BaseTools: Update some tool with shell=True

[edk2] [Patch] BaseTools: Update some tool with shell=True

Posted by Yonghong Zhu 7 years, 1 month ago

Pkcs7Sign, Rsa2048Sha256Sign and Rsa2048Sha256GenerateKeys doesn't work
on Linux. It needs to be changed with shell=True.

Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=423
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
---
 BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py                        | 4 ++--
 .../Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKeys.py      | 4 ++--
 BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py        | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py b/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py
index f0b2d8a..6412587 100644
--- a/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py
+++ b/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py
@@ -4,11 +4,11 @@
 # This tool only support CertType - EFI_CERT_TYPE_PKCS7_GUID
 #   {0x4aafd29d, 0x68df, 0x49ee, {0x8a, 0xa9, 0x34, 0x7d, 0x37, 0x56, 0x65, 0xa7}}
 #
 # This tool has been tested with OpenSSL.
 #
-# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution.  The full text of the license may be found at
 # http://opensource.org/licenses/bsd-license.php
 #
@@ -107,11 +107,11 @@ if __name__ == '__main__':
 
   #
   # Verify that Open SSL command is available
   #
   try:
-    Process = subprocess.Popen('%s version' % (OpenSslCommand), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    Process = subprocess.Popen('%s version' % (OpenSslCommand), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
   except:
     print 'ERROR: Open SSL command not available.  Please verify PATH or set OPENSSL_PATH'
     sys.exit(1)
 
   Version = Process.communicate()
diff --git a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKeys.py b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKeys.py
index 0b1624a..2dd6c20 100644
--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKeys.py
+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKeys.py
@@ -7,11 +7,11 @@
 # public keys to a file in a C structure format, and in verbose mode display 
 # one or more SHA 256 hashes of 2048 bit public keys in a C structure format 
 # on STDOUT.
 # This tool has been tested with OpenSSL 1.0.1e 11 Feb 2013
 #
-# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution.  The full text of the license may be found at
 # http://opensource.org/licenses/bsd-license.php
 #
@@ -69,11 +69,11 @@ if __name__ == '__main__':
 
   #
   # Verify that Open SSL command is available
   #
   try:
-    Process = subprocess.Popen('%s version' % (OpenSslCommand), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    Process = subprocess.Popen('%s version' % (OpenSslCommand), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
   except:  
     print 'ERROR: Open SSL command not available.  Please verify PATH or set OPENSSL_PATH'
     sys.exit(1)
     
   Version = Process.communicate()
diff --git a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
index 199ebec..952583c 100644
--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
@@ -2,11 +2,11 @@
 # This tool encodes and decodes GUIDed FFS sections or FMP capsule for a GUID type of
 # EFI_CERT_TYPE_RSA2048_SHA256_GUID defined in the UEFI 2.4 Specification as
 #   {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf}}
 # This tool has been tested with OpenSSL 1.0.1e 11 Feb 2013
 #
-# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution.  The full text of the license may be found at
 # http://opensource.org/licenses/bsd-license.php
 #
@@ -90,11 +90,11 @@ if __name__ == '__main__':
 
   #
   # Verify that Open SSL command is available
   #
   try:
-    Process = subprocess.Popen('%s version' % (OpenSslCommand), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    Process = subprocess.Popen('%s version' % (OpenSslCommand), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
   except:  
     print 'ERROR: Open SSL command not available.  Please verify PATH or set OPENSSL_PATH'
     sys.exit(1)
     
   Version = Process.communicate()
-- 
2.6.1.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [Patch] BaseTools: Update some tool with shell=True

