| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230209160523.858502-4-sshedi@vmware.com>
Date: Thu, 9 Feb 2023 21:35:23 +0530
From: Shreenidhi Shedi <yesshedi@...il.com>
To: dhowells@...hat.com, dwmw2@...radead.org
Cc: linux-kernel@...r.kernel.org, Shreenidhi Shedi <sshedi@...are.com>
Subject: [PATCH 4/4] sign-file: improve help message
Signed-off-by: Shreenidhi Shedi <sshedi@...are.com>
---
sign-file.c | 49 ++++++++++++++++++++++++++++++++++++++++---------
1 file changed, 40 insertions(+), 9 deletions(-)
diff --git a/sign-file.c b/sign-file.c
index 2faf302..0c41a5a 100644
--- a/sign-file.c
+++ b/sign-file.c
@@ -76,13 +76,44 @@ struct module_signature {
static const char magic_number[] = "~Module signature appended~\n";
static __attribute__((noreturn))
-void format(void)
+void print_usage(int retval)
{
- fprintf(stderr,
- "Usage: scripts/sign-file [-dp] <hash algo> <key> <x509> <module> [<dest>]\n");
- fprintf(stderr,
- " scripts/sign-file -s <raw sig> <hash algo> <x509> <module> [<dest>]\n");
- exit(2);
+ fprintf(stderr, "Usage: scripts/sign-file [OPTIONS]... [MODULE]...\n");
+ fprintf(stderr, "Available options:\n");
+ fprintf(stderr, "-h, --help Print this help message and exit\n");
+
+ fprintf(stderr, "\nOptional args:\n");
+ fprintf(stderr, "-s, --savesig Save signature\n");
+ fprintf(stderr, "-o, --signonly Sign only\n");
+ fprintf(stderr, "-b, --bulksign Sign modules in bulk\n");
+ fprintf(stderr, "-l, --replaceorig Replace original\n");
+#ifndef USE_PKCS7
+ fprintf(stderr, "-k, --usekeyid Use key ID\n");
+#endif
+ fprintf(stderr, "-r, --rawsig <sig> Raw signature\n");
+ fprintf(stderr, "-d, --dest <dest> Destination path ");
+ fprintf(stderr, "(Exclusive with bulk option)\n");
+
+ fprintf(stderr, "\nMandatory args:\n");
+ fprintf(stderr, "-p, --privkey <key> Private key\n");
+ fprintf(stderr, "-a, --hashalgo <alg> Hash algorithm\n");
+ fprintf(stderr, "-x, --x509 <x509> X509\n");
+
+ fprintf(stderr, "\nExamples:\n");
+
+ fprintf(stderr, "\nRegular signing:\n");
+ fprintf(stderr, "scripts/sign-file -a sha512 -p certs/signing_key.pem ");
+ fprintf(stderr, "-x certs/signing_key.x509 <module>\n");
+
+ fprintf(stderr, "\nSigning with destination path:\n");
+ fprintf(stderr, "scripts/sign-file -a sha512 -p certs/signing_key.pem ");
+ fprintf(stderr, "-x certs/signing_key.x509 <module> -d <path>\n");
+
+ fprintf(stderr, "\nSigning modules in bulk:\n");
+ fprintf(stderr, "scripts/sign-file -a sha512 -p certs/signing_key.pem ");
+ fprintf(stderr, "-x certs/signing_key.x509 -b <module1> <module2> ...\n");
+
+ exit(retval);
}
static void display_openssl_errors(int l)
@@ -266,7 +297,7 @@ void parse_args(int *argc, char **argv, struct cmd_opts *opts)
#endif
switch (opt) {
case 'h':
- format();
+ print_usage(0);
break;
case 'r':
@@ -317,7 +348,7 @@ void parse_args(int *argc, char **argv, struct cmd_opts *opts)
break;
default:
- format();
+ print_usage(2);
break;
}
} while (opt != -1);
@@ -374,7 +405,7 @@ int main(int argc, char **argv)
#endif
if ((bulk_sign && dest_name) || (!bulk_sign && argc != 1))
- format();
+ print_usage(2);
if (dest_name && strcmp(argv[0], dest_name)) {
replace_orig = false;
--
2.39.0
Powered by blists - more mailing lists