6571429 Man pages needed for signit and signproto

3 files changed, 171 insertions, 2 deletions

diff --git a/usr/src/tools/codesign/Makefile b/usr/src/tools/codesign/Makefile
index b3bac31d9b..5736069f30 100644
--- a/usr/src/tools/codesign/Makefile
+++ b/usr/src/tools/codesign/Makefile
@@ -31,18 +31,24 @@ SHFILES= \
 PERLFILES= \
 	signit
 
+MAN1FILES= \
+	signit.1 \
+	signproto.1
+
 CLEANFILES = $(SHFILES) $(PERLFILES)
 
 include ../Makefile.tools
 
 OWNER=		root
 GROUP=		bin
+$(ROOTONBLDMAN1FILES) := FILEMODE=	644
 
 .KEEP_STATE:
 
-all:	$(SHFILES) $(PERLFILES)
+all:	$(SHFILES) $(PERLFILES) $(MAN1FILES)
 
-install: all .WAIT $(ROOTONBLDSHFILES) $(ROOTONBLDPERLFILES)
+install: all .WAIT $(ROOTONBLDSHFILES) $(ROOTONBLDPERLFILES) \
+		$(ROOTONBLDMAN1FILES)
 
 clean:
 	$(RM) $(CLEANFILES)
diff --git a/usr/src/tools/codesign/signit.1 b/usr/src/tools/codesign/signit.1
new file mode 100644
index 0000000000..fb9e6f8817
--- /dev/null
+++ b/usr/src/tools/codesign/signit.1
@@ -0,0 +1,88 @@
+.\"
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
+.\" Use is subject to license terms.
+.\"
+.\" ident	"%Z%%M%	%I%	%E% SMI"
+.TH signit 1 "13 June 2007"
+.SH NAME
+.I signit
+\- sign files using code signing server
+.SH SYNOPSIS
+\fBsignit [-q] [-i dir] [-o dir] [-l user]\fP
+.LP
+.SH DESCRIPTION
+.IX "OS-Net build tools" "signit" "" "\fBsignit\fP"
+.LP
+.I signit
+is the client program for use with Sun's code signing server. It
+reads a list of signing credential names and relative pathnames
+from standard input. Each file is read from the input directory,
+sent to the signing server, signed with the specified credential,
+and written to the output directory.
+.LP
+.SH OPTIONS
+.LP
+The following options are supported:
+.TP 4
+.B \-q
+Quiet operation: This option suppresses printing the names of files
+that are signed successfully.
+.LP
+.TP 4
+.B -i \fIdir\fP
+Specifies the base input directory from which the relative pathnames
+of files to be signed are interpreted. If not specified, the
+input directory defaults to the current directory.
+.LP
+.TP 4
+.B -o \fIdir\fP
+Specifies the base output directory to which signed files
+are written.  If not specified, the
+output directory matches the input directory.
+.LP
+.TP 4
+.B -l \fIuser\fP
+Specifies the user login name on the code signing server. If not
+specified, the login name of the user running
+.I signit
+is used.
+.LP
+.SH ENVIRONMENT
+.LP
+.TP 4
+.B CODESIGN_SERVER
+Specifies the hostname or IP address of the code signing server. If
+this variable is not set, it defaults to quill.sfbay.
+.LP
+.SH EXIT STATUS
+.LP
+The following exit status values are returned:
+.IP "\fB0\fR" 4
+.IX Item "0"
+All specified files were signed successfully.
+.IP "\fB1\fR" 4
+.IX Item "1"
+One or more files were not signed successfully.
+.LP
+.SH SEE ALSO
+.LP
+signproto(1)
diff --git a/usr/src/tools/codesign/signproto.1 b/usr/src/tools/codesign/signproto.1
new file mode 100644
index 0000000000..61ecad35a5
--- /dev/null
+++ b/usr/src/tools/codesign/signproto.1
@@ -0,0 +1,75 @@
+.\"
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
+.\" Use is subject to license terms.
+.\"
+.\" ident	"%Z%%M%	%I%	%E% SMI"
+.TH signproto 1 "13 June 2007"
+.SH NAME
+.I signproto
+\- sign ELF objects in proto area
+.SH SYNOPSIS
+\fBsignproto \fIcred_file\fP
+.LP
+.SH DESCRIPTION
+.IX "OS-Net build tools" "signproto" "" "\fBsignproto\fP"
+.LP
+.I signproto
+finds ELF objects in the ON proto area and re-signs them
+using 
+.IR signit (1).
+This operation is normally invoked only for
+release builds, as it replaces the internal development
+signatures with official Sun signatures. The actual signing using
+Sun's private key is performed by a code signing server which
+is accessed via
+.IR signit .
+.LP
+Cryptographic modules are identified by examining the signature
+embedded by
+.IR elfsign (1)
+during the build process. 
+.I signproto
+requires a single command-line argument, which is a file containing
+the mapping between each signing server credential name and the Subject
+Distinguished Name (DN) of the certificate used to 
+sign the ELF file. Each line in the file contains a credential name
+followed by a regular expression. The first regular expression that
+matches the Subject DN embedded in the ELF file determines the 
+credential name passed to
+.I signit
+to re-sign the file.
+.LP
+.SH ENVIRONMENT
+.LP
+.TP 4
+.B CODESIGN_USER
+Login name for the code signing server passed to
+.I signit .
+If this variable is not set, the value in LOGNAME is used instead.
+.LP
+.TP 4
+.B ROOT
+Location of ON proto area containing files to be signed.
+.LP
+.SH SEE ALSO
+.LP
+signit(1), elfsign(1)