Hello Champs,
In secure boot, customer is using ./gen_keywr_cert.sh -g command to generate a key. Can he modify the key length and algorithm? The code that generates the key in the ./gen_keywr_cert.sh tool is as follows:
-g|--gen)
echo "# Generating random keys in keys/folder"
mkdir -p keys
openssl rand 32 > keys/aes256.key
openssl genrsa -out keys/smpk.pem
openssl genrsa -out keys/bmpk.pem
openssl rand 32 > keys/smek.key
openssl rand 32 > keys/bmek.key
exit
Can customer modify the algorithm to ecc as below?
openssl rand 32 > keys/aes256.key
openssl ecparam -genkey -name secp256k1 -out ec_smpk.pem
openssl ecparam -genkey -name secp256k1 -out ec_bmpk.pem
openssl rand 32 > keys/smek.key
openssl rand 32 > keys/bmek.key
Thanks
Regards
Shine