--- src/cms_common.c.orig 2013-01-18 14:32:01.000000000 +0000 +++ src/cms_common.c 2013-01-18 14:34:25.000000000 +0000 @@ -155,6 +155,7 @@ cms_context_init(cms_context *cms) } cms->selected_digest = -1; + cms->digestdatafd = -1; return 0; } @@ -746,6 +747,11 @@ generate_digest_step(cms_context *cms, v { for (int i = 0; i < n_digest_params; i++) PK11_DigestOp(cms->digests[i].pk11ctx, data, len); + if (cms->digestdatafd >= 0 && len != 0) { + if (write(cms->digestdatafd, data, len) != len) { + cms->log(cms, LOG_ERR, "digestdata write: %m"); + } + } } int --- src/cms_common.h.orig 2013-01-18 14:31:32.000000000 +0000 +++ src/cms_common.h 2013-01-18 14:31:54.000000000 +0000 @@ -59,6 +59,8 @@ typedef struct cms_context { cms_common_logger log; void *log_priv; + + int digestdatafd; } cms_context; typedef struct { --- src/pesign.c.orig 2013-01-18 14:20:47.000000000 +0000 +++ src/pesign.c 2013-01-18 14:35:03.000000000 +0000 @@ -177,6 +177,24 @@ open_output(pesign_context *ctx) } static void +open_digestdata(pesign_context *ctx) +{ + ctx->digestdatafd = open(ctx->digestdatafile, O_RDWR|O_CREAT|O_TRUNC|O_CLOEXEC, + 0666); + if (ctx->digestdatafd < 0) { + fprintf(stderr, "pesign: Error opening digest data file: %m\n"); + exit(1); + } +} + +static void +close_digestdata(pesign_context *ctx) +{ + close(ctx->digestdatafd); + ctx->digestdatafd = -1; +} + +static void open_rawsig_input(pesign_context *ctx) { if (!ctx->rawsig) { @@ -461,6 +479,7 @@ main(int argc, char *argv[]) {"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1, "create a new signature", NULL }, {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL }, + {"digestdata", 'H', POPT_ARG_STRING, &ctxp->digestdatafile, 0, "write digest data in file", ""}, {"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT, &digest_name, 0, "digest type to use for pe hash" }, {"import-signed-certificate", 'm', @@ -623,7 +642,7 @@ main(int argc, char *argv[]) } } - if (ctxp->hash) + if (ctxp->hash || ctxp->digestdatafile) action |= GENERATE_DIGEST|PRINT_DIGEST; ssize_t sigspace = 0; @@ -748,7 +767,15 @@ main(int argc, char *argv[]) break; case GENERATE_DIGEST|PRINT_DIGEST: open_input(ctxp); + if (ctxp->digestdatafile) { + open_digestdata(ctxp); + ctxp->cms_ctx->digestdatafd = ctxp->digestdatafd; + } generate_digest(ctxp->cms_ctx, ctxp->inpe); + if (ctxp->digestdatafile) { + close_digestdata(ctxp); + ctxp->cms_ctx->digestdatafd = -1; + } print_digest(ctxp); break; /* generate a signature and save it in a separate file */ --- src/pesign_context.c.orig 2013-01-18 14:30:08.000000000 +0000 +++ src/pesign_context.c 2013-01-18 14:30:55.000000000 +0000 @@ -68,6 +68,8 @@ pesign_context_init(pesign_context *ctx) ctx->outkeyfd = -1; ctx->outcertfd = -1; + ctx->digestdatafd = -1; + ctx->signum = -1; ctx->ascii = 0; @@ -165,6 +167,11 @@ pesign_context_fini(pesign_context *ctx) ctx->infd = -1; } + if (ctx->digestdatafd >= 0) { + close(ctx->digestdatafd); + ctx->digestdatafd = -1; + } + ctx->signum = -1; if (!(ctx->flags & PESIGN_C_ALLOCATED)) --- src/pesign_context.h.orig 2013-01-18 14:23:14.000000000 +0000 +++ src/pesign_context.h 2013-01-18 14:29:52.000000000 +0000 @@ -67,6 +67,9 @@ typedef struct { int ascii; int sign; int hash; + + int digestdatafd; + char *digestdatafile; } pesign_context; extern int pesign_context_new(pesign_context **ctx);