6282 New usr/src/tools/codesign/signproto.1onbld

   1 .\"
   2 .\" CDDL HEADER START
   3 .\"
   4 .\" The contents of this file are subject to the terms of the
   5 .\" Common Development and Distribution License (the "License").
   6 .\" You may not use this file except in compliance with the License.
   7 .\"
   8 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9 .\" or http://www.opensolaris.org/os/licensing.
  10 .\" See the License for the specific language governing permissions
  11 .\" and limitations under the License.
  12 .\"
  13 .\" When distributing Covered Code, include this CDDL HEADER in each
  14 .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15 .\" If applicable, add the following below this CDDL HEADER, with the
  16 .\" fields enclosed by brackets "[]" replaced with your own identifying
  17 .\" information: Portions Copyright [yyyy] [name of copyright owner]
  18 .\"
  19 .\" CDDL HEADER END
  20 .\"
  21 .\" Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  22 .\" Use is subject to license terms.
  23 .\"
  24 .TH SIGNPROTO 1ONBLD "Jun 13, 2007"
  25 .SH NAME
  26 .I signproto
  27 \- sign ELF objects in proto area
  28 .SH SYNOPSIS
  29 \fBsignproto \fIcred_file\fP
  30 .SH DESCRIPTION
  31 .LP
  32 .I signproto
  33 finds ELF objects in the ON proto area and re-signs them
  34 using
  35 .IR signit (1ONBLD).
  36 This operation is normally invoked only for
  37 release builds, as it replaces the internal development
  38 signatures with official Sun signatures. The actual signing using
  39 Sun's private key is performed by a code signing server which
  40 is accessed via
  41 .IR signit .
  42 .LP
  43 Cryptographic modules are identified by examining the signature
  44 embedded by
  45 .IR elfsign (1)
  46 during the build process.
  47 .I signproto
  48 requires a single command-line argument, which is a file containing
  49 the mapping between each signing server credential name and the Subject
  50 Distinguished Name (DN) of the certificate used to
  51 sign the ELF file. Each line in the file contains a credential name
  52 followed by a regular expression. The first regular expression that
  53 matches the Subject DN embedded in the ELF file determines the
  54 credential name passed to
  55 .I signit
  56 to re-sign the file.
  57 .SH ENVIRONMENT
  58 .TP 4
  59 .B CODESIGN_USER
  60 Login name for the code signing server passed to
  61 .I signit .
  62 If this variable is not set, the value in LOGNAME is used instead.
  63 .TP 4
  64 .B ROOT
  65 Location of ON proto area containing files to be signed.
  66 .SH SEE ALSO
  67 .LP
  68 signit(1ONBLD), elfsign(1)