1#!/bin/ksh 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2010 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26# 27 28# findcrypto cred_file 29# 30# Utility to find cryptographic modules in the proto area. Prints out 31# one line for each binary, using the form 32# 33# cred path 34# 35# where "path" identifies the binary (relative to $ROOT), and "cred" 36# says how the binary should get signed. 37# 38# The cred_file argument is the same as for signproto.sh. 39# 40 41# Directories in proto area that may contain crypto objects 42DIRS="platform kernel usr/lib/security" 43 44# Read list of credentials and regular expressions 45n=0 46grep -v "^#" $1 | while read c r 47do 48 cred[$n]=$c 49 regex[$n]=$r 50 (( n = n + 1 )) 51done 52 53# Search proto area for crypto modules 54cd $ROOT 55find $DIRS -type f -print | while read f; do 56 s=`elfsign list -f signer -e $f 2>/dev/null` 57 if [[ $? != 0 ]]; then 58 continue 59 fi 60 # Determine credential based on signature 61 i=0 62 while [[ i -lt n ]]; do 63 if expr "$s" : ".*${regex[i]}" >/dev/null; then 64 echo "${cred[i]} $f" 65 break 66 fi 67 (( i = i + 1 )) 68 done 69done 70 71exit 0 72