@@ -74,12 +74,43 @@ struct module_signature {
static char magic_number[] = "~Module signature appended~\n";
static __attribute__((noreturn))
-void format(void)
+void print_usage(void)
{
- fprintf(stderr,
- "Usage: scripts/sign-file [-dp] <hash algo> <key> <x509> <module> [<dest>]\n");
- fprintf(stderr,
- " scripts/sign-file -s <raw sig> <hash algo> <x509> <module> [<dest>]\n");
+ fprintf(stderr, "Usage: scripts/sign-file [OPTIONS]... [MODULE]...\n");
+ fprintf(stderr, "Available options:\n");
+ fprintf(stderr, "-h, --help Print this help message and exit\n");
+
+ fprintf(stderr, "\nOptional args:\n");
+ fprintf(stderr, "-s, --rawsig <sig> Raw signature\n");
+ fprintf(stderr, "-p, --savesig Save signature\n");
+ fprintf(stderr, "-d, --signonly Sign only\n");
+#ifndef USE_PKCS7
+ fprintf(stderr, "-k, --usekeyid Use key ID\n");
+#endif
+ fprintf(stderr, "-b, --bulksign Sign modules in bulk\n");
+ fprintf(stderr, "-r, --replaceorig Replace original\n");
+ fprintf(stderr, "-t, --dest <dest> Destination path ");
+ fprintf(stderr, "(Exclusive with bulk option)\n");
+
+ fprintf(stderr, "\nMandatory args:\n");
+ fprintf(stderr, "-i, --privkey <key> Private key\n");
+ fprintf(stderr, "-a, --hashalgo <alg> Hash algorithm\n");
+ fprintf(stderr, "-x, --x509 <x509> X509\n");
+
+ fprintf(stderr, "\nExamples:\n");
+
+ fprintf(stderr, "\n Regular signing:\n");
+ fprintf(stderr, " scripts/sign-file -a sha512 -i certs/signing_key.pem ");
+ fprintf(stderr, "-x certs/signing_key.x509 <module>\n");
+
+ fprintf(stderr, "\n Signing with destination path:\n");
+ fprintf(stderr, " scripts/sign-file -a sha512 -i certs/signing_key.pem ");
+ fprintf(stderr, "-x certs/signing_key.x509 <module> -t <path>\n");
+
+ fprintf(stderr, "\n Signing modules in bulk:\n");
+ fprintf(stderr, " scripts/sign-file -a sha512 -i certs/signing_key.pem ");
+ fprintf(stderr, "-x certs/signing_key.x509 -b <module1> <module2> ...\n");
+
exit(2);
}
@@ -281,7 +312,7 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
#endif
case 'h':
- format();
+ print_usage();
break;
case 'i':
@@ -312,7 +343,7 @@ static void parse_args(int argc, char **argv, struct cmd_opts *opts)
break;
default:
- format();
+ print_usage();
break;
}
} while (opt != -1);
@@ -472,6 +503,9 @@ int main(int argc, char **argv)
argc -= optind;
argv += optind;
+ if ((opts.bulk_sign && opts.dest_name) || (!opts.bulk_sign && argc != 1))
+ print_usage();
+
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
ERR_clear_error();
Add a proper help message with examples on how to use this tool. Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com> --- scripts/sign-file.c | 48 ++++++++++++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 7 deletions(-)