1 #!/bin/ksh
   2 #
   3 # CDDL HEADER START
   4 #
   5 # The contents of this file are subject to the terms of the
   6 # Common Development and Distribution License (the "License").
   7 # You may not use this file except in compliance with the License.
   8 #
   9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10 # or http://www.opensolaris.org/os/licensing.
  11 # See the License for the specific language governing permissions
  12 # and limitations under the License.
  13 #
  14 # When distributing Covered Code, include this CDDL HEADER in each
  15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16 # If applicable, add the following below this CDDL HEADER, with the
  17 # fields enclosed by brackets "[]" replaced with your own identifying
  18 # information: Portions Copyright [yyyy] [name of copyright owner]
  19 #
  20 # CDDL HEADER END
  21 #
  22 
  23 #
  24 # Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  25 # Use is subject to license terms.
  26 #
  27 
  28 # findcrypto cred_file
  29 #
  30 # Utility to find cryptographic modules in the proto area.  Prints out
  31 # one line for each binary, using the form
  32 #
  33 #   cred path
  34 #
  35 # where "path" identifies the binary (relative to $ROOT), and "cred"
  36 # says how the binary should get signed.
  37 #
  38 # The cred_file argument is the same as for signproto.sh.
  39 #
  40 
  41 # Directories in proto area that may contain crypto objects
  42 DIRS="platform kernel usr/lib/security"
  43 
  44 # Read list of credentials and regular expressions
  45 n=0
  46 grep -v "^#" $1 | while read c r
  47 do
  48         cred[$n]=$c
  49         regex[$n]=$r
  50         (( n = n + 1 ))
  51 done
  52 
  53 # Search proto area for crypto modules
  54 cd $ROOT
  55 find $DIRS -type f -print | while read f; do
  56         s=`elfsign list -f signer -e $f 2>/dev/null`
  57         if [[ $? != 0 ]]; then 
  58                 continue
  59         fi
  60         # Determine credential based on signature
  61         i=0
  62         while [[ i -lt n ]]; do
  63                 if expr "$s" : ".*${regex[i]}" >/dev/null; then
  64                         echo "${cred[i]} $f"
  65                         break
  66                 fi
  67                 (( i = i + 1 ))
  68         done
  69 done
  70 
  71 exit 0