keygeneration: add ability to generate GSC RW signing key pairs
GSC RW signing requires an 3070 bit RSA key. The codesigner tool when
invoked expects the public key in .pem format, the same format is used
by the RO codebase when incorporating the public key in the RO image.
This patch introduces a new key option, RSA3070_NOSIG_ALGOID. The keys
of this kind are not going to be processed by futility, hence no need
to specify the signing algorithm.
BUG=b:221423468
BRANCH=none
TEST=ran ./create_new_keys.sh and observed two gsc keys generated:
$ ls *gsc*
gsc_rw_3070.pem gsc_rw_3070.pem.pub
in the FPGA setup confirmed that Ti50 RW can be signed and
verified using the generated key pair.
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Change-Id: Ie676ba8043c34900388372270329a4903656d499
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3591642
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>
2 files changed