Accepting request 149385 from home:gary_lin:branches:Base:System

Add pesign-digestdata.diff to generate digestdata (FATE#314552)

OBS-URL: https://build.opensuse.org/request/show/149385
OBS-URL: https://build.opensuse.org/package/show/Base:System/pesign?expand=0&rev=3

pesign-digestdata.diff

@@ -0,0 +1,128 @@
+--- src/cms_common.c.orig	2013-01-18 14:32:01.000000000 +0000
++++ src/cms_common.c	2013-01-18 14:34:25.000000000 +0000
+@@ -155,6 +155,7 @@ cms_context_init(cms_context *cms)
+ 	}
+ 
+ 	cms->selected_digest = -1;
++	cms->digestdatafd = -1;
+ 
+ 	return 0;
+ }
+@@ -746,6 +747,11 @@ generate_digest_step(cms_context *cms, v
+ {
+ 	for (int i = 0; i < n_digest_params; i++)
+ 		PK11_DigestOp(cms->digests[i].pk11ctx, data, len);
++	if (cms->digestdatafd >= 0 && len != 0) {
++		if (write(cms->digestdatafd, data, len) != len) {
++			cms->log(cms, LOG_ERR, "digestdata write: %m");
++		}
++	}
+ }
+ 
+ int
+--- src/cms_common.h.orig	2013-01-18 14:31:32.000000000 +0000
++++ src/cms_common.h	2013-01-18 14:31:54.000000000 +0000
+@@ -59,6 +59,8 @@ typedef struct cms_context {
+ 
+ 	cms_common_logger log;
+ 	void *log_priv;
++
++	int digestdatafd;
+ } cms_context;
+ 
+ typedef struct {
+--- src/pesign.c.orig	2013-01-18 14:20:47.000000000 +0000
++++ src/pesign.c	2013-01-18 14:35:03.000000000 +0000
+@@ -177,6 +177,24 @@ open_output(pesign_context *ctx)
+ }
+ 
+ static void
++open_digestdata(pesign_context *ctx)
++{
++	ctx->digestdatafd = open(ctx->digestdatafile, O_RDWR|O_CREAT|O_TRUNC|O_CLOEXEC,
++			0666);
++	if (ctx->digestdatafd < 0) {
++		fprintf(stderr, "pesign: Error opening digest data file: %m\n");
++		exit(1);
++	}
++}
++
++static void
++close_digestdata(pesign_context *ctx)
++{
++	close(ctx->digestdatafd);
++	ctx->digestdatafd = -1;
++}
++
++static void
+ open_rawsig_input(pesign_context *ctx)
+ {
+ 	if (!ctx->rawsig) {
+@@ -461,6 +479,7 @@ main(int argc, char *argv[])
+ 		{"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1,
+ 			"create a new signature", NULL },
+ 		{"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL },
++		{"digestdata", 'H', POPT_ARG_STRING, &ctxp->digestdatafile, 0, "write digest data in file", "<outfile>"},
+ 		{"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT,
+ 			&digest_name, 0, "digest type to use for pe hash" },
+ 		{"import-signed-certificate", 'm',
+@@ -623,7 +642,7 @@ main(int argc, char *argv[])
+ 		}
+ 	}
+ 
+-	if (ctxp->hash)
++	if (ctxp->hash || ctxp->digestdatafile)
+ 		action |= GENERATE_DIGEST|PRINT_DIGEST;
+ 
+ 	ssize_t sigspace = 0;
+@@ -748,7 +767,15 @@ main(int argc, char *argv[])
+ 			break;
+ 		case GENERATE_DIGEST|PRINT_DIGEST:
+ 			open_input(ctxp);
++			if (ctxp->digestdatafile) {
++				open_digestdata(ctxp);
++				ctxp->cms_ctx->digestdatafd = ctxp->digestdatafd;
++			}
+ 			generate_digest(ctxp->cms_ctx, ctxp->inpe);
++			if (ctxp->digestdatafile) {
++				close_digestdata(ctxp);
++				ctxp->cms_ctx->digestdatafd = -1;
++			}
+ 			print_digest(ctxp);
+ 			break;
+ 		/* generate a signature and save it in a separate file */
+--- src/pesign_context.c.orig	2013-01-18 14:30:08.000000000 +0000
++++ src/pesign_context.c	2013-01-18 14:30:55.000000000 +0000
+@@ -68,6 +68,8 @@ pesign_context_init(pesign_context *ctx)
+ 	ctx->outkeyfd = -1;
+ 	ctx->outcertfd = -1;
+ 
++	ctx->digestdatafd = -1;
++
+ 	ctx->signum = -1;
+ 
+ 	ctx->ascii = 0;
+@@ -165,6 +167,11 @@ pesign_context_fini(pesign_context *ctx)
+ 		ctx->infd = -1;
+ 	}
+ 
++	if (ctx->digestdatafd >= 0) {
++		close(ctx->digestdatafd);
++		ctx->digestdatafd = -1;
++	}
++
+ 	ctx->signum = -1;
+ 
+ 	if (!(ctx->flags & PESIGN_C_ALLOCATED))
+--- src/pesign_context.h.orig	2013-01-18 14:23:14.000000000 +0000
++++ src/pesign_context.h	2013-01-18 14:29:52.000000000 +0000
+@@ -67,6 +67,9 @@ typedef struct {
+ 	int ascii;
+ 	int sign;
+ 	int hash;
++
++	int digestdatafd;
++	char *digestdatafile;
+ } pesign_context;
+ 
+ extern int pesign_context_new(pesign_context **ctx);

pesign.changes

@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Jan 21 10:17:28 UTC 2013 - glin@suse.com
+
+- Add pesign-digestdata.diff to generate digestdata (FATE#314552)
+
 -------------------------------------------------------------------
 Wed Dec 12 13:18:40 UTC 2012 - fcrozat@suse.com
 

pesign.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package pesign
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,14 +16,13 @@
 #
 
 
-
 Name:           pesign
 Version:        0.99
-Release:        1
+Release:        0
-License:        GPL-2.0
 Summary:        Signing tool for PE-COFF binaries
-Url:            https://github.com/vathpela/pesign
+License:        GPL-2.0
 Group:          Productivity/Security
+Url:            https://github.com/vathpela/pesign
 Source:         %{name}-%{version}.tar.bz2
 # PATCH-FIX-UPSTREAM pesign-upstream-fixes.patch glin@suse.com -- fixes from upstream
 Patch0:         pesign-upstream-fixes.patch
@@ -37,9 +36,11 @@ Patch3:         pesign-client-initialize-action.patch
 Patch4:         pesign-client-read-pin-file.patch
 # PATCH-FIX-UPSTREAM pesign-local-database.patch glin@suse.com -- Support local certificate database
 Patch5:         pesign-local-database.patch
+# PATCH-FIX-UPSTREAM pesign-digestdata.diff glin@suse.com -- Generate digestdata
+Patch6:         pesign-digestdata.diff
 BuildRequires:  mozilla-nss-devel
-BuildRequires:  popt-devel
 BuildRequires:  pkg-config
+BuildRequires:  popt-devel
 %if 0%{?suse_version} > 1140
 BuildRequires:  pkgconfig(systemd)
 %{?systemd_requires}
@@ -68,6 +69,7 @@ Authors:
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p0
 
 %build
 make OPTFLAGS="$RPM_OPT_FLAGS"