Skip to content

Commit 00886ee

Browse files
val-msval-ms
authored
Merge pull request #1478 from val-ms/codesign-fixes-sys_rs
Fix several codesign feature bugs
2 parents 8ef70a4 + 6490dde commit 00886ee

25 files changed

+392
-421
lines changed

Cargo.lock

Lines changed: 237 additions & 178 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

certs/clamav-beta.crt

Lines changed: 0 additions & 122 deletions
Original file line numberDiff line numberDiff line change
@@ -29,125 +29,3 @@ Bd/OoRMlH6aAxOD3W8PR18TkR7wt5++qMEC+hvpTIBfqDzM6q/l1Gv1/xzKtDiFL
2929
9ZmIM79osXAOPMn/dNAh4hVURBl2n7/69FSRzQbVIBGt2YYlWV9HVfOXquuYJ3py
3030
pOQCrNNrFjEMFifHqO2ktkn7c8Tsw4dFVnIhKFU=
3131
-----END CERTIFICATE-----
32-
Certificate:
33-
Data:
34-
Version: 3 (0x2)
35-
Serial Number: 0 (0x0)
36-
Signature Algorithm: sha256WithRSAEncryption
37-
Issuer: C=US, ST=MD, L=Laurel, O=Cisco, OU=Talos, CN=ClamAV BETA Root CA
38-
Validity
39-
Not Before: Mar 26 21:31:56 2025 GMT
40-
Not After : Jul 24 21:31:56 2025 GMT
41-
Subject: C=US, ST=MD, O=Cisco, OU=Talos, CN=ClamAV BETA Intermediate Signing CA
42-
Subject Public Key Info:
43-
Public Key Algorithm: rsaEncryption
44-
RSA Public-Key: (4096 bit)
45-
Modulus:
46-
00:a1:6b:6a:b0:76:70:35:e1:d3:e5:49:1d:3f:e0:
47-
2c:1f:f3:bd:38:cb:cb:7b:ec:e3:f3:20:27:1c:99:
48-
1e:99:89:d0:f4:11:ef:b2:18:6c:1b:25:40:55:18:
49-
b0:c4:e8:03:0a:64:30:11:fa:b2:2b:6f:cb:2b:b8:
50-
aa:0c:29:36:77:6f:cf:12:35:67:14:e9:02:65:ad:
51-
6e:fb:fa:f9:b3:a2:9c:1b:d8:90:70:15:10:d0:29:
52-
2b:9f:49:6b:dc:75:fb:34:36:e8:cf:22:10:03:8d:
53-
7e:97:2c:c6:9c:be:29:33:b8:6b:b8:54:92:a0:28:
54-
92:a0:0c:ef:46:a6:0f:94:7a:c4:51:ef:a9:93:0f:
55-
46:43:63:1d:36:f8:51:4c:be:8f:89:06:a9:05:6f:
56-
e2:40:a9:b4:e3:69:d5:20:48:2d:b0:d8:2b:25:b1:
57-
af:08:3b:a8:a6:18:84:0c:05:54:2d:40:a0:e1:bf:
58-
af:18:22:2d:87:69:83:89:6d:cf:d3:5f:2b:01:7d:
59-
d4:4e:db:2c:80:b2:77:25:5f:55:e1:d4:d4:fe:ad:
60-
7a:7c:2b:b3:ef:32:73:aa:f7:f2:43:4e:ae:d3:25:
61-
69:57:c8:0b:cf:8c:bd:33:d9:05:87:9d:7b:09:e2:
62-
59:3f:01:d2:54:af:c4:8a:97:d7:4b:ce:d9:ad:15:
63-
6f:21:8a:e2:24:27:03:60:2e:6d:1d:dd:be:eb:77:
64-
a3:4d:ac:d6:01:4a:d4:ec:86:b7:b6:9d:02:3d:2a:
65-
7f:e0:5f:02:0f:58:d1:0b:cb:7b:e2:ff:e9:f3:5d:
66-
0f:6f:d1:12:77:5f:80:e7:96:67:dd:d7:13:2e:3c:
67-
cf:b7:d6:36:33:55:6e:e4:f8:67:08:bb:ed:9a:61:
68-
44:27:b0:e2:11:0a:b9:3f:fd:a5:2b:96:e4:7f:5e:
69-
60:c6:7d:8c:d6:19:64:79:ff:02:98:eb:53:db:35:
70-
9f:ac:a7:02:51:92:85:37:9a:23:1e:f3:c4:b6:cb:
71-
0b:7d:65:ed:50:10:94:47:0d:cc:2a:34:a7:65:fd:
72-
de:c0:c1:01:ac:e9:4f:c2:02:2d:b2:eb:c5:f8:e6:
73-
db:cd:aa:87:91:63:94:40:5e:00:0b:f1:08:07:04:
74-
85:79:ce:c8:43:cf:c9:af:66:31:20:e7:58:bf:dd:
75-
6b:cb:d4:a4:89:e2:c0:11:15:02:ca:80:cc:97:2a:
76-
36:f6:7f:9c:78:f2:5c:35:70:c9:58:6f:95:91:25:
77-
88:e3:d7:da:c0:0f:b8:cd:5e:2e:9f:67:d2:14:74:
78-
c7:31:09:91:87:0d:97:9f:30:f3:72:1c:ac:98:c1:
79-
da:f2:b3:8d:9e:36:21:cb:e8:d9:53:4f:98:2e:d8:
80-
ad:44:af
81-
Exponent: 65537 (0x10001)
82-
X509v3 extensions:
83-
X509v3 Basic Constraints: critical
84-
CA:TRUE
85-
X509v3 Key Usage: critical
86-
Certificate Sign, CRL Sign
87-
X509v3 Extended Key Usage:
88-
OCSP Signing, E-mail Protection
89-
Netscape Cert Type:
90-
SSL CA
91-
Signature Algorithm: sha256WithRSAEncryption
92-
4c:8c:2d:f9:22:a4:de:f6:91:30:8e:50:ad:1b:1c:f8:f1:e0:
93-
e5:93:7b:57:1c:75:b4:e1:3b:f1:43:12:c1:af:5a:00:c4:a1:
94-
5b:6e:9b:07:74:83:68:01:7c:d4:44:25:41:30:34:7d:79:59:
95-
f4:ac:df:4a:44:1c:f0:a2:e2:ac:1d:60:b5:83:48:55:a8:45:
96-
66:31:43:9d:2a:0c:df:0e:06:5e:e5:e1:1d:d7:99:2d:33:60:
97-
2f:f2:39:f0:3c:1f:c3:a8:ff:85:34:75:dd:27:35:d2:a2:f3:
98-
36:bc:17:80:ce:60:89:29:66:0c:ee:8e:1d:82:df:a6:33:2b:
99-
47:a9:fc:2a:e3:82:b2:07:e2:8a:3a:df:ed:3c:4e:61:d5:c3:
100-
f8:df:d2:d3:c6:f4:d7:b9:a7:71:32:bf:42:e9:d2:99:25:ef:
101-
0d:8d:7e:0f:2c:17:2b:b2:c6:e0:31:7f:06:85:af:ae:52:e9:
102-
b3:4c:06:7f:1a:9d:ee:21:f2:e1:53:94:73:cd:7c:96:5d:c0:
103-
b7:1a:55:55:72:c8:13:4f:b0:c6:ca:6a:46:75:aa:f9:1c:9d:
104-
74:94:d5:87:50:39:36:4a:41:eb:4e:78:c9:b6:9d:ce:ef:68:
105-
57:76:e6:89:a6:82:b9:eb:69:84:8e:24:e2:62:6d:3f:4d:02:
106-
ea:2a:5d:cf:a0:74:6a:0a:0c:b5:31:5c:54:61:96:86:c9:07:
107-
c0:f4:b5:e0:66:25:63:28:9e:3e:ec:63:a6:04:aa:03:dd:30:
108-
40:7f:74:e5:8c:55:79:1f:41:6d:52:72:ce:92:ed:9a:13:ae:
109-
30:68:80:04:86:5d:bb:42:e3:f6:63:20:e2:86:f5:72:78:30:
110-
34:91:58:35:1d:db:68:02:7a:61:de:61:73:e2:5e:df:96:c7:
111-
5a:02:13:8f:66:df:9d:05:99:71:e9:ef:6d:a9:cf:28:83:40:
112-
8e:48:d3:8f:6a:37:b5:f0:a6:13:63:28:76:8d:3f:3d:35:94:
113-
d8:ef:3a:15:bc:ac:5c:63:0a:ae:60:fa:78:6f:1e:67:0d:7d:
114-
22:b4:60:3d:95:10:93:5a:49:ee:30:58:81:e3:5c:07:65:46:
115-
b2:02:76:32:6c:2e:2c:79:0c:f7:d9:c1:4f:5a:e4:20:53:08:
116-
d7:68:79:36:a8:59:e2:ce:7a:8f:50:32:20:a7:b6:6a:ba:33:
117-
55:b6:bd:a6:e8:91:c3:36:b1:3b:ab:1f:ee:d7:d4:d4:dd:28:
118-
98:53:d5:18:f7:44:dd:e8:dd:61:88:20:39:9e:1c:53:ab:6c:
119-
92:2b:7c:08:6a:8f:98:8b:9d:33:ac:12:b1:c6:ba:7b:45:57:
120-
a0:9d:9b:0c:46:a1:22:e1
121-
-----BEGIN CERTIFICATE-----
122-
MIIFoTCCA4mgAwIBAgIBADANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQGEwJVUzEL
123-
MAkGA1UECAwCTUQxDzANBgNVBAcMBkxhdXJlbDEOMAwGA1UECgwFQ2lzY28xDjAM
124-
BgNVBAsMBVRhbG9zMRwwGgYDVQQDDBNDbGFtQVYgQkVUQSBSb290IENBMB4XDTI1
125-
MDMyNjIxMzE1NloXDTI1MDcyNDIxMzE1NlowaDELMAkGA1UEBhMCVVMxCzAJBgNV
126-
BAgMAk1EMQ4wDAYDVQQKDAVDaXNjbzEOMAwGA1UECwwFVGFsb3MxLDAqBgNVBAMM
127-
I0NsYW1BViBCRVRBIEludGVybWVkaWF0ZSBTaWduaW5nIENBMIICIjANBgkqhkiG
128-
9w0BAQEFAAOCAg8AMIICCgKCAgEAoWtqsHZwNeHT5UkdP+AsH/O9OMvLe+zj8yAn
129-
HJkemYnQ9BHvshhsGyVAVRiwxOgDCmQwEfqyK2/LK7iqDCk2d2/PEjVnFOkCZa1u
130-
+/r5s6KcG9iQcBUQ0Ckrn0lr3HX7NDbozyIQA41+lyzGnL4pM7hruFSSoCiSoAzv
131-
RqYPlHrEUe+pkw9GQ2MdNvhRTL6PiQapBW/iQKm042nVIEgtsNgrJbGvCDuophiE
132-
DAVULUCg4b+vGCIth2mDiW3P018rAX3UTtssgLJ3JV9V4dTU/q16fCuz7zJzqvfy
133-
Q06u0yVpV8gLz4y9M9kFh517CeJZPwHSVK/EipfXS87ZrRVvIYriJCcDYC5tHd2+
134-
63ejTazWAUrU7Ia3tp0CPSp/4F8CD1jRC8t74v/p810Pb9ESd1+A55Zn3dcTLjzP
135-
t9Y2M1Vu5PhnCLvtmmFEJ7DiEQq5P/2lK5bkf15gxn2M1hlkef8CmOtT2zWfrKcC
136-
UZKFN5ojHvPEtssLfWXtUBCURw3MKjSnZf3ewMEBrOlPwgItsuvF+ObbzaqHkWOU
137-
QF4AC/EIBwSFec7IQ8/Jr2YxIOdYv91ry9SkieLAERUCyoDMlyo29n+cePJcNXDJ
138-
WG+VkSWI49fawA+4zV4un2fSFHTHMQmRhw2XnzDzchysmMHa8rONnjYhy+jZU0+Y
139-
LtitRK8CAwEAAaNVMFMwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
140-
HQYDVR0lBBYwFAYIKwYBBQUHAwkGCCsGAQUFBwMEMBEGCWCGSAGG+EIBAQQEAwIC
141-
BDANBgkqhkiG9w0BAQsFAAOCAgEATIwt+SKk3vaRMI5QrRsc+PHg5ZN7Vxx1tOE7
142-
8UMSwa9aAMShW26bB3SDaAF81EQlQTA0fXlZ9KzfSkQc8KLirB1gtYNIVahFZjFD
143-
nSoM3w4GXuXhHdeZLTNgL/I58Dwfw6j/hTR13Sc10qLzNrwXgM5giSlmDO6OHYLf
144-
pjMrR6n8KuOCsgfiijrf7TxOYdXD+N/S08b017mncTK/QunSmSXvDY1+DywXK7LG
145-
4DF/BoWvrlLps0wGfxqd7iHy4VOUc818ll3AtxpVVXLIE0+wxspqRnWq+RyddJTV
146-
h1A5NkpB6054ybadzu9oV3bmiaaCuetphI4k4mJtP00C6ipdz6B0agoMtTFcVGGW
147-
hskHwPS14GYlYyiePuxjpgSqA90wQH905YxVeR9BbVJyzpLtmhOuMGiABIZdu0Lj
148-
9mMg4ob1cngwNJFYNR3baAJ6Yd5hc+Je35bHWgITj2bfnQWZcenvbanPKINAjkjT
149-
j2o3tfCmE2Modo0/PTWU2O86FbysXGMKrmD6eG8eZw19IrRgPZUQk1pJ7jBYgeNc
150-
B2VGsgJ2MmwuLHkM99nBT1rkIFMI12h5NqhZ4s56j1AyIKe2arozVba9puiRwzax
151-
O6sf7tfU1N0omFPVGPdE3ejdYYggOZ4cU6tskit8CGqPmIudM6wSsca6e0VXoJ2b
152-
DEahIuE=
153-
-----END CERTIFICATE-----

libclamav_rust/Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ delharc = "0.6"
2929
clam-sigutil = { git = "https://github.com/Cisco-Talos/clamav-signature-util", tag = "1.2.0" }
3030
tar = "0.4.43"
3131
md5 = "0.7.0"
32-
openssl = "0.10.68"
32+
openssl = "0.10.70"
3333
glob = "0.3.1"
3434

3535
[features]

libclamav_rust/src/codesign.rs

Lines changed: 37 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -115,42 +115,45 @@ pub unsafe extern "C" fn codesign_sign_file(
115115
let signature_file_path_str = validate_str_param!(signature_file_path_str);
116116
let signature_file_path = Path::new(signature_file_path_str);
117117

118-
let cert_path_strs: &[*const i8] = std::slice::from_raw_parts(cert_paths_str, cert_paths_len);
118+
let cert_path_strs: &[*const c_char] =
119+
std::slice::from_raw_parts(cert_paths_str, cert_paths_len);
119120

120121
// now convert the cert_path_strs to a Vec<&Path>
121-
let cert_paths: Vec<PathBuf> = cert_path_strs
122-
.iter()
123-
.filter_map(|&path_str| -> Option<PathBuf> {
124-
let path_str = if path_str.is_null() {
125-
warn!("Intermiediate path string is NULL");
126-
return None;
127-
} else {
128-
#[allow(unused_unsafe)]
129-
match unsafe { CStr::from_ptr(path_str) }.to_str() {
130-
Err(e) => {
131-
warn!("Intermediate path string is not valid unicode: {}", e);
132-
return None;
133-
}
134-
Ok(s) => Some(s),
135-
}
136-
};
137-
138-
if let Some(path_str) = path_str {
139-
match Path::new(path_str).canonicalize() {
140-
Ok(path) => Some(path),
141-
Err(e) => {
142-
warn!(
143-
"Invalid intermediate certificate path: '{}' {}",
144-
path_str, e
145-
);
146-
None
147-
}
148-
}
149-
} else {
150-
None
122+
let mut cert_paths: Vec<PathBuf> = Vec::with_capacity(cert_paths_len);
123+
124+
for &path_str in cert_path_strs {
125+
if path_str.is_null() {
126+
return ffi_error!(
127+
err = err,
128+
Error::SignFailed("Intermediate certificate path is NULL".to_string())
129+
);
130+
}
131+
132+
#[allow(unused_unsafe)]
133+
let path_str = CStr::from_ptr(path_str)
134+
.to_str()
135+
.map_err(|e| {
136+
warn!("Intermediate path string is not valid unicode: {e}");
137+
ffi_error!(
138+
err = err,
139+
Error::SignFailed("Intermediate certificate path is NULL".to_string())
140+
)
141+
})
142+
.unwrap();
143+
144+
match Path::new(path_str).canonicalize() {
145+
Ok(path) => cert_paths.push(path),
146+
Err(e) => {
147+
warn!("Invalid intermediate certificate path: '{path_str}' {e}",);
148+
return ffi_error!(
149+
err = err,
150+
Error::SignFailed(format!(
151+
"Invalid intermediate certificate path: '{path_str}': {e}",
152+
))
153+
);
151154
}
152-
})
153-
.collect();
155+
}
156+
}
154157

155158
let signing_key_path_str = validate_str_param!(signing_key_path_str);
156159
let signing_key_path = match Path::new(signing_key_path_str).canonicalize() {
@@ -159,8 +162,7 @@ pub unsafe extern "C" fn codesign_sign_file(
159162
return ffi_error!(
160163
err = err,
161164
Error::SignFailed(format!(
162-
"Invalid signing key path '{}': {}",
163-
signing_key_path_str, e
165+
"Invalid signing key path '{signing_key_path_str}': {e}",
164166
))
165167
);
166168
}
@@ -372,7 +374,6 @@ pub unsafe extern "C" fn codesign_verifier_new(
372374
#[export_name = "codesign_verifier_free"]
373375
pub unsafe extern "C" fn codesign_verifier_free(verifier: *mut c_void) {
374376
if verifier.is_null() {
375-
return;
376377
} else {
377378
let _ = unsafe { Box::from_raw(verifier as *mut Verifier) };
378379
}

libclamav_rust/src/sys.rs

Lines changed: 31 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -384,36 +384,37 @@ pub const cli_file_CL_TYPE_EGG: cli_file = 553;
384384
pub const cli_file_CL_TYPE_ONENOTE: cli_file = 554;
385385
pub const cli_file_CL_TYPE_PYTHON_COMPILED: cli_file = 555;
386386
pub const cli_file_CL_TYPE_LHA_LZH: cli_file = 556;
387-
pub const cli_file_CL_TYPE_PART_ANY: cli_file = 557;
388-
pub const cli_file_CL_TYPE_PART_HFSPLUS: cli_file = 558;
389-
pub const cli_file_CL_TYPE_MBR: cli_file = 559;
390-
pub const cli_file_CL_TYPE_HTML: cli_file = 560;
391-
pub const cli_file_CL_TYPE_MAIL: cli_file = 561;
392-
pub const cli_file_CL_TYPE_SFX: cli_file = 562;
393-
pub const cli_file_CL_TYPE_ZIPSFX: cli_file = 563;
394-
pub const cli_file_CL_TYPE_RARSFX: cli_file = 564;
395-
pub const cli_file_CL_TYPE_7ZSFX: cli_file = 565;
396-
pub const cli_file_CL_TYPE_CABSFX: cli_file = 566;
397-
pub const cli_file_CL_TYPE_ARJSFX: cli_file = 567;
398-
pub const cli_file_CL_TYPE_EGGSFX: cli_file = 568;
399-
pub const cli_file_CL_TYPE_NULSFT: cli_file = 569;
400-
pub const cli_file_CL_TYPE_AUTOIT: cli_file = 570;
401-
pub const cli_file_CL_TYPE_ISHIELD_MSI: cli_file = 571;
402-
pub const cli_file_CL_TYPE_ISO9660: cli_file = 572;
403-
pub const cli_file_CL_TYPE_DMG: cli_file = 573;
404-
pub const cli_file_CL_TYPE_GPT: cli_file = 574;
405-
pub const cli_file_CL_TYPE_APM: cli_file = 575;
406-
pub const cli_file_CL_TYPE_XDP: cli_file = 576;
407-
pub const cli_file_CL_TYPE_XML_WORD: cli_file = 577;
408-
pub const cli_file_CL_TYPE_XML_XL: cli_file = 578;
409-
pub const cli_file_CL_TYPE_XML_HWP: cli_file = 579;
410-
pub const cli_file_CL_TYPE_HWPOLE2: cli_file = 580;
411-
pub const cli_file_CL_TYPE_MHTML: cli_file = 581;
412-
pub const cli_file_CL_TYPE_LNK: cli_file = 582;
413-
pub const cli_file_CL_TYPE_UDF: cli_file = 583;
414-
pub const cli_file_CL_TYPE_ALZ: cli_file = 584;
415-
pub const cli_file_CL_TYPE_OTHER: cli_file = 585;
416-
pub const cli_file_CL_TYPE_IGNORED: cli_file = 586;
387+
pub const cli_file_CL_TYPE_AI_MODEL: cli_file = 557;
388+
pub const cli_file_CL_TYPE_PART_ANY: cli_file = 558;
389+
pub const cli_file_CL_TYPE_PART_HFSPLUS: cli_file = 559;
390+
pub const cli_file_CL_TYPE_MBR: cli_file = 560;
391+
pub const cli_file_CL_TYPE_HTML: cli_file = 561;
392+
pub const cli_file_CL_TYPE_MAIL: cli_file = 562;
393+
pub const cli_file_CL_TYPE_SFX: cli_file = 563;
394+
pub const cli_file_CL_TYPE_ZIPSFX: cli_file = 564;
395+
pub const cli_file_CL_TYPE_RARSFX: cli_file = 565;
396+
pub const cli_file_CL_TYPE_7ZSFX: cli_file = 566;
397+
pub const cli_file_CL_TYPE_CABSFX: cli_file = 567;
398+
pub const cli_file_CL_TYPE_ARJSFX: cli_file = 568;
399+
pub const cli_file_CL_TYPE_EGGSFX: cli_file = 569;
400+
pub const cli_file_CL_TYPE_NULSFT: cli_file = 570;
401+
pub const cli_file_CL_TYPE_AUTOIT: cli_file = 571;
402+
pub const cli_file_CL_TYPE_ISHIELD_MSI: cli_file = 572;
403+
pub const cli_file_CL_TYPE_ISO9660: cli_file = 573;
404+
pub const cli_file_CL_TYPE_DMG: cli_file = 574;
405+
pub const cli_file_CL_TYPE_GPT: cli_file = 575;
406+
pub const cli_file_CL_TYPE_APM: cli_file = 576;
407+
pub const cli_file_CL_TYPE_XDP: cli_file = 577;
408+
pub const cli_file_CL_TYPE_XML_WORD: cli_file = 578;
409+
pub const cli_file_CL_TYPE_XML_XL: cli_file = 579;
410+
pub const cli_file_CL_TYPE_XML_HWP: cli_file = 580;
411+
pub const cli_file_CL_TYPE_HWPOLE2: cli_file = 581;
412+
pub const cli_file_CL_TYPE_MHTML: cli_file = 582;
413+
pub const cli_file_CL_TYPE_LNK: cli_file = 583;
414+
pub const cli_file_CL_TYPE_UDF: cli_file = 584;
415+
pub const cli_file_CL_TYPE_ALZ: cli_file = 585;
416+
pub const cli_file_CL_TYPE_OTHER: cli_file = 586;
417+
pub const cli_file_CL_TYPE_IGNORED: cli_file = 587;
417418
pub type cli_file = ::std::os::raw::c_uint;
418419
pub use self::cli_file as cli_file_t;
419420
#[repr(C)]

sigtool/sigtool.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -980,7 +980,7 @@ static int sign(const struct optstruct *opts)
980980
if (NULL == target) {
981981
mprintf(LOGG_ERROR, "sign: No target file specified.\n");
982982
mprintf(LOGG_ERROR, "To sign a file with sigtool, you must specify a target file and use the --key and --cert options.\n");
983-
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.pem --cert /path/to/intermediate.pem --cert /path/to/root-ca.pem\n");
983+
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.crt --cert /path/to/intermediate.crt --cert /path/to/root-ca.crt\n");
984984
goto done;
985985
}
986986

@@ -994,23 +994,23 @@ static int sign(const struct optstruct *opts)
994994
if (NULL == target) {
995995
mprintf(LOGG_ERROR, "sign: No private key specified.\n");
996996
mprintf(LOGG_ERROR, "To sign a file with sigtool, you must specify a target file and use the --key and --cert options.\n");
997-
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.pem --cert /path/to/intermediate.pem --cert /path/to/root-ca.pem\n");
997+
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.crt --cert /path/to/intermediate.crt --cert /path/to/root-ca.crt\n");
998998
goto done;
999999
}
10001000

10011001
opt = optget(opts, "cert");
10021002
if (NULL == opt) {
10031003
mprintf(LOGG_ERROR, "sign: No signing or intermediate certificates specified.\n");
10041004
mprintf(LOGG_ERROR, "To sign a file with sigtool, you must specify a target file and use the --key and --cert options.\n");
1005-
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.pem --cert /path/to/intermediate.pem --cert /path/to/root-ca.pem\n");
1005+
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.crt --cert /path/to/intermediate.crt --cert /path/to/root-ca.crt\n");
10061006
goto done;
10071007
}
10081008

10091009
while (opt) {
10101010
if (!opt->strarg) {
10111011
mprintf(LOGG_ERROR, "sign: The --cert option requires a path value to a signing or intermediate certificate.\n");
10121012
mprintf(LOGG_ERROR, "To sign a file with sigtool, you must specify a target file and use the --key and --cert options.\n");
1013-
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.pem --cert /path/to/intermediate.pem --cert /path/to/root-ca.pem\n");
1013+
mprintf(LOGG_ERROR, "For example: sigtool --sign myfile.cvd --key /path/to/private.key --cert /path/to/public.crt --cert /path/to/intermediate.crt --cert /path/to/root-ca.crt\n");
10141014
goto done;
10151015
}
10161016

unit_tests/CMakeLists.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -264,7 +264,7 @@ set(ENVIRONMENT
264264
CK_DEFAULT_TIMEOUT=300
265265
LD_LIBRARY_PATH=${LD_LIBRARY_PATH}
266266
DYLD_LIBRARY_PATH=${LD_LIBRARY_PATH}
267-
CVD_CERTS_DIR=${CMAKE_SOURCE_DIR}/unit_tests/input/signing/public
267+
CVD_CERTS_DIR=${CMAKE_SOURCE_DIR}/unit_tests/input/signing/verify
268268
PATH=${NEW_PATH}
269269
LIBSSL=${LIBSSL}
270270
LIBCRYPTO=${LIBCRYPTO}

unit_tests/input/CMakeLists.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ set(ENCRYPTED_TESTFILES
5757
clamav_hdb_scanfiles/clam.exe.2007.one
5858
clamav_hdb_scanfiles/clam.exe.2010.one
5959
clamav_hdb_scanfiles/clam.exe.webapp-export.one
60-
signing/private/signing-test.key
60+
signing/sign/signing-test.key
6161
)
6262

6363
if(ENABLE_UNRAR)
@@ -69,7 +69,7 @@ endif()
6969

7070
add_custom_target(tgt_build_unit_tests_directories ALL
7171
COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/clamav_hdb_scanfiles
72-
COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/signing/private
72+
COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/signing/sign
7373
)
7474

7575
# Decrypt test file

0 commit comments

Comments
 (0)