Jeremy Kerr
34edfd6348
automake: Add -Wall -Wextra CFLAGS
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-06-11 15:59:48 +08:00
Jeremy Kerr
3c9815acc6
sbsign: Add --detached option to create detached PKCS7 signatures
...
Add an option (--detached) to sbsign, which creates a detached
signature, rather than embedding it in the PE/COFF signature table.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-06-11 15:59:48 +08:00
Jeremy Kerr
f98a885cfa
sbsign: fix flag for verbose operation
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-06-11 14:54:57 +08:00
Jeremy Kerr
9786761e4f
docs: Fix manpage creation
...
$(builddir) should be $(top_builddir), and we need a valid definition of
MKDIR_P to create the docs.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-06-11 14:37:33 +08:00
Adam Conrad
b0619274fd
autogen.sh: Fix ccan_module assignment
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-29 09:33:05 +08:00
Jeremy Kerr
9a4440676c
image: use read_write_all from ccan
...
Rather than using our own functions for reading/writing an entire
buffer, use ccan's.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-28 22:44:39 +08:00
Jeremy Kerr
3bb18f8ed9
image: Fix format specifier for 32-bit builds
...
Use %t rather than assuming typeof(ptr - int) == unsigned long.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-28 22:35:48 +08:00
Jeremy Kerr
3def238360
autoconfiscate
...
Add autoconf & automake metadata, plus required files for automake to
run without complaint.
Requires an update to ccan, to get the --build-type argument to
create-ccan-tree.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-28 22:35:48 +08:00
Jeremy Kerr
42c7160576
docs: Add initial manpages
...
Mostly generated from help2man output.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-24 15:17:26 +08:00
Jeremy Kerr
fcf3cdf70a
sbsign,sbverify: help2man-ize usage output
...
Update the usage output of sbsign and sbverify so that it can be better
parsed by help2man. Also, add --version and --help.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-24 15:17:25 +08:00
Jeremy Kerr
e83712388f
Makefile: Add dist targets
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-24 15:17:24 +08:00
Jeremy Kerr
c74f1ceeb1
ccan: Add ccan import logic
...
Add make logic to import lib/ccan from lib/ccan.git. We need to set some
dependencies on $(obj) to ensure the the ccan headers are available
before starting the main build.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-24 15:17:24 +08:00
Jeremy Kerr
90c4c8718e
Move ccan submodule
...
Move the ccan git submodule to lib/ccan.git, so we can use ccan's
create-ccan-tree utility.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-24 15:17:18 +08:00
Jeremy Kerr
3e6c9347be
Remove unused header
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-15 14:19:00 +08:00
Jeremy Kerr
e27f10f6c2
Remove pkcs7-simple test file
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-14 16:30:12 +08:00
Jeremy Kerr
f4b2d3618f
Makefile: add install target
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-14 16:06:01 +08:00
Jeremy Kerr
40bc6428d1
Makefile: Comment components
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-14 15:57:10 +08:00
Jeremy Kerr
17f77a9aab
sbverify: clean up openssl init
...
Remove a duplicate call to ERR_load_crypto_strings, and move the digest
init earlier.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-14 15:53:26 +08:00
Jeremy Kerr
c48e3922ca
sbverify: add check for invalid PKCS7 data
...
Make sure d2i_PKCS7 returned a PKCS7 structure.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-14 15:52:03 +08:00
Jeremy Kerr
e3d6afbd61
sbverify: Add certificate chain verification
...
Add an option (--cert <file>) to specify a root certificate (or
certificates) to use as a trusted CA.
Verification can be disabled with --no-verify.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-14 15:48:30 +08:00
Jeremy Kerr
e404a4d412
verify: move idc-related parsing to idc.c
...
Extract the IDC-parsing code from IDC_check_hash, and use it to
initialise a BIO. This BIO can then be used to perform the PKCS7
verification.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 23:12:18 -07:00
Jeremy Kerr
d5f1a61b99
sbsign: fix incorrect check for certificate load
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 21:35:09 -07:00
Jeremy Kerr
ef7966087d
image: reformat gap warnings
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 21:32:23 -07:00
Jeremy Kerr
f7f7ad00a3
image: add cert table to image size
...
Don't warn when the certificate table is the only un-hashed data.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 21:31:43 -07:00
Jeremy Kerr
4e89b9a1ee
sbverify: Add check for image hash
...
Add a check to match the calculated image's hash against the one found
in the PKCS7 IndirectDataContext
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 21:21:20 -07:00
Jeremy Kerr
b929aaa655
sbverify: check for presence of signature table
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 10:47:21 -07:00
Jeremy Kerr
7c256bc407
Makefile: add $(tools) var
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 09:48:51 -07:00
Jeremy Kerr
902cb928b6
sbsigntool -> sbsign
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 09:45:22 -07:00
Jeremy Kerr
b3dc6529eb
image: open output file with O_TRUNC
...
Prevents weirdness when overwriting old files.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-05-12 09:44:17 -07:00
Jeremy Kerr
fcf663b560
sbsigntooL: expand usage info
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-04-24 09:09:57 +08:00
Jeremy Kerr
0e9c5f7496
Add GPLv3 text in COPYING
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-04-24 09:01:05 +08:00
Jeremy Kerr
348a43e3f1
coff: remove unneeded coff includes
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-04-24 08:38:57 +08:00
Jeremy Kerr
1d3ebb7b24
Add copyright comments
...
GPLv3; the sources include parts of binutils, include parts of ccan,
and have been partially based of osslsigntool.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-04-23 18:14:42 +08:00
Jeremy Kerr
da5568e8ff
image: warn about potential checksum differences
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-04-23 17:42:45 +08:00
Jeremy Kerr
d8eadfcc24
idc: allocate using the image context
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-04-23 17:36:08 +08:00
Jeremy Kerr
3b802fe3da
Initial commit
...
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
2012-04-23 17:25:19 +08:00