sbsigntools

Author	SHA1	Message	Date
Jeremy Kerr	3c9815acc6	sbsign: Add --detached option to create detached PKCS7 signatures Add an option (--detached) to sbsign, which creates a detached signature, rather than embedding it in the PE/COFF signature table. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-06-11 15:59:48 +08:00
Jeremy Kerr	f98a885cfa	sbsign: fix flag for verbose operation Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-06-11 14:54:57 +08:00
Jeremy Kerr	9786761e4f	docs: Fix manpage creation $(builddir) should be $(top_builddir), and we need a valid definition of MKDIR_P to create the docs. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-06-11 14:37:33 +08:00
Adam Conrad	b0619274fd	autogen.sh: Fix ccan_module assignment Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-29 09:33:05 +08:00
Jeremy Kerr	9a4440676c	image: use read_write_all from ccan Rather than using our own functions for reading/writing an entire buffer, use ccan's. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-28 22:44:39 +08:00
Jeremy Kerr	3bb18f8ed9	image: Fix format specifier for 32-bit builds Use %t rather than assuming typeof(ptr - int) == unsigned long. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-28 22:35:48 +08:00
Jeremy Kerr	3def238360	autoconfiscate Add autoconf & automake metadata, plus required files for automake to run without complaint. Requires an update to ccan, to get the --build-type argument to create-ccan-tree. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-28 22:35:48 +08:00
Jeremy Kerr	42c7160576	docs: Add initial manpages Mostly generated from help2man output. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-24 15:17:26 +08:00
Jeremy Kerr	fcf3cdf70a	sbsign,sbverify: help2man-ize usage output Update the usage output of sbsign and sbverify so that it can be better parsed by help2man. Also, add --version and --help. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-24 15:17:25 +08:00
Jeremy Kerr	e83712388f	Makefile: Add dist targets Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-24 15:17:24 +08:00
Jeremy Kerr	c74f1ceeb1	ccan: Add ccan import logic Add make logic to import lib/ccan from lib/ccan.git. We need to set some dependencies on $(obj) to ensure the the ccan headers are available before starting the main build. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-24 15:17:24 +08:00
Jeremy Kerr	90c4c8718e	Move ccan submodule Move the ccan git submodule to lib/ccan.git, so we can use ccan's create-ccan-tree utility. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-24 15:17:18 +08:00
Jeremy Kerr	3e6c9347be	Remove unused header Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-15 14:19:00 +08:00
Jeremy Kerr	e27f10f6c2	Remove pkcs7-simple test file Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-14 16:30:12 +08:00
Jeremy Kerr	f4b2d3618f	Makefile: add install target Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-14 16:06:01 +08:00
Jeremy Kerr	40bc6428d1	Makefile: Comment components Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-14 15:57:10 +08:00
Jeremy Kerr	17f77a9aab	sbverify: clean up openssl init Remove a duplicate call to ERR_load_crypto_strings, and move the digest init earlier. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-14 15:53:26 +08:00
Jeremy Kerr	c48e3922ca	sbverify: add check for invalid PKCS7 data Make sure d2i_PKCS7 returned a PKCS7 structure. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-14 15:52:03 +08:00
Jeremy Kerr	e3d6afbd61	sbverify: Add certificate chain verification Add an option (--cert <file>) to specify a root certificate (or certificates) to use as a trusted CA. Verification can be disabled with --no-verify. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-14 15:48:30 +08:00
Jeremy Kerr	e404a4d412	verify: move idc-related parsing to idc.c Extract the IDC-parsing code from IDC_check_hash, and use it to initialise a BIO. This BIO can then be used to perform the PKCS7 verification. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 23:12:18 -07:00
Jeremy Kerr	d5f1a61b99	sbsign: fix incorrect check for certificate load Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 21:35:09 -07:00
Jeremy Kerr	ef7966087d	image: reformat gap warnings Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 21:32:23 -07:00
Jeremy Kerr	f7f7ad00a3	image: add cert table to image size Don't warn when the certificate table is the only un-hashed data. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 21:31:43 -07:00
Jeremy Kerr	4e89b9a1ee	sbverify: Add check for image hash Add a check to match the calculated image's hash against the one found in the PKCS7 IndirectDataContext Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 21:21:20 -07:00
Jeremy Kerr	b929aaa655	sbverify: check for presence of signature table Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 10:47:21 -07:00
Jeremy Kerr	7c256bc407	Makefile: add $(tools) var Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 09:48:51 -07:00
Jeremy Kerr	902cb928b6	sbsigntool -> sbsign Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 09:45:22 -07:00
Jeremy Kerr	b3dc6529eb	image: open output file with O_TRUNC Prevents weirdness when overwriting old files. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-05-12 09:44:17 -07:00
Jeremy Kerr	fcf663b560	sbsigntooL: expand usage info Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-04-24 09:09:57 +08:00
Jeremy Kerr	0e9c5f7496	Add GPLv3 text in COPYING Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-04-24 09:01:05 +08:00
Jeremy Kerr	348a43e3f1	coff: remove unneeded coff includes Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-04-24 08:38:57 +08:00
Jeremy Kerr	1d3ebb7b24	Add copyright comments GPLv3; the sources include parts of binutils, include parts of ccan, and have been partially based of osslsigntool. Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-04-23 18:14:42 +08:00
Jeremy Kerr	da5568e8ff	image: warn about potential checksum differences Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-04-23 17:42:45 +08:00
Jeremy Kerr	d8eadfcc24	idc: allocate using the image context Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-04-23 17:36:08 +08:00
Jeremy Kerr	3b802fe3da	Initial commit Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>	2012-04-23 17:25:19 +08:00

35 commits