WWWWWWWWWWWWWWWWW/Bios-crypto
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Tools for manipulating OLPC keys and signatures Make a lease: Usage: obc-make-lease.sh <sn> <uuid> <days> [outfile] Example: obc-make-lease.sh SHF706002A7 8BF9AC40-26F8-4BCC-A699-BE51FD366419 1 lease.sig If outfile is omitted, output goes to stdout There is a companion command obc-make-lease-from-csv.sh which expects a plain CSV file with no quotes or extraneous characters with lines composed of SN,UUID Make a developer key: Usage: obc-make-devkey.sh sn uuid [outfile] Example: obc-make-devkey.sh SHF706002A7 8BF9AC40-26F8-4BCC-A699-BE51FD366419 develop.sig If outfile is omitted, output goes to stdout There is a companion command obc-make-devkey-from-csv.sh which expects a plain CSV file with no quotes or extraneous characters with lines composed of SN,UUID Sign a kernel or initrd image file: Usage: obc-sign-os keyname infile outfile.zip Example: obc-sign-os os vmlinuz runos.zip obc-sign-os os initrd runrd.zip Sign a firmware file: Usage: obc-sign-fw keyname infile outfile.zip Example: obc-sign-fw fw q2c25.rom bootfw.zip Sign an OS release (using "fs" key): XO-1: Usage: obc-make-fs.sh infile outfile.zip Example: obc-make-fs.sh os767.img fs.zip XO-1.5: (output is fs.zip) Usage: sign-zsp.sh keyname infile Example: sign-zsp.sh fs os99.zsp Lower level tools: Calculate a future date in the stipulated format: Usage: obc-futureday.py days Example: obc-futureday.py 5 Output goes to stdout Create a sig01-format signature blob: Usage: obc-sig01 hashname keyname infile Example: obc-sig01 sha256 fw q2c25.rom obc-sig01 rmd160 fw q2c25.rom Output goes to stdout Make an RSA-2048 key pair: Usage: obc-makekey key_file_name Example: obc-makekey os Output goes to key_file_name.public and key_file_name.private Create a binary signature file: Usage: obc-sign hashname key_file_name signed_file_name Example: obc-sign sha256 os vmlinuz The signing key is key_file_name.private Output goes to signed_file_name.hashname.sig Verify a binary signature file: Usage: obc-verify hashname key_file_name signed_file_name Example: obc-verify sha256 os vmlinuz The signature file name is signed_file_name.hashname.sig The verification key is key_file_name.public Make a signature delegation from a "master" key to a local key: Usage: obc-make-delegation.sh serial-number [days|abs expiry] signingkey targetkey [outfile] Example: obc-make-delegation.sh SHF706002A7 10 masterkey serverkey deleg-SHF706002A7.sig Make a signature delegation based on an existing delegation: Usage: obc-make-delegation.sh --chain deleg.sig serial-number [days|abs expiry] signingkey targetkey [outfile] Example: obc-make-delegation.sh --chain reg-deleg-SHF706002A7.sig SHF706002A7 10 regionkey serverkey server-deleg-SHF706002A7.sig Make a lease with a delegated signature - Usage: obc-make-lease.sh --signingkey <keyname> --chain <chainfile> <sn> <uuid> <days> [outfile] Example: obc-make-lease.sh --signingkey server --chain server-deleg-SHF706002A7.sig SHF706002A7 8BF9AC40-26F8-4BCC-A699-BE51FD366419 1 lease.sig
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Packages 0
No packages published