modsign: Allow password to be specified for signing key
We don't want this in the Kconfig since it might then get exposed in
/proc/config.gz. So make it a parameter to Kbuild instead. This also
means we don't have to jump through hoops to strip quotes from it, as
we would if it was a config option.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 39aaabe..720b9bc 100755
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -80,6 +80,27 @@
} \
} while(0)
+static const char *key_pass;
+
+static int pem_pw_cb(char *buf, int len, int w, void *v)
+{
+ int pwlen;
+
+ if (!key_pass)
+ return -1;
+
+ pwlen = strlen(key_pass);
+ if (pwlen >= len)
+ return -1;
+
+ strcpy(buf, key_pass);
+
+ /* If it's wrong, don't keep trying it. */
+ key_pass = NULL;
+
+ return pwlen;
+}
+
int main(int argc, char **argv)
{
struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
@@ -96,9 +117,12 @@
BIO *b, *bd = NULL, *bm;
int opt, n;
+ OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
ERR_clear_error();
+ key_pass = getenv("KBUILD_SIGN_PIN");
+
do {
opt = getopt(argc, argv, "dp");
switch (opt) {
@@ -132,7 +156,8 @@
*/
b = BIO_new_file(private_key_name, "rb");
ERR(!b, "%s", private_key_name);
- private_key = PEM_read_bio_PrivateKey(b, NULL, NULL, NULL);
+ private_key = PEM_read_bio_PrivateKey(b, NULL, pem_pw_cb, NULL);
+ ERR(!private_key, "%s", private_key_name);
BIO_free(b);
b = BIO_new_file(x509_name, "rb");
