[PATCH 0/7] Split fsverity-utils into a shared library

[Jes Sorensen <jes.sorensen@gmail.com>]

From: Jes Sorensen <jsorensen@fb.com>

Hi,

I am looking at what it will take to add support for fsverity
signatures to rpm, similar to how rpm supports IMA signatures.

In order to do so, it makes sense to split the fsverity util into a
shared library and the command line tool, so the core functions can be
used from other applciations. Alternatively I will have to copy over a
good chunk of the code into rpm, which makes it nasty to support long
term.

This is a first stab at doing that, and I'd like to get some feedback
on the approach.

I basically split it into four functions:

fsverity_cmd_gen_digest(): Build the digest, but do not sign it
fsverity_cmd_sign():       Sign the digest structure
fsverity_cmd_measure():    Measure a file, basically 'fsverity measure'
fsverity_cmd_enable():     Enable verity on a file, basically 'fsverity enable'

If we can agree on the approach, then I am happy to deal with the full
libtoolification etc.

Jes


Jes Sorensen (7):
  Build basic shared library
  Restructure fsverity_cmd_sign for shared libraries
  Make fsverity_cmd_measure() a library function
  Make fsverity_cmd_enable a library call()
  Rename commands.h to fsverity.h
  Move cmdline helper functions to fsverity.c
  cmd_sign: fsverity_cmd_sign() into two functions

 Makefile      |  18 ++-
 cmd_enable.c  | 133 +------------------
 cmd_measure.c |  51 ++------
 cmd_sign.c    | 168 ++++++------------------
 commands.h    |  24 ----
 fsverity.c    | 345 +++++++++++++++++++++++++++++++++++++++++++++++---
 fsverity.h    |  38 ++++++
 util.c        |  13 ++
 8 files changed, 446 insertions(+), 344 deletions(-)
 delete mode 100644 commands.h
 create mode 100644 fsverity.h

-- 
2.24.1