review.tizen.org Git - platform/upstream/ima-evm-utils.git/commit

author	Fionnuala Gunter <fin@linux.vnet.ibm.com>
	Thu, 14 Aug 2014 18:29:06 +0000 (13:29 -0500)
committer	Dmitry Kasatkin <d.kasatkin@samsung.com>
	Thu, 11 Sep 2014 13:50:20 +0000 (16:50 +0300)
commit	8f04d131aceb0774a47739b21295915252c652e3
tree	d147e1df21fb28e47879cdeffef68cb50d05bdf9	tree \| snapshot
parent	29adc34d356dab6a5022c6ec6c443b0b9e4d641c	commit \| diff

Move sign hash functions to library

This patch enables package managers, such as rpm, to include IMA signatures in
packages.

To do this, sign_hash and some helper functions were moved from evmctl to
libimaevm. These functions used global variables that belong to evmctl, sigdump
and keypass. The variable sigdump is a flag that file signatures should be
printed to stdout, so the signature dump is now handled by functions that call
sign_hash. The variable keypass is a passphrase for an encrypted key, so it was
added to 'struct libevm_params'.

v2: Uses 'struct libevm_params' to minimize sign_hash parameters
v3: Export single sign_hash function that selects _v1 or _v2 internally based
on params.x509. Moved parameter checks and explicitly return -1 for failures.

Signed-off-by: Fionnuala Gunter <fin@linux.vnet.ibm.com>
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>

src/evmctl.c		diff \| blob \| history
src/imaevm.h		diff \| blob \| history
src/libimaevm.c		diff \| blob \| history