7uymLBlCLmaPA6P4J+IwhS001WoD +0kACEhnbL4xeP21fwuz9/u6ucoM8kJsFV/gacADmuOKTrU89Kyj2J5iLWVQPMMAM +BOk+3BNamWwnCRk+CvcT+EQHtzcFkK2avm4HUQNSzhL407NbvsHwUjv7N6wtjeu5 +VLaTLTHxk9Z5savcn2jgxWASn4M59dpD7KSTYi4LsY8NPUWswz0E2a0vk8rfthtA +amTkU4MT9ohVYq2JTCj5DC3DV/0Z7xiZ+ZsYPQIBAwKCAQBv+2v394R04Q11XxM3 +PH5LZY4hF3WuVa6cRhumSoKnkM+4fvHEMJwJLquYSXZJZNcAK/5vDTrHfVwDkGmR +8b/0ncQdZiwe7woCbVAalssDc3iORq021Va2u+d1CD7U85Usnf6p9HRMV321vK46 +pWb1Ve8l7GJziijHcKQaZbI7jEq4JKyk9lL7seEWjf2zHyiLnh8wxQK7Ebizrqw9 +EIH3tmC6JKvbGJPizQ6tz1O0bVwiaHmZObouRxBTE8fL2zuSmJunqsYK4xqWfRsb ++RcSDndzBTW89qZr7i3h22g8jUsMiPBqV9/l9w1dOxnWwAtQSHfebcCA2u3OxUGM +9dpTAoGBANhm0GYySwuCJc8lJpsBUl2tbuw7pzRdDe8BuqGv2aaEHx7arwFat1AA +ZHVlQquWaKxwCuyFY/QlGq4uTNHhkBgygnFeEvtZ0KaKSVBBXY0Fbhq+N6rsX7FQ +eRb4sz7We/aFR2K1V52dHaetOjMBfLhX1e7dZRwX8xnSSKuQeB6DAoGBAMa1uKLb +LLbgYrnScI97GCOMGvjzdU9BjoGBbPay+53ZUqLcLPWwVy3qKeToQlISn3bqRBZp +fAfCrKro6/weUusRAYXrzO41XeuJ1UsBUWPBqj3Gz5G1dAHQ3qkOMNRievieBnUV +iXbdctg9dXufEL/75lZhJAZ+wZtmqAwVsjI/AoGBAJBEiu7MMgesGTTDbxIA4ZPI +9J19GiLos/Sr0cEf5m8Cv2nnH1Y8ejVVmE5Dgce5mx2gB0hY7U1uEcl0MzaWYBAh +rEuUDKeRNcRcMOArk7NY9BHUJRydlSDgULn7IinkUqRY2kHOOmkTaRpzfCIA/dA6 +jp8+Q2gP92aMMHJgUBRXAoGBAIR5JcHncySVlyaMSwpSEBeyvKX3o4ortFZWSKR3 +Umk7jGySyKPK5MlGxpia1uFhv6ScLWRGUq/XHcdF8qgUN0dgq66dM0l46UexONyr +i5fWcX6EimEjoqvglHC0II2W/KW+rvi5Bk8+TJAo+P0UtdVSmY7rbVmp1meZxV1j +zCF/AoGAcm2nAn275kfGZjXkTCYTZ6IXJgxcc4vXhv573UfNIJnC0Sg9rsgFiXHc +nuQwFh5pTm4hU7uEknc/IobFLdCqM9mqujuYmboj0pmbRfOsjV9hqcmuo1OrSbJa +gozzsNqU2I6srVW5SlCwWu1c4rBlBZvcdUtBRRb2b6bnhe29ykg= -----END RSA PRIVATE KEY-----