public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options
@ 2018-03-27  5:48 Liming Gao
  2018-03-27  7:56 ` Zhu, Yonghong
  0 siblings, 1 reply; 5+ messages in thread
From: Liming Gao @ 2018-03-27  5:48 UTC (permalink / raw)
  To: edk2-devel; +Cc: Liao Jui-peng, Michael Kinney, Yonghong Zhu

sha256 is not the standard option. It should be replaced by sha -sha256.
Otherwise, it doesn't work in MAC OS.

In V2, update the option to sha1 -sha256.
In late openssl version >= 1.1, there is no sha option, but has sha1,sha256.
In previous openssl version < 1.1, there is no sha256, but has sha,sha1.
To work with all openssl version, use sha1 -sha256 for it.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liao Jui-peng <jui-pengx.liao@intel.com>
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
---
 BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
index 1ae6ebb..4188f8e 100644
--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
@@ -176,7 +176,7 @@ if __name__ == '__main__':
     # 
     # Sign the input file using the specified private key and capture signature from STDOUT
     #
-    Process = subprocess.Popen('%s sha256 -sign "%s"' % (OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+    Process = subprocess.Popen('%s sha1 -sha256 -sign "%s"' % (OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
     Signature = Process.communicate(input=FullInputFileBuffer)[0]
     if Process.returncode <> 0:
       sys.exit(Process.returncode)
@@ -225,7 +225,7 @@ if __name__ == '__main__':
     #
     # Verify signature
     #    
-    Process = subprocess.Popen('%s sha256 -prverify "%s" -signature %s' % (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+    Process = subprocess.Popen('%s sha1 -sha256 -prverify "%s" -signature %s' % (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
     Process.communicate(input=FullInputFileBuffer)
     if Process.returncode <> 0:
       print 'ERROR: Verification failed'
-- 
2.8.0.windows.1



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options
  2018-03-27  5:48 [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options Liming Gao
@ 2018-03-27  7:56 ` Zhu, Yonghong
  2018-03-27  8:33   ` Long, Qin
  0 siblings, 1 reply; 5+ messages in thread
From: Zhu, Yonghong @ 2018-03-27  7:56 UTC (permalink / raw)
  To: Gao, Liming, edk2-devel@lists.01.org
  Cc: Liao, Jui-pengX, Kinney, Michael D, Zhu, Yonghong

Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com> 

Best Regards,
Zhu Yonghong


-----Original Message-----
From: Gao, Liming 
Sent: Tuesday, March 27, 2018 1:48 PM
To: edk2-devel@lists.01.org
Cc: Liao, Jui-pengX <jui-pengx.liao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Zhu, Yonghong <yonghong.zhu@intel.com>
Subject: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options

sha256 is not the standard option. It should be replaced by sha -sha256.
Otherwise, it doesn't work in MAC OS.

In V2, update the option to sha1 -sha256.
In late openssl version >= 1.1, there is no sha option, but has sha1,sha256.
In previous openssl version < 1.1, there is no sha256, but has sha,sha1.
To work with all openssl version, use sha1 -sha256 for it.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liao Jui-peng <jui-pengx.liao@intel.com>
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
---
 BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
index 1ae6ebb..4188f8e 100644
--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
@@ -176,7 +176,7 @@ if __name__ == '__main__':
     # 
     # Sign the input file using the specified private key and capture signature from STDOUT
     #
-    Process = subprocess.Popen('%s sha256 -sign "%s"' % (OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+    Process = subprocess.Popen('%s sha1 -sha256 -sign "%s"' % (OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
     Signature = Process.communicate(input=FullInputFileBuffer)[0]
     if Process.returncode <> 0:
       sys.exit(Process.returncode)
@@ -225,7 +225,7 @@ if __name__ == '__main__':
     #
     # Verify signature
     #    
-    Process = subprocess.Popen('%s sha256 -prverify "%s" -signature %s' % (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+    Process = subprocess.Popen('%s sha1 -sha256 -prverify "%s" -signature %s' % (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
     Process.communicate(input=FullInputFileBuffer)
     if Process.returncode <> 0:
       print 'ERROR: Verification failed'
-- 
2.8.0.windows.1



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options
  2018-03-27  7:56 ` Zhu, Yonghong
@ 2018-03-27  8:33   ` Long, Qin
  2018-03-27  8:49     ` Gao, Liming
  0 siblings, 1 reply; 5+ messages in thread
From: Long, Qin @ 2018-03-27  8:33 UTC (permalink / raw)
  To: Zhu, Yonghong, Gao, Liming, edk2-devel@lists.01.org
  Cc: Kinney, Michael D, Liao, Jui-pengX

This ("sha1 -sha256") looks a little odd. 
Could we try "openssl dgst -sha256 ...."?


