wlitool.1 (2011 03)

wlitool(1)

Optional WLI Product Required

wlitool(1)

legitimate values:

mem ability to read/write from/to

/dev/mem and /dev/kmem.

wmd ability to read and write WLI metadata

dlkm ability to load dlkm modules

api ability to invoke libwliapi.so functions

For more information on capabilities, see wli (5)

-p src:val The passphrase source for privkey . For more information on passphrase source

syntax, see wli (5).

RETURN VALUE

wlitool returns the following:

Failure A message and non-zero exit code.

Success An exit code of 0.

EXAMPLES

Sign the executable joecmd with user Joe’s private key

/home/joe/joe1.pvt

. The passphrase is

held by environment variable

PASS.

% wlitool -k /home/joe/joe1.pvt -p env:PASS joecmd

Verify the signature of signed executable joecmd. The public key extracted from

/home/joe/joe1.pvt

is /home/joe/joe1.pub.

% wlisign -v -c /home/joe/joe1.pub joecmd

Sign the executable joecmd1 with user Joe’s private key /home/joe/joe1.pvt

and product ID ABC

commands. Omit the -p option so that the passphrase is prompted for through device /dev/tty

% echo "ABC commands" > /tmp/abcprod

% wlitool -k /home/joe/joe1.pvt -g /tmp/abcprod joecmd1

Sign the executable joecmd2 with Joe’s private key /home/joe/joe1.pvt

and api capability, tak-

ing the passphrase from ﬁle

passfile. This enables joecmd2 to execute functions contained within

libwliapi.so. Consult libwliapi (3) for details on libwliapi functions.

% wlitool -k /home/joe/joe1.pvt -o api -p file:passfile joecmd2

Display the signature metadata for the signed executables. This will display optional content like product

ID and capabilities as well as required content like the signature owner.

% wlisign -l -c /home/joe/joe1.pub joecmd

% wlisign -l -c /home/joe/joe1.pub joecmd1

% wlisign -l -c /home/joe/joe1.pub joecmd2

AUTHOR

wlitool was developed by HP.