keygeneration: add --android option to generate keys

BUG=b:29915721 TEST=`./create_new_keys.sh --android` includes android keys BRANCH=None Change-Id: Ibb00b87921435ac5b70a297324ddf60563dc08d8 Reviewed-on: https://chromium-review.googlesource.com/386905 Reviewed-by: Victor Hsieh <victorhsieh@chromium.org> Tested-by: Mike Frysinger <vapier@chromium.org>
2025-11-26 19:25:02 +00:00 · 2016-09-18 21:46:06 -04:00
parent f87aa72d4b
commit df39d0ac27
2 changed files with 30 additions and 3 deletions
--- a/scripts/keygeneration/create_new_android_keys.sh
+++ b/scripts/keygeneration/create_new_android_keys.sh
@@ -48,11 +48,26 @@ make_pair() {
 }

 main() {
+  local dir
+
+  while [[ $# -gt 0 ]]; do
+    case $1 in
+    -h|--help)
+      usage
+      ;;
+    -*)
+      usage "Unknown option: $1"
+      ;;
+    *)
+      break
+      ;;
+    esac
+  done
+
  if [[ $# -ne 1 ]]; then
    usage "Invalid argument."
  fi
-
-  local dir=$1
+  dir=$1

  make_pair "${dir}" platform
  make_pair "${dir}" shared
--- a/scripts/keygeneration/create_new_keys.sh
+++ b/scripts/keygeneration/create_new_keys.sh
@@ -11,10 +11,11 @@

 usage() {
  cat <<EOF
-Usage: $0 [--devkeyblock]
+Usage: $0 [options]

 Options:
  --devkeyblock          Also generate developer firmware keyblock and data key
+  --android              Also generate android keys
  --4k                   Use 4k keys instead of 8k (enables options below)
  --4k-root              Use 4k key size for the root key
  --4k-recovery          Use 4k key size for the recovery key
@@ -35,6 +36,7 @@ main() {

  # Flag to indicate whether we should be generating a developer keyblock flag.
  local dev_keyblock="false"
+  local android_keys="false"
  local root_key_algoid=${ROOT_KEY_ALGOID}
  local recovery_key_algoid=${RECOVERY_KEY_ALGOID}
  local recovery_kernel_algoid=${RECOVERY_KERNEL_ALGOID}
@@ -47,6 +49,11 @@ main() {
      dev_keyblock="true"
      ;;

+    --android)
+      echo "Will also generate Android keys."
+      android_keys="true"
+      ;;
+
    --4k)
      root_key_algoid=${RSA4096_SHA512_ALGOID}
      recovery_key_algoid=${RSA4096_SHA512_ALGOID}
@@ -128,6 +135,11 @@ main() {
  # For use in Factory Install and Developer Mode install shims.
  make_keyblock installer_kernel ${INSTALLER_KERNEL_KEYBLOCK_MODE} installer_kernel_data_key recovery_key

+  if [[ "${android_keys}" == "true" ]]; then
+    mkdir android
+    "${SCRIPT_DIR}"/create_new_android_keys.sh android
+  fi
+
  # CAUTION: The public parts of most of these blobs must be compiled into the
  # firmware, which is built separately (and some of which can't be changed after
  # manufacturing). If you update these keys, you must coordinate the changes