Best Regards & Thanks,
LONG, Qin

-----Original Message-----
From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Zhu, Yonghong
Sent: Tuesday, March 27, 2018 3:56 PM
To: Gao, Liming <liming.gao@intel.com>; edk2-devel@lists.01.org
Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liao, Jui-pengX <jui-pengx.liao@intel.com>
Subject: Re: [edk2] [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options

Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com> 

Best Regards,
Zhu Yonghong


-----Original Message-----
From: Gao, Liming 
Sent: Tuesday, March 27, 2018 1:48 PM
To: edk2-devel@lists.01.org
Cc: Liao, Jui-pengX <jui-pengx.liao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Zhu, Yonghong <yonghong.zhu@intel.com>
Subject: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options

sha256 is not the standard option. It should be replaced by sha -sha256.
Otherwise, it doesn't work in MAC OS.

In V2, update the option to sha1 -sha256.
In late openssl version >= 1.1, there is no sha option, but has sha1,sha256.
In previous openssl version < 1.1, there is no sha256, but has sha,sha1.
To work with all openssl version, use sha1 -sha256 for it.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liao Jui-peng <jui-pengx.liao@intel.com>
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
---
 BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
index 1ae6ebb..4188f8e 100644
--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
@@ -176,7 +176,7 @@ if __name__ == '__main__':
     # 
     # Sign the input file using the specified private key and capture signature from STDOUT
     #
-    Process = subprocess.Popen('%s sha256 -sign "%s"' % (OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+    Process = subprocess.Popen('%s sha1 -sha256 -sign "%s"' % (OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
     Signature = Process.communicate(input=FullInputFileBuffer)[0]
     if Process.returncode <> 0:
       sys.exit(Process.returncode)
@@ -225,7 +225,7 @@ if __name__ == '__main__':
     #
     # Verify signature
     #    
-    Process = subprocess.Popen('%s sha256 -prverify "%s" -signature %s' % (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+    Process = subprocess.Popen('%s sha1 -sha256 -prverify "%s" -signature %s' % (OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
     Process.communicate(input=FullInputFileBuffer)
     if Process.returncode <> 0:
       print 'ERROR: Verification failed'
-- 
2.8.0.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options
  2018-03-27  8:33   ` Long, Qin
@ 2018-03-27  8:49     ` Gao, Liming
  2018-03-27  9:16       ` Liao, Jui-pengX
  0 siblings, 1 reply; 5+ messages in thread
From: Gao, Liming @ 2018-03-27  8:49 UTC (permalink / raw)
  To: Long, Qin, Zhu, Yonghong, edk2-devel@lists.01.org
  Cc: Kinney, Michael D, Liao, Jui-pengX

Qin:
  Thanks for your suggestion. It also work. I agree this style is better. 

Thanks
Liming
>-----Original Message-----
>From: Long, Qin
>Sent: Tuesday, March 27, 2018 4:33 PM
>To: Zhu, Yonghong <yonghong.zhu@intel.com>; Gao, Liming
><liming.gao@intel.com>; edk2-devel@lists.01.org
>Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liao, Jui-pengX <jui-
>pengx.liao@intel.com>
>Subject: RE: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl
>standard options
>
>This ("sha1 -sha256") looks a little odd.
>Could we try "openssl dgst -sha256 ...."?
>
>
>Best Regards & Thanks,
>LONG, Qin
>
>-----Original Message-----
>From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Zhu,
>Yonghong
>Sent: Tuesday, March 27, 2018 3:56 PM
>To: Gao, Liming <liming.gao@intel.com>; edk2-devel@lists.01.org
>Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liao, Jui-pengX <jui-
>pengx.liao@intel.com>
>Subject: Re: [edk2] [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use
>openssl standard options
>
>Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com>
>
>Best Regards,
>Zhu Yonghong
>
>
>-----Original Message-----
>From: Gao, Liming
>Sent: Tuesday, March 27, 2018 1:48 PM
>To: edk2-devel@lists.01.org
>Cc: Liao, Jui-pengX <jui-pengx.liao@intel.com>; Kinney, Michael D
><michael.d.kinney@intel.com>; Zhu, Yonghong <yonghong.zhu@intel.com>
>Subject: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl
>standard options
>
>sha256 is not the standard option. It should be replaced by sha -sha256.
>Otherwise, it doesn't work in MAC OS.
>
>In V2, update the option to sha1 -sha256.
>In late openssl version >= 1.1, there is no sha option, but has sha1,sha256.
>In previous openssl version < 1.1, there is no sha256, but has sha,sha1.
>To work with all openssl version, use sha1 -sha256 for it.
>
>Contributed-under: TianoCore Contribution Agreement 1.1
>Signed-off-by: Liao Jui-peng <jui-pengx.liao@intel.com>
>Signed-off-by: Liming Gao <liming.gao@intel.com>
>Cc: Michael Kinney <michael.d.kinney@intel.com>
>Cc: Yonghong Zhu <yonghong.zhu@intel.com>
>---
> BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
>diff --git
>a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>index 1ae6ebb..4188f8e 100644
>--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>@@ -176,7 +176,7 @@ if __name__ == '__main__':
>     #
>     # Sign the input file using the specified private key and capture signature
>from STDOUT
>     #
>-    Process = subprocess.Popen('%s sha256 -sign "%s"' % (OpenSslCommand,
>args.PrivateKeyFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE,
>stderr=subprocess.PIPE, shell=True)
>+    Process = subprocess.Popen('%s sha1 -sha256 -sign "%s"' %
>(OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE,
>stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
>     Signature = Process.communicate(input=FullInputFileBuffer)[0]
>     if Process.returncode <> 0:
>       sys.exit(Process.returncode)
>@@ -225,7 +225,7 @@ if __name__ == '__main__':
>     #
>     # Verify signature
>     #
>-    Process = subprocess.Popen('%s sha256 -prverify "%s" -signature %s' %
>(OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName),
>stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
>shell=True)
>+    Process = subprocess.Popen('%s sha1 -sha256 -prverify "%s" -
>signature %s' % (OpenSslCommand, args.PrivateKeyFileName,
>args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE,
>stderr=subprocess.PIPE, shell=True)
>     Process.communicate(input=FullInputFileBuffer)
>     if Process.returncode <> 0:
>       print 'ERROR: Verification failed'
>--
>2.8.0.windows.1
>
>_______________________________________________
>edk2-devel mailing list
>edk2-devel@lists.01.org
>https://lists.01.org/mailman/listinfo/edk2-devel


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options
  2018-03-27  8:49     ` Gao, Liming
@ 2018-03-27  9:16       ` Liao, Jui-pengX
  0 siblings, 0 replies; 5+ messages in thread
From: Liao, Jui-pengX @ 2018-03-27  9:16 UTC (permalink / raw)
  To: Gao, Liming, Long, Qin, Zhu, Yonghong, edk2-devel@lists.01.org
  Cc: Kinney, Michael D, Liao, Jui-pengX

Hi all,
The "openssl dgst -sha256" is working as well.

[configuration]
Xcode 9
Openssl 0.9.8zh 14 Jan 2016

Best regards
George Liao
-----Original Message-----
From: Gao, Liming 
Sent: Tuesday, March 27, 2018 4:49 PM
To: Long, Qin <qin.long@intel.com>; Zhu, Yonghong <yonghong.zhu@intel.com>; edk2-devel@lists.01.org
Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liao, Jui-pengX <jui-pengx.liao@intel.com>
Subject: RE: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options

Qin:
  Thanks for your suggestion. It also work. I agree this style is better. 

Thanks
Liming
>-----Original Message-----
>From: Long, Qin
>Sent: Tuesday, March 27, 2018 4:33 PM
>To: Zhu, Yonghong <yonghong.zhu@intel.com>; Gao, Liming 
><liming.gao@intel.com>; edk2-devel@lists.01.org
>Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liao, Jui-pengX 
><jui- pengx.liao@intel.com>
>Subject: RE: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use 
>openssl standard options
>
>This ("sha1 -sha256") looks a little odd.
>Could we try "openssl dgst -sha256 ...."?
>
>
>Best Regards & Thanks,
>LONG, Qin
>
>-----Original Message-----
>From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of 
>Zhu, Yonghong
>Sent: Tuesday, March 27, 2018 3:56 PM
>To: Gao, Liming <liming.gao@intel.com>; edk2-devel@lists.01.org
>Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liao, Jui-pengX 
><jui- pengx.liao@intel.com>
>Subject: Re: [edk2] [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to 
>use openssl standard options
>
>Reviewed-by: Yonghong Zhu <yonghong.zhu@intel.com>
>
>Best Regards,
>Zhu Yonghong
>
>
>-----Original Message-----
>From: Gao, Liming
>Sent: Tuesday, March 27, 2018 1:48 PM
>To: edk2-devel@lists.01.org
>Cc: Liao, Jui-pengX <jui-pengx.liao@intel.com>; Kinney, Michael D 
><michael.d.kinney@intel.com>; Zhu, Yonghong <yonghong.zhu@intel.com>
>Subject: [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl 
>standard options
>
>sha256 is not the standard option. It should be replaced by sha -sha256.
>Otherwise, it doesn't work in MAC OS.
>
>In V2, update the option to sha1 -sha256.
>In late openssl version >= 1.1, there is no sha option, but has sha1,sha256.
>In previous openssl version < 1.1, there is no sha256, but has sha,sha1.
>To work with all openssl version, use sha1 -sha256 for it.
>
>Contributed-under: TianoCore Contribution Agreement 1.1
>Signed-off-by: Liao Jui-peng <jui-pengx.liao@intel.com>
>Signed-off-by: Liming Gao <liming.gao@intel.com>
>Cc: Michael Kinney <michael.d.kinney@intel.com>
>Cc: Yonghong Zhu <yonghong.zhu@intel.com>
>---
> BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py | 4 
>++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
>diff --git
>a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>index 1ae6ebb..4188f8e 100644
>--- a/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>+++ b/BaseTools/Source/Python/Rsa2048Sha256Sign/Rsa2048Sha256Sign.py
>@@ -176,7 +176,7 @@ if __name__ == '__main__':
>     #
>     # Sign the input file using the specified private key and capture 
>signature from STDOUT
>     #
>-    Process = subprocess.Popen('%s sha256 -sign "%s"' % (OpenSslCommand,
>args.PrivateKeyFileName), stdin=subprocess.PIPE, 
>stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
>+    Process = subprocess.Popen('%s sha1 -sha256 -sign "%s"' %
>(OpenSslCommand, args.PrivateKeyFileName), stdin=subprocess.PIPE, 
>stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
>     Signature = Process.communicate(input=FullInputFileBuffer)[0]
>     if Process.returncode <> 0:
>       sys.exit(Process.returncode)
>@@ -225,7 +225,7 @@ if __name__ == '__main__':
>     #
>     # Verify signature
>     #
>-    Process = subprocess.Popen('%s sha256 -prverify "%s" -signature %s' %
>(OpenSslCommand, args.PrivateKeyFileName, args.OutputFileName), 
>stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
>shell=True)
>+    Process = subprocess.Popen('%s sha1 -sha256 -prverify "%s" -
>signature %s' % (OpenSslCommand, args.PrivateKeyFileName, 
>args.OutputFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, 
>stderr=subprocess.PIPE, shell=True)
>     Process.communicate(input=FullInputFileBuffer)
>     if Process.returncode <> 0:
>       print 'ERROR: Verification failed'
>--
>2.8.0.windows.1
>
>_______________________________________________
>edk2-devel mailing list
>edk2-devel@lists.01.org
>https://lists.01.org/mailman/listinfo/edk2-devel


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2018-03-27  9:09 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-03-27  5:48 [PATCH v2] BaseTools: Update Rsa2048Sha256Sign to use openssl standard options Liming Gao
2018-03-27  7:56 ` Zhu, Yonghong
2018-03-27  8:33   ` Long, Qin
2018-03-27  8:49     ` Gao, Liming
2018-03-27  9:16       ` Liao, Jui-pengX

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox