SIGNPROTO(1ONBLD) |
illumos Build Tools |
SIGNPROTO(1ONBLD) |
NAME
signproto - sign ELF objects in proto area
SYNOPSIS
signproto cred_file
DESCRIPTION
signproto finds ELF objects in the ON proto area and re-signs them using
signit(1ONBLD). This operation is normally invoked only for release builds, as it replaces the internal development signatures with official Sun signatures. The actual signing using Sun's private key is performed by a code signing server which is accessed via
signit.
Cryptographic modules are identified by examining the signature embedded by elfsign(1) during the build process. signproto requires a single command-line argument, which is a file containing the mapping between each signing server credential name and the Subject Distinguished Name (DN) of the certificate used to sign the ELF file. Each line in the file contains a credential name followed by a regular expression. The first regular expression that matches the Subject DN embedded in the ELF file determines the credential name passed to signit to re-sign the file.
ENVIRONMENT
-
CODESIGN_USER
-
Login name for the code signing server passed to signit . If this variable is not set, the value in LOGNAME is used instead.
-
ROOT
-
Location of ON proto area containing files to be signed.
SEE ALSO
signit(1ONBLD), elfsign(1)