1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-12 16:30:56 +00:00
trezor-firmware/legacy/firmware/u2f/genkeys.sh

47 lines
1.2 KiB
Bash
Raw Normal View History

#!/usr/bin/env bash
2016-07-03 11:53:20 +00:00
set -e
2016-04-29 13:32:18 +00:00
cat > u2f_keys.h <<EOF
#ifndef __U2F_KEYS_H_INCLUDED__
#define __U2F_KEYS_H_INCLUDED__
#include <stdint.h>
const uint8_t U2F_ATT_PRIV_KEY[] = {
EOF
if [ \! -e trezordevkey.pem ]; then
openssl ecparam -genkey -out trezordevkey.pem -name prime256v1
fi
openssl ec -in trezordevkey.pem -text |
2016-07-03 11:53:20 +00:00
perl -e '$key = "\t"; while (<>) {
2016-04-29 13:32:18 +00:00
if (/priv:/) { $priv = 1 }
elsif (/pub:/) { $priv = 0 }
elsif ($priv) {
while ($_ =~ s/.*?([0-9a-f]{2})//) {
2016-07-03 11:53:20 +00:00
$key .= "0x$1,";
if ($num++ % 8 == 7) { $key .= "\n\t"; }
2016-04-29 13:32:18 +00:00
else {$key .= " ";}
}
}
}
$key =~ s/,\s*$/\n/s;
print $key;' >> u2f_keys.h
cat >> u2f_keys.h <<EOF
};
const uint8_t U2F_ATT_CERT[] = {
EOF
2016-07-03 11:53:20 +00:00
openssl req -new -key trezordevkey.pem -out trezordevcert.req -subj "/CN=Trezor U2F"
2016-04-29 13:32:18 +00:00
openssl x509 -req -in trezordevcert.req -signkey trezordevkey.pem -days 3650 -out trezordevcert.pem
openssl x509 -in trezordevcert.pem -outform der | od -tx1 -w12 -Anone | perl -pe 's/ ([0-9a-f]{2})/ 0x$1,/g; $_ =~ s/^ /\t/;' >> u2f_keys.h
cat >> u2f_keys.h <<EOF
};
#endif // __U2F_KEYS_H_INCLUDED__
EOF
rm trezordevcert.req trezordevcert.pem