sign-file: Show -k flag in usage when built for CMS signing

[PATCH] sign-file: Show -k flag in usage when built for CMS signing

Posted by Daniel Lublin 6 months, 2 weeks ago

When sign-file is built for CMS signing (when USE_PKCS7 is undefined) it
handles the -k flag, so show that in the usage. The -k (keyid) flag is
not cared for used when -s rawsig is used, so that usage is not altered.

This change also makes it more obvious whether or not a sign-file binary
actually has been built for CMS signing.

Signed-off-by: Daniel Lublin <daniel@lublin.se>
---
 scripts/sign-file.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/scripts/sign-file.c b/scripts/sign-file.c
index 7070245edfc1..0b9a3af9115f 100644
--- a/scripts/sign-file.c
+++ b/scripts/sign-file.c
@@ -79,8 +79,13 @@ static char magic_number[] = "~Module signature appended~\n";
 static __attribute__((noreturn))
 void format(void)
 {
+#ifndef USE_PKCS7
+	fprintf(stderr,
+		"Usage: scripts/sign-file [-dpk] <hash algo> <key> <x509> <module> [<dest>]\n");
+#else
 	fprintf(stderr,
 		"Usage: scripts/sign-file [-dp] <hash algo> <key> <x509> <module> [<dest>]\n");
+#endif
 	fprintf(stderr,
 		"       scripts/sign-file -s <raw sig> <hash algo> <x509> <module> [<dest>]\n");
 	exit(2);
-- 
2.49.0

Re: [PATCH] sign-file: Show -k flag in usage when built for CMS signing

Posted by Daniel Lublin 2 months, 1 week ago

Any comments on this? Yay, or should we forget it?

-- 
Daniel
lublin.se