diff options
Diffstat (limited to 'openssl/fips/openssl_fips_fingerprint')
| -rw-r--r-- | openssl/fips/openssl_fips_fingerprint | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/openssl/fips/openssl_fips_fingerprint b/openssl/fips/openssl_fips_fingerprint new file mode 100644 index 000000000..f59a67d53 --- /dev/null +++ b/openssl/fips/openssl_fips_fingerprint @@ -0,0 +1,31 @@ +#!/bin/sh +# +# Check the library fingerprint and generate an executable fingerprint, or +# return an error + +lib=$1 +exe=$2 +ext=${HMAC_EXT:-sha1} + +# deal with the case where we're run from within the build and OpenSSL is +# not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in +# case shared libraries are built. +if [ "X$TOP" != "X" ] +then + if test "$OSTYPE" = msdosdjgpp; then + PATH="$TOP/apps;$TOP;$PATH" + else + PATH="$TOP/apps:$TOP:$PATH" + fi + LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH +else + LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH +fi + +echo "Checking library fingerprint for $lib" +openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; } + +[ -x $exe.exe ] && exe=$exe.exe + +echo "Making fingerprint for $exe" +openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.$ext || rm $exe.$ext |