Lines Matching +full:critical +full:- +full:action
2 # SPDX-License-Identifier: GPL-2.0
4 set -e
5 set -u
6 set -o pipefail
23 basicConstraints=critical,CA:FALSE
41 openssl req -new -nodes -utf8 -sha256 -days 36500 \
42 -batch -x509 -config ${tmp_dir}/x509.genkey \
43 -outform PEM -out ${tmp_dir}/signing_key.pem \
44 -keyout ${tmp_dir}/signing_key.pem 2>&1
46 openssl x509 -in ${tmp_dir}/signing_key.pem -out \
47 ${tmp_dir}/signing_key.der -outform der
65 rm -rf ${tmp_dir}
71 data_file=${tmp_dir}/data-file
72 sig_file=${tmp_dir}/sig-file
74 fsverity sign --key ${tmp_dir}/signing_key.pem $data_file $sig_file
78 touch ${tmp_dir}/tmp-file
79 fsverity enable ${tmp_dir}/tmp-file
85 data_file=${tmp_dir}/data-file
94 if [[ "${exit_code}" -ne 0 ]]; then
98 rm -f "${log_file}"
104 [[ $# -ne 2 ]] && usage
106 local action="$1"
109 [[ ! -d "${tmp_dir}" ]] && echo "Directory ${tmp_dir} doesn't exist" && exit 1
111 if [[ "${action}" == "setup" ]]; then
113 elif [[ "${action}" == "genkey" ]]; then
115 elif [[ "${action}" == "cleanup" ]]; then
117 elif [[ "${action}" == "fsverity-create-sign" ]]; then
119 elif [[ "${action}" == "fsverity-enable" ]]; then
122 echo "Unknown action: ${action}"
129 if [[ "${VERBOSE}" -eq 0 ]]; then
136 rm -f "${LOG_FILE}"