| Message ID | 1431541436-17007-5-git-send-email-mcgrof@do-not-panic.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Delegated to: | Kalle Valo |
| Headers | show |
Luis R. Rodriguez <mcgrof@do-not-panic.com> wrote: > You can create a file.pkcs7 file with the -d option right now > but that still modifies the file. If all you want is the signature > file you can use -s now, that will leave the file passed as-is. I would recommend you use something other than "-s" - that belongs to the code that is temporarily removed from the old perl script that allowed an external signature to be passed. David -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
David Howells <dhowells@redhat.com> wrote: > Luis R. Rodriguez <mcgrof@do-not-panic.com> wrote: > > > You can create a file.pkcs7 file with the -d option right now > > but that still modifies the file. If all you want is the signature > > file you can use -s now, that will leave the file passed as-is. > > I would recommend you use something other than "-s" - that belongs to the code > that is temporarily removed from the old perl script that allowed an external > signature to be passed. Use "-d". I added the flag but then never made it do anything. David -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, May 14, 2015 at 7:52 AM, David Howells <dhowells@redhat.com> wrote:
> Use "-d". I added the flag but then never made it do anything.
Sure, but since this C file is not upstream, how about just squashing
the commit with yours that adds the C file?
Luis
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/scripts/sign-file.c b/scripts/sign-file.c index 5b8a6dd..b468f73 100755 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -41,7 +41,7 @@ static __attribute__((noreturn)) void format(void) { fprintf(stderr, - "Usage: scripts/sign-file [-dp] <hash algo> <key> <x509> <module> [<dest>]\n"); + "Usage: scripts/sign-file [-dps] <hash algo> <key> <x509> <module> [<dest>]\n"); exit(2); } @@ -86,22 +86,24 @@ int main(int argc, char **argv) char *hash_algo = NULL; char *private_key_name, *x509_name, *module_name, *dest_name; bool save_pkcs7 = false, replace_orig; + bool sign_only = false; unsigned char buf[4096]; unsigned long module_size, pkcs7_size; const EVP_MD *digest_algo; EVP_PKEY *private_key; PKCS7 *pkcs7; X509 *x509; - BIO *b, *bd, *bm; + BIO *b, *bd=NULL, *bm; int opt, n; ERR_load_crypto_strings(); ERR_clear_error(); do { - opt = getopt(argc, argv, "dp"); + opt = getopt(argc, argv, "dps"); switch (opt) { case 'p': save_pkcs7 = true; break; + case 's': sign_only = true; save_pkcs7 = true; break; case -1: break; default: format(); } @@ -148,8 +150,10 @@ int main(int argc, char **argv) /* Open the destination file now so that we can shovel the module data * across as we read it. */ - bd = BIO_new_file(dest_name, "wb"); - ERR(!bd, "%s", dest_name); + if (!sign_only) { + bd = BIO_new_file(dest_name, "wb"); + ERR(!bd, "%s", dest_name); + } /* Digest the module data. */ OpenSSL_add_all_digests(); @@ -180,6 +184,9 @@ int main(int argc, char **argv) BIO_free(b); } + if (sign_only) + return 0; + /* Append the marker and the PKCS#7 message to the destination file */ ERR(BIO_reset(bm) < 0, "%s", module_name); while ((n = BIO_read(bm, buf, sizeof(buf))),