[libcamera-devel] [PATCH v2 2/2] apps: Add ipa-verify application

Javier Martinez Canillas javierm at redhat.com
Wed Jul 5 02:05:13 CEST 2023

Laurent Pinchart via libcamera-devel <libcamera-devel at lists.libcamera.org>

> When packaging libcamera, distributions may break IPA module signatures
> if the packaging process strips binaries. This can be fixed by resigning
> the modules, but the process is error-prone.
> Add a command line ipa-verify utility that tests the signature on an IPA
> module to help packagers. The tool takes a single argument, the path to
> an IPA module shared object, and expects the signature file (.sign) to
> be in the same directory.
> In order to access the public key needed for signature verification, add
> a static function to the IPAManager class. As the class is internal to
> libcamera, this doesn't affect the public API.
> Signed-off-by: Laurent Pinchart <laurent.pinchart at ideasonboard.com>
> Reviewed-by: Umang Jain <umang.jain at ideasonboard.com>
> ---

I used this tool to verify that the libcamera fedora packages IPA modules
were properly signed. I can confirm that it is very useful for packagers.

Tested-by: Javier Martinez Canillas <javierm at redhat.com>

Best regards,

Javier Martinez Canillas
Core Platforms
Red Hat

More information about the libcamera-devel mailing list