diff options
| author | Kenny Root <kroot@google.com> | 2013-09-19 15:24:41 -0700 |
|---|---|---|
| committer | Kenny Root <kroot@google.com> | 2013-11-06 09:25:28 -0800 |
| commit | 98356f64a84fb0e6eb8874b166d1736353023c16 (patch) | |
| tree | 4940d5721f196279597033ad32ca4a3fcdf9d61a /tools | |
| parent | d0b6889fd111bc8de0c5822f2466a360d9cd8586 (diff) | |
make_key: add EC key generation support
Add the ability to create EC keys for use in creating ECDSA signatures.
Change-Id: Ia1654b69056413d66275ea6c55d8273f5f09f5c6
Diffstat (limited to 'tools')
| -rwxr-xr-x | tools/make_key | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/tools/make_key b/tools/make_key index 209d824f6..a1018177a 100755 --- a/tools/make_key +++ b/tools/make_key @@ -17,12 +17,12 @@ # Generates a public/private key pair suitable for use in signing # android .apks and OTA update packages. -if [ "$#" -ne 2 ]; then +if [ "$#" -lt 2 -o "$#" -gt 3 ]; then cat <<EOF -Usage: $0 <name> <subject> +Usage: $0 <name> <subject> [<keytype>] Creates <name>.pk8 key and <name>.x509.pem cert. Cert contains the -given <subject>. +given <subject>. A keytype of "rsa" or "ec" is accepted. EOF exit 2 fi @@ -49,9 +49,18 @@ chmod 0600 ${one} ${two} read -p "Enter password for '$1' (blank for none; password will be visible): " \ password -( openssl genrsa -f4 2048 | tee ${one} > ${two} ) & +if [ "${3}" = "rsa" -o "$#" -eq 2 ]; then + ( openssl genrsa -f4 2048 | tee ${one} > ${two} ) & + hash="-sha1" +elif [ "${3}" = "ec" ]; then + ( openssl ecparam -name prime256v1 -genkey -noout | tee ${one} > ${two} ) & + hash="-sha256" +else + echo "Only accepts RSA or EC keytypes." + exit 1 +fi -openssl req -new -x509 -sha1 -key ${two} -out $1.x509.pem \ +openssl req -new -x509 ${hash} -key ${two} -out $1.x509.pem \ -days 10000 -subj "$2" & if [ "${password}" == "" ]; then |