Posted by Gao, Liming 7 years, 1 month ago

Reviewed-by: Liming Gao <liming.gao@intel.com>

>-----Original Message-----
>From: Zhu, Yonghong
>Sent: Wednesday, March 15, 2017 9:23 AM
>To: edk2-devel@lists.01.org
>Cc: Gao, Liming <liming.gao@intel.com>
>Subject: [Patch] BaseTools: Update some tool with shell=True
>
>Pkcs7Sign, Rsa2048Sha256Sign and Rsa2048Sha256GenerateKeys doesn't work
>on Linux. It needs to be changed with shell=True.
>
>Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=423
>Cc: Liming Gao <liming.gao@intel.com>
>Contributed-under: TianoCore Contribution Agreement 1.0
>Signed-off-by: Yonghong Zhu <yonghong.zhu@intel.com>
>---
> BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py                        | 4 ++--
> .../Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKeys.py      | 4
>++--
> BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py        | 4
>++--
> 3 files changed, 6 insertions(+), 6 deletions(-)
>
>diff --git a/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py
>b/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py
>index f0b2d8a..6412587 100644
>--- a/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py
>+++ b/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py
>@@ -4,11 +4,11 @@
> # This tool only support CertType - EFI_CERT_TYPE_PKCS7_GUID
> #   {0x4aafd29d, 0x68df, 0x49ee, {0x8a, 0xa9, 0x34, 0x7d, 0x37, 0x56, 0x65,
>0xa7}}
> #
> # This tool has been tested with OpenSSL.
> #
>-# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
>+# Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
> # This program and the accompanying materials
> # are licensed and made available under the terms and conditions of the BSD
>License
> # which accompanies this distribution.  The full text of the license may be
>found at
> # http://opensource.org/licenses/bsd-license.php
> #
>@@ -107,11 +107,11 @@ if __name__ == '__main__':
>
>   #
>   # Verify that Open SSL command is available
>   #
>   try:
>-    Process = subprocess.Popen('%s version' % (OpenSslCommand),
>stdout=subprocess.PIPE, stderr=subprocess.PIPE)
>+    Process = subprocess.Popen('%s version' % (OpenSslCommand),
>stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
>   except:
>     print 'ERROR: Open SSL command not available.  Please verify PATH or set
>OPENSSL_PATH'
>     sys.exit(1)
>
>   Version = Process.communicate()
>diff --git
>a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKey
>s.py
>b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKey
>s.py
>index 0b1624a..2dd6c20 100644
>---
>a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKey
>s.py
>+++
>b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256GenerateKey
>s.py
>@@ -7,11 +7,11 @@
> # public keys to a file in a C structure format, and in verbose mode display
> # one or more SHA 256 hashes of 2048 bit public keys in a C structure format
> # on STDOUT.
> # This tool has been tested with OpenSSL 1.0.1e 11 Feb 2013
> #
>-# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
>+# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
> # This program and the accompanying materials
> # are licensed and made available under the terms and conditions of the BSD
>License
> # which accompanies this distribution.  The full text of the license may be
>found at
> # http://opensource.org/licenses/bsd-license.php
> #
>@@ -69,11 +69,11 @@ if __name__ == '__main__':
>
>   #
>   # Verify that Open SSL command is available
>   #
>   try:
>-    Process = subprocess.Popen('%s version' % (OpenSslCommand),
>stdout=subprocess.PIPE, stderr=subprocess.PIPE)
>+    Process = subprocess.Popen('%s version' % (OpenSslCommand),
>stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
>   except:
>     print 'ERROR: Open SSL command not available.  Please verify PATH or set
>OPENSSL_PATH'
>     sys.exit(1)
>
>   Version = Process.communicate()
>diff --git
>a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>index 199ebec..952583c 100644
>--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>@@ -2,11 +2,11 @@
> # This tool encodes and decodes GUIDed FFS sections or FMP capsule for a
>GUID type of
> # EFI_CERT_TYPE_RSA2048_SHA256_GUID defined in the UEFI 2.4
>Specification as
> #   {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35,
>0xbf}}
> # This tool has been tested with OpenSSL 1.0.1e 11 Feb 2013
> #
>-# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
>+# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
> # This program and the accompanying materials
> # are licensed and made available under the terms and conditions of the BSD
>License
> # which accompanies this distribution.  The full text of the license may be
>found at
> # http://opensource.org/licenses/bsd-license.php
> #
>@@ -90,11 +90,11 @@ if __name__ == '__main__':
>
>   #
>   # Verify that Open SSL command is available
>   #
>   try:
>-    Process = subprocess.Popen('%s version' % (OpenSslCommand),
>stdout=subprocess.PIPE, stderr=subprocess.PIPE)
>+    Process = subprocess.Popen('%s version' % (OpenSslCommand),
>stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
>   except:
>     print 'ERROR: Open SSL command not available.  Please verify PATH or set
>OPENSSL_PATH'
>     sys.exit(1)
>
>   Version = Process.communicate()
>--
>2.6.1.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel