This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AM625: Can the key length and algorithm be changed?

Genius 13655 points
Part Number: AM625

Hello Champs,

In secure boot, customer is using ./gen_keywr_cert.sh -g command to generate a key. Can he modify the key length and algorithm? The code that generates the key in the ./gen_keywr_cert.sh tool is as follows: 

-g|--gen)
echo "# Generating random keys in keys/folder"
mkdir -p keys
openssl rand 32 > keys/aes256.key 
openssl genrsa -out keys/smpk.pem 
openssl genrsa -out keys/bmpk.pem 
openssl rand 32 > keys/smek.key 
openssl rand 32 > keys/bmek.key 
exit

Can customer modify the algorithm to ecc as below? 

openssl rand 32 > keys/aes256.key 
openssl ecparam -genkey -name secp256k1 -out ec_smpk.pem
openssl ecparam -genkey -name secp256k1 -out ec_bmpk.pem
openssl rand 32 > keys/smek.key 
openssl rand 32 > keys/bmek.key 



Thanks
Regards
Shine