Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
digest-list-tools
提交
fe575a00
D
digest-list-tools
项目概览
openeuler
/
digest-list-tools
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
digest-list-tools
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
fe575a00
编写于
7月 04, 2020
作者:
R
Roberto Sassu
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Introduce write_rpm_pgp_sig
上级
610bda78
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
144 addition
and
3 deletion
+144
-3
dist/rpm/digest-list-tools.spec
dist/rpm/digest-list-tools.spec
+3
-0
docs/Makefile.am
docs/Makefile.am
+4
-2
docs/write_rpm_pgp_sig.1
docs/write_rpm_pgp_sig.1
+41
-0
docs/write_rpm_pgp_sig.txt
docs/write_rpm_pgp_sig.txt
+30
-0
src/Makefile.am
src/Makefile.am
+6
-1
src/write_rpm_pgp_sig.c
src/write_rpm_pgp_sig.c
+60
-0
未找到文件。
dist/rpm/digest-list-tools.spec
浏览文件 @
fe575a00
...
...
@@ -56,6 +56,7 @@ rm -rf $RPM_BUILD_ROOT
%{_bindir}/setup_ima_digest_lists_demo
%{_bindir}/upload_digest_lists
%{_bindir}/verify_digest_lists
%{_bindir}/write_rpm_pgp_sig
%{_libdir}/libdigestlist-base.so
%dir %{_libdir}/digestlist
%{_libdir}/digestlist/libgenerator-compact.so
...
...
@@ -84,11 +85,13 @@ rm -rf $RPM_BUILD_ROOT
%{_datarootdir}/digest-list-tools/setup_ima_digest_lists_demo.txt
%{_datarootdir}/digest-list-tools/upload_digest_lists.txt
%{_datarootdir}/digest-list-tools/verify_digest_lists.txt
%{_datarootdir}/digest-list-tools/write_rpm_pgp_sig.txt
%{_mandir}/man1/gen_digest_lists.1.gz
%{_mandir}/man1/setup_ima_digest_lists.1.gz
%{_mandir}/man1/setup_ima_digest_lists_demo.1.gz
%{_mandir}/man1/verify_digest_lists.1.gz
%{_mandir}/man1/upload_digest_lists.1.gz
%{_mandir}/man1/write_rpm_pgp_sig.1.gz
%{_mandir}/man1/%{name}.1.gz
%changelog
...
...
docs/Makefile.am
浏览文件 @
fe575a00
...
...
@@ -2,10 +2,12 @@ dist_pkgdata_DATA = gen_digest_lists.txt \
setup_ima_digest_lists.txt
\
setup_ima_digest_lists_demo.txt
\
upload_digest_lists.txt
\
verify_digest_lists.txt
verify_digest_lists.txt
\
write_rpm_pgp_sig.txt
man1_MANS
=
gen_digest_lists.1
\
setup_ima_digest_lists.1
\
setup_ima_digest_lists_demo.1
\
upload_digest_lists.1
\
verify_digest_lists.1
verify_digest_lists.1
\
write_rpm_pgp_sig.1
docs/write_rpm_pgp_sig.1
0 → 100644
浏览文件 @
fe575a00
.\" Text automatically generated by txt2man
.TH untitled "14 July 2020" "" ""
.SH NAME
\fBwrite_rpm_pgp_sig \fP- Add security.ima to a file with the RPM header
\fB
.RE
\fB
.SH SYNOPSIS
.nf
.fam C
\fBwrite_rpm_pgp_sig\fP <RPM header> <PGP signature>
.fam T
.fi
.fam T
.fi
.SH DESCRIPTION
\fBwrite_rpm_pgp_sig\fP can be used to add security.ima to a file with the RPM
header.
.SH OPTIONS
\fB-h\fP: display help
.RE
.PP
.SH EXAMPLES
Add security.ima:
.PP
# \fBwrite_rpm_pgp_sig\fP rpm-header rpm-header.sig
.RE
.PP
.SH AUTHOR
Written by Roberto Sassu, <roberto.sassu at huawei.com>.
.RE
.PP
.SH COPYING
Copyright (C) 2020 Huawei Technologies Duesseldorf GmbH. Free use of
this software is granted under the terms of the GNU Public License 2.0
(GPLv2).
docs/write_rpm_pgp_sig.txt
0 → 100644
浏览文件 @
fe575a00
NAME
write_rpm_pgp_sig - Add security.ima to a file with the RPM header
SYNOPSIS
write_rpm_pgp_sig <RPM header> <PGP signature>
DESCRIPTION
write_rpm_pgp_sig can be used to add security.ima to a file with the RPM
header.
OPTIONS
-h: display help
EXAMPLES
Add security.ima:
# write_rpm_pgp_sig rpm-header rpm-header.sig
AUTHOR
Written by Roberto Sassu, <roberto.sassu at huawei.com>.
COPYING
Copyright (C) 2020 Huawei Technologies Duesseldorf GmbH. Free use of
this software is granted under the terms of the GNU Public License 2.0
(GPLv2).
src/Makefile.am
浏览文件 @
fe575a00
bin_PROGRAMS
=
upload_digest_lists gen_digest_lists verify_digest_lists
bin_PROGRAMS
=
upload_digest_lists gen_digest_lists verify_digest_lists
\
write_rpm_pgp_sig
upload_digest_lists_CFLAGS
=
-I
$(top_srcdir)
/include
upload_digest_lists_LDFLAGS
=
$(top_srcdir)
/lib/libdigestlist-base.la
...
...
@@ -11,3 +12,7 @@ gen_digest_lists_SOURCES=gen_digest_lists.c
verify_digest_lists_CFLAGS
=
-I
$(top_srcdir)
/include
verify_digest_lists_LDFLAGS
=
$(top_srcdir)
/lib/libdigestlist-base.la
verify_digest_lists_SOURCES
=
verify_digest_lists.c
write_rpm_pgp_sig_CFLAGS
=
-I
$(top_srcdir)
/include
write_rpm_pgp_sig_LDFLAGS
=
$(top_srcdir)
/lib/libdigestlist-base.la
write_rpm_pgp_sig_SOURCES
=
write_rpm_pgp_sig.c
src/write_rpm_pgp_sig.c
0 → 100644
浏览文件 @
fe575a00
/*
* Copyright (C) 2020 Huawei Technologies Duesseldorf GmbH
*
* Author: Roberto Sassu <roberto.sassu@huawei.com>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation, version 2 of the
* License.
*
* File: write_rpm_pgp_sig.c
* Add security.ima to a file with the RPM header.
*/
#include <sys/mman.h>
#include <unistd.h>
#include "pgp.h"
#include "xattr.h"
int
main
(
int
argc
,
char
*
argv
[])
{
void
*
pgp_sig
;
loff_t
pgp_sig_len
;
u8
*
sig
=
NULL
,
*
data
=
NULL
,
*
issuer
=
NULL
;
size_t
sig_len
,
data_len
;
u16
algo
;
int
ret
,
fd
;
if
(
argc
!=
3
)
{
printf
(
"Missing argument
\n
"
);
return
-
EINVAL
;
}
ret
=
read_file_from_path
(
-
1
,
argv
[
2
],
&
pgp_sig
,
&
pgp_sig_len
);
if
(
ret
<
0
)
return
ret
;
ret
=
pgp_get_signature_data
(
pgp_sig
,
pgp_sig_len
,
&
data
,
&
data_len
,
&
sig
,
&
sig_len
,
&
issuer
,
&
algo
);
if
(
ret
<
0
)
goto
out
;
write_ima_xattr
(
-
1
,
argv
[
1
],
issuer
,
sizeof
(
uint32_t
),
sig
,
sig_len
,
pgp_algo_mapping
[
algo
]);
fd
=
openat
(
-
1
,
argv
[
1
],
O_WRONLY
|
O_APPEND
,
0644
);
if
(
fd
<
0
)
{
ret
=
-
EACCES
;
goto
out
;
}
ret
=
write_check
(
fd
,
data
,
data_len
);
close
(
fd
);
out:
munmap
(
pgp_sig
,
pgp_sig_len
);
free
(
data
);
free
(
sig
);
return
ret
;
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录