openssl/fips/openssl_fips_fingerprint
2008-09-16 10:12:23 +00:00

31 lines
898 B
Bash
Executable file

#!/bin/sh
#
# Check the library fingerprint and generate an executable fingerprint, or
# return an error
lib=$1
exe=$2
ext=${HMAC_EXT:-sha1}
# deal with the case where we're run from within the build and OpenSSL is
# not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in
# case shared libraries are built.
if [ "X$TOP" != "X" ]
then
if test "$OSTYPE" = msdosdjgpp; then
PATH="$TOP/apps;$TOP;$PATH"
else
PATH="$TOP/apps:$TOP:$PATH"
fi
LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH
else
LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH
fi
echo "Checking library fingerprint for $lib"
openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; }
[ -x $exe.exe ] && exe=$exe.exe
echo "Making fingerprint for $exe"
openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.$ext || rm $exe.$ext