forked from Minki/linux
cb77f0d623
The default NetBSD package manager is pkgsrc and it installs Perl along other third party programs under custom and configurable prefix. The default prefix for binary prebuilt packages is /usr/pkg, and the Perl executable lands in /usr/pkg/bin/perl. This change switches "/usr/bin/perl" to "/usr/bin/env perl" as it's the most portable solution that should work for almost everybody. Perl's executable is detected automatically. This change switches -w option passed to the executable with more modern "use warnings;" approach. There is no functional change to the default behavior. While there, drop "require 5" from scripts/namespace.pl (Perl from 1994?). Signed-off-by: Kamil Rytarowski <n54@gmx.com> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
138 lines
3.6 KiB
Perl
Executable File
138 lines
3.6 KiB
Perl
Executable File
#!/usr/bin/env perl
|
|
#
|
|
# extract-mod-sig <part> <module-file>
|
|
#
|
|
# Reads the module file and writes out some or all of the signature
|
|
# section to stdout. Part is the bit to be written and is one of:
|
|
#
|
|
# -0: The unsigned module, no signature data at all
|
|
# -a: All of the signature data, including magic number
|
|
# -d: Just the descriptor values as a sequence of numbers
|
|
# -n: Just the signer's name
|
|
# -k: Just the key ID
|
|
# -s: Just the crypto signature or PKCS#7 message
|
|
#
|
|
use warnings;
|
|
use strict;
|
|
|
|
die "Format: $0 -[0adnks] module-file >out\n"
|
|
if ($#ARGV != 1);
|
|
|
|
my $part = $ARGV[0];
|
|
my $modfile = $ARGV[1];
|
|
|
|
my $magic_number = "~Module signature appended~\n";
|
|
|
|
#
|
|
# Read the module contents
|
|
#
|
|
open FD, "<$modfile" || die $modfile;
|
|
binmode(FD);
|
|
my @st = stat(FD);
|
|
die "$modfile" unless (@st);
|
|
my $buf = "";
|
|
my $len = sysread(FD, $buf, $st[7]);
|
|
die "$modfile" unless (defined($len));
|
|
die "Short read on $modfile\n" unless ($len == $st[7]);
|
|
close(FD) || die $modfile;
|
|
|
|
print STDERR "Read ", $len, " bytes from module file\n";
|
|
|
|
die "The file is too short to have a sig magic number and descriptor\n"
|
|
if ($len < 12 + length($magic_number));
|
|
|
|
#
|
|
# Check for the magic number and extract the information block
|
|
#
|
|
my $p = $len - length($magic_number);
|
|
my $raw_magic = substr($buf, $p);
|
|
|
|
die "Magic number not found at $len\n"
|
|
if ($raw_magic ne $magic_number);
|
|
print STDERR "Found magic number at $len\n";
|
|
|
|
$p -= 12;
|
|
my $raw_info = substr($buf, $p, 12);
|
|
|
|
my @info = unpack("CCCCCxxxN", $raw_info);
|
|
my ($algo, $hash, $id_type, $name_len, $kid_len, $sig_len) = @info;
|
|
|
|
if ($id_type == 0) {
|
|
print STDERR "Found PGP key identifier\n";
|
|
} elsif ($id_type == 1) {
|
|
print STDERR "Found X.509 cert identifier\n";
|
|
} elsif ($id_type == 2) {
|
|
print STDERR "Found PKCS#7/CMS encapsulation\n";
|
|
} else {
|
|
print STDERR "Found unsupported identifier type $id_type\n";
|
|
}
|
|
|
|
#
|
|
# Extract the three pieces of info data
|
|
#
|
|
die "Insufficient name+kid+sig data in file\n"
|
|
unless ($p >= $name_len + $kid_len + $sig_len);
|
|
|
|
$p -= $sig_len;
|
|
my $raw_sig = substr($buf, $p, $sig_len);
|
|
$p -= $kid_len;
|
|
my $raw_kid = substr($buf, $p, $kid_len);
|
|
$p -= $name_len;
|
|
my $raw_name = substr($buf, $p, $name_len);
|
|
|
|
my $module_len = $p;
|
|
|
|
if ($sig_len > 0) {
|
|
print STDERR "Found $sig_len bytes of signature [";
|
|
my $n = $sig_len > 16 ? 16 : $sig_len;
|
|
foreach my $i (unpack("C" x $n, substr($raw_sig, 0, $n))) {
|
|
printf STDERR "%02x", $i;
|
|
}
|
|
print STDERR "]\n";
|
|
}
|
|
|
|
if ($kid_len > 0) {
|
|
print STDERR "Found $kid_len bytes of key identifier [";
|
|
my $n = $kid_len > 16 ? 16 : $kid_len;
|
|
foreach my $i (unpack("C" x $n, substr($raw_kid, 0, $n))) {
|
|
printf STDERR "%02x", $i;
|
|
}
|
|
print STDERR "]\n";
|
|
}
|
|
|
|
if ($name_len > 0) {
|
|
print STDERR "Found $name_len bytes of signer's name [$raw_name]\n";
|
|
}
|
|
|
|
#
|
|
# Produce the requested output
|
|
#
|
|
if ($part eq "-0") {
|
|
# The unsigned module, no signature data at all
|
|
binmode(STDOUT);
|
|
print substr($buf, 0, $module_len);
|
|
} elsif ($part eq "-a") {
|
|
# All of the signature data, including magic number
|
|
binmode(STDOUT);
|
|
print substr($buf, $module_len);
|
|
} elsif ($part eq "-d") {
|
|
# Just the descriptor values as a sequence of numbers
|
|
print join(" ", @info), "\n";
|
|
} elsif ($part eq "-n") {
|
|
# Just the signer's name
|
|
print STDERR "No signer's name for PKCS#7 message type sig\n"
|
|
if ($id_type == 2);
|
|
binmode(STDOUT);
|
|
print $raw_name;
|
|
} elsif ($part eq "-k") {
|
|
# Just the key identifier
|
|
print STDERR "No key ID for PKCS#7 message type sig\n"
|
|
if ($id_type == 2);
|
|
binmode(STDOUT);
|
|
print $raw_kid;
|
|
} elsif ($part eq "-s") {
|
|
# Just the crypto signature or PKCS#7 message
|
|
binmode(STDOUT);
|
|
print $raw_sig;
|
|
}
|