1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 |
- #! /usr/bin/env perl
- use strict;
- use warnings;
- use File::Spec;
- use if $^O eq "VMS", "VMS::Filespec";
- my $bldtop_dir;
- # First script argument MUST be the build top directory
- BEGIN {
- $bldtop_dir = $ARGV[0];
- # 'use lib' needs Unix-ish paths
- $bldtop_dir = VMS::Filespec::unixpath($bldtop_dir) if $^O eq "VMS";
- }
- use lib $bldtop_dir;
- use FindBin;
- use lib "$FindBin::Bin/../Configurations";
- use platform;
- my @providers = ($bldtop_dir, 'providers');
- my $fips_cnf = File::Spec->catfile(@providers, 'fipsinstall.cnf');
- my $fips_module = File::Spec->catfile(@providers, platform->dso('fips'));
- my $openssl = File::Spec->catfile($bldtop_dir, 'apps',
- platform->bin('openssl'));
- # We create the command like this to make it readable, then massage it with
- # a space replacement regexp to make it usable with system()
- my $cmd = <<_____;
- $openssl fipsinstall \
- -out "{fips_cnf}" \
- -module "{fips_module}" \
- -provider_name "fips" \
- -mac_name "HMAC" -macopt "digest:SHA256" -macopt "hexkey:00" \
- -section_name "fips_sect"
- _____
- $cmd =~ s|\s+| |gm;
- $cmd =~ s|{fips_cnf}|$fips_cnf|;
- $cmd =~ s|{fips_module}|$fips_module|;
- my $exit = 0;
- system($cmd);
- die "Failed to run '$cmd'\n" if $? == -1;
- # If there was a signal, use it as exit code with high bit set.
- $exit = (($? & 255) | 128) if ($? & 255) != 0;
- # Otherwise, just return fipsinstall's exit code
- $exit = ($? >> 8);
- exit($exit);
|