dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-09-17 17:35:20 +02:00
Code Releases Activity

Add support for passing the private key password to sign_hash()

Browse Source 
evmctl defines the "--pass | -p" command line option for providing
the private key's password.  The password is then stored in a global
variable accessible by the sign_hash_XXXX() functions.

This patch modifies the arguments to the library sign_hash()
function to include the password, allowing callers to specify the
private key password.

Changelog:
- add library init to call OpenSSL_add_all_algorithms

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
Mimi Zohar
2015-07-03 09:13:58 -04:00
committed by Dmitry Kasatkin
parent 17f49a1881
commit 6a712b3b38
3 changed files with 25 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/evmctl.c
View File

@@ -448,7 +448,7 @@ static int sign_evm(const char *file, const char *key)
if (len <= 1)
return len;
len = sign_hash("sha1", hash, len, key, sig + 1);
len = sign_hash("sha1", hash, len, key, NULL, sig + 1);
if (len <= 1)
return len;
@@ -521,7 +521,7 @@ static int sign_ima(const char *file, const char *key)
if (len <= 1)
return len;
len = sign_hash(params.hash_algo, hash, len, key, sig + 1);
len = sign_hash(params.hash_algo, hash, len, key, NULL, sig + 1);
if (len <= 1)
return len;
@@ -644,7 +644,7 @@ static int cmd_sign_hash(struct command *cmd)
hex2bin(hash, line, hashlen);
siglen = sign_hash(params.hash_algo, hash, hashlen/2,
key, sig + 1);
key, NULL, sig + 1);
if (siglen <= 1)
return siglen;
@@ -1586,9 +1586,6 @@ int main(int argc, char *argv[])
}
}
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
if (argv[optind] == NULL)
usage();
else