1 .\"
   2 .\" CDDL HEADER START
   3 .\"
   4 .\" The contents of this file are subject to the terms of the
   5 .\" Common Development and Distribution License (the "License").
   6 .\" You may not use this file except in compliance with the License.
   7 .\"
   8 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9 .\" or http://www.opensolaris.org/os/licensing.
  10 .\" See the License for the specific language governing permissions
  11 .\" and limitations under the License.
  12 .\"
  13 .\" When distributing Covered Code, include this CDDL HEADER in each
  14 .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15 .\" If applicable, add the following below this CDDL HEADER, with the
  16 .\" fields enclosed by brackets "[]" replaced with your own identifying
  17 .\" information: Portions Copyright [yyyy] [name of copyright owner]
  18 .\"
  19 .\" CDDL HEADER END
  20 .\"
  21 .\" Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  22 .\" Use is subject to license terms.
  23 .\"
  24 .\" ident       "%Z%%M% %I%     %E% SMI"
  25 .TH signproto 1 "13 June 2007"
  26 .SH NAME
  27 .I signproto
  28 \- sign ELF objects in proto area
  29 .SH SYNOPSIS
  30 \fBsignproto \fIcred_file\fP
  31 .LP
  32 .SH DESCRIPTION
  33 .IX "OS-Net build tools" "signproto" "" "\fBsignproto\fP"
  34 .LP
  35 .I signproto
  36 finds ELF objects in the ON proto area and re-signs them
  37 using 
  38 .IR signit (1).
  39 This operation is normally invoked only for
  40 release builds, as it replaces the internal development
  41 signatures with official Sun signatures. The actual signing using
  42 Sun's private key is performed by a code signing server which
  43 is accessed via
  44 .IR signit .
  45 .LP
  46 Cryptographic modules are identified by examining the signature
  47 embedded by
  48 .IR elfsign (1)
  49 during the build process. 
  50 .I signproto
  51 requires a single command-line argument, which is a file containing
  52 the mapping between each signing server credential name and the Subject
  53 Distinguished Name (DN) of the certificate used to 
  54 sign the ELF file. Each line in the file contains a credential name
  55 followed by a regular expression. The first regular expression that
  56 matches the Subject DN embedded in the ELF file determines the 
  57 credential name passed to
  58 .I signit
  59 to re-sign the file.
  60 .LP
  61 .SH ENVIRONMENT
  62 .LP
  63 .TP 4
  64 .B CODESIGN_USER
  65 Login name for the code signing server passed to
  66 .I signit .
  67 If this variable is not set, the value in LOGNAME is used instead.
  68 .LP
  69 .TP 4
  70 .B ROOT
  71 Location of ON proto area containing files to be signed.
  72 .LP
  73 .SH SEE ALSO
  74 .LP
  75 signit(1), elfsign(1)