1#!/bin/bash 2# Copyright 2018 The ChromiumOS Authors 3# Use of this source code is governed by a BSD-style license that can be 4# found in the LICENSE file. 5 6# Script to increment UEFI Platform Key (PK). 7 8# Load common constants and variables. 9# shellcheck source=uefi_common.sh 10. "$(dirname "$0")/uefi_common.sh" 11 12# Abort on errors. 13set -e 14 15if [ $# -ne 1 ]; then 16 cat <<EOF 17 Usage: $0 <keyset directory> 18 19 Increments the UEFI Platform Key (PK) in the specified keyset. 20EOF 21 exit 1 22fi 23 24KEY_DIR="$1" 25 26main() { 27 check_uefi_key_dir_name "${KEY_DIR}" 28 29 load_current_uefi_key_versions "${KEY_DIR}" 30 new_pk_key_ver=$(increment_uefi_version "${KEY_DIR}" "pk_key_version") 31 32 cd "${KEY_DIR}" 33 backup_pk_keypair "${CURR_PK_KEY_VER}" 34 35 cat <<EOF 36Generating new UEFI Platform Key (PK) version. 37 38New Platform Key version: ${new_pk_key_ver}. 39EOF 40 make_pk_keypair "${new_pk_key_ver}" 41 write_updated_uefi_version_file "${new_pk_key_ver}" "${CURR_KEK_KEY_VER}" \ 42 "${CURR_DB_KEY_VER}" "${CURR_DB_CHILD_KEY_VER}" 43} 44 45main "$@" 46