mirror of https://github.com/ericonr/sbctl.git
sbctl/create-keys: Move up the GUID logic
We also make a helper for creating directories in a proper way Signed-off-by: Morten Linderud <morten@linderud.pw>
This commit is contained in:
Morten Linderud
parent
091b831f0b
commit
0781f6bb98
|
|
@ -12,6 +12,14 @@ var createKeysCmd = &cobra.Command{
|
|||
Use: "create-keys",
|
||||
Short: "Create a set of secure boot signing keys",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
if err := sbctl.CreateDirectory(sbctl.KeysPath); err != nil {
|
||||
return err
|
||||
}
|
||||
uuid, err := sbctl.CreateGUID(sbctl.DatabasePