diff options
| author |   Lianhao Lu <lianhao.lu@intel.com> | 2019-11-21 18:33:20 +0800 |
|---|---|---|
| committer | Lianhao Lu <lianhao.lu@intel.com> | 2019-11-21 18:33:20 +0800 |
| commit | 6bdd924968ceccf33a86482aa720609d1c156741 (patch) | |
| tree | bdef91fe375e86f193a9718db6ee1cf50092bf33 | |
| parent | 9003bbf2d379d446bf1c08ebd11a4c591be097ed (diff) | |
Support new version of openssl
1. Support new version of openssl >= 1.1.1.
2. Add a blank line between digest and signature section per spec
SOL004.
Issue-ID: VNFSDK-519
Change-Id: I92873897805ab627a31eb5c09450e33b2f091db5
Signed-off-by: Lianhao Lu <lianhao.lu@intel.com>
| -rw-r--r-- | vnfsdk_pkgtools/packager/manifest.py | 7 | ||||
| -rw-r--r-- | vnfsdk_pkgtools/packager/utils.py | 6 |
2 files changed, 7 insertions, 6 deletions
diff --git a/vnfsdk_pkgtools/packager/manifest.py b/vnfsdk_pkgtools/packager/manifest.py index b2d0804..5066f45 100644 --- a/vnfsdk_pkgtools/packager/manifest.py +++ b/vnfsdk_pkgtools/packager/manifest.py @@ -159,9 +159,11 @@ class Manifest(object): ret += "Source: %s\n" % key ret += "Algorithm: %s\n" % digest[0] ret += "Hash: %s\n" % digest[1] + if self.digests: + # empty line between digest and signature section + ret += "\n" # signature if self.signature: - ret += "\n" ret += self.signature return ret @@ -190,8 +192,7 @@ class Manifest(object): elif not skip: lines.append(line) # strip trailing empty lines - content = ''.join(lines).rstrip(' \n\t') - content += '\n' + content = ''.join(lines) tmpfile = tempfile.NamedTemporaryFile(mode='w',delete=False) tmpfile.write(content) tmpfile.close() diff --git a/vnfsdk_pkgtools/packager/utils.py b/vnfsdk_pkgtools/packager/utils.py index 06143c6..f16a961 100644 --- a/vnfsdk_pkgtools/packager/utils.py +++ b/vnfsdk_pkgtools/packager/utils.py @@ -79,7 +79,7 @@ def _run_cmd(cmd, **kwargs): def sign(msg_file, cert_file, key_file): - args = ["openssl", "cms", "-sign", "-binary", "-nocerts"] + args = ["openssl", "cms", "-sign", "-binary"] kwargs = { '-in': os.path.abspath(msg_file), '-signer': os.path.abspath(cert_file), @@ -91,9 +91,9 @@ def sign(msg_file, cert_file, key_file): def verify(msg_file, cert_file, cms, no_verify_cert=False): - args = ["openssl", "cms", "-verify"] + args = ["openssl", "cms", "-verify", "-binary"] if no_verify_cert: - args.append("-no_signer_cert_verify") + args.append("-noverify") with tempfile.NamedTemporaryFile(mode='w') as f: f.write(cms) |