packages/secGear
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
secGear/0070-sign-tool-add-invalid-param-verify.patch
qsw33 63198ecadf synchronous features
2023-09-18 11:13:44 +08:00

55 lines
2.5 KiB
Diff
Raw Blame History

From f0cd1f169bec254162c7e7d1781aabc68879fb9c Mon Sep 17 00:00:00 2001
From: houmingyong <houmingyong@huawei.com>
Date: Thu, 8 Jun 2023 20:51:22 +0800
Subject: [PATCH] sign tool add invalid param verify
---
tools/sign_tool/sign_tool.sh | 24 +++++++++++++++++++++---
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/tools/sign_tool/sign_tool.sh b/tools/sign_tool/sign_tool.sh
index 74e2514..5bf7fbb 100755
--- a/tools/sign_tool/sign_tool.sh
+++ b/tools/sign_tool/sign_tool.sh
@@ -17,9 +17,11 @@ print_help() {
echo "-k <file> private key required for single-step method. Note: single-step method is only for the debug mode,"
echo "-k <file> plaintext private key does exist in the production environment."
echo "-m <file> additional config_cloud.ini for trustzone."
- echo "-o <file> output parameter, the sign command outputs signed enclave, the digest command outputs signing"
- echo " material, the dump command outputs data containing the SIGStruct metadata for the SGX signed"
- echo " enclave, which is submitted to Intel for whitelisting."
+ echo "-o <file> output parameter. "
+ echo " sgx: the sign command outputs signed enclave, the digest command outputs signing"
+ echo " material, the dump command outputs data containing the SIGStruct metadata for the SGX signed"
+ echo " enclave, which is submitted to Intel for whitelisting."
+ echo " trustzone: /output_path/uuid.sec, uuid must be the same as the value of gpd.ta.appID in manifest.txt"
echo "-p <file> signing server public key certificate, required for sgx two-step method."
echo "-s <file> the signature value required for two-step method, this parameter is empty to indicate"
echo " single-step method."
@@ -116,6 +118,22 @@ itrustee_start_sign() {
echo "Error: missing additional config_cloud.ini file for signing iTrustee enclave"
exit 1
fi
+ if [ -z $CONFIG_FILE ]; then
+ echo "Error: missing basic config file for signing iTrustee enclave"
+ exit 1
+ fi
+ if [ ! -e $CONFIG_FILE ]; then
+ echo "No such file or directory"
+ exit 1
+ fi
+ if [ -z $IN_ENCLAVE ]; then
+ echo "Error: missing enclave file"
+ exit 1
+ fi
+ if [ ! -e $IN_ENCLAVE ]; then
+ echo "Error: No such file or directory"
+ exit 1
+ fi
if [ "${CMD}"x == "sign"x ]; then
IN_PATH=$(dirname ${CONFIG_FILE})
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink