aboutsummaryrefslogtreecommitdiff
path: root/openssl/fips/openssl_fips_fingerprint
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/fips/openssl_fips_fingerprint')
-rw-r--r--openssl/fips/openssl_fips_fingerprint31
1 files changed, 31 insertions, 0 deletions
diff --git a/openssl/fips/openssl_fips_fingerprint b/openssl/fips/openssl_fips_fingerprint
new file mode 100644
index 000000000..f59a67d53
--- /dev/null
+++ b/openssl/fips/openssl_fips_fingerprint
@@ -0,0 +1,31 @@
+#!/bin/sh
+#
+# Check the library fingerprint and generate an executable fingerprint, or
+# return an error
+
+lib=$1
+exe=$2
+ext=${HMAC_EXT:-sha1}
+
+# deal with the case where we're run from within the build and OpenSSL is
+# not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in
+# case shared libraries are built.
+if [ "X$TOP" != "X" ]
+then
+ if test "$OSTYPE" = msdosdjgpp; then
+ PATH="$TOP/apps;$TOP;$PATH"
+ else
+ PATH="$TOP/apps:$TOP:$PATH"
+ fi
+ LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH
+else
+ LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH
+fi
+
+echo "Checking library fingerprint for $lib"
+openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; }
+
+[ -x $exe.exe ] && exe=$exe.exe
+
+echo "Making fingerprint for $exe"
+openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.$ext || rm $exe.$ext