SIGNPROTO(1ONBLD) illumos Build Tools SIGNPROTO(1ONBLD)

NAME

signproto - sign ELF objects in proto area

SYNOPSIS

signproto cred_file

DESCRIPTION

signproto finds ELF objects in the ON proto area and re-signs them using signit(1ONBLD). This operation is normally invoked only for release builds, as it replaces the internal development signatures with official Sun signatures. The actual signing using Sun's private key is performed by a code signing server which is accessed via signit.

Cryptographic modules are identified by examining the signature embedded by elfsign(1) during the build process. signproto requires a single command-line argument, which is a file containing the mapping between each signing server credential name and the Subject Distinguished Name (DN) of the certificate used to sign the ELF file. Each line in the file contains a credential name followed by a regular expression. The first regular expression that matches the Subject DN embedded in the ELF file determines the credential name passed to signit to re-sign the file.

ENVIRONMENT

CODESIGN_USER
Login name for the code signing server passed to signit . If this variable is not set, the value in LOGNAME is used instead.
ROOT
Location of ON proto area containing files to be signed.

SEE ALSO

signit(1ONBLD), elfsign(1)
June 13, 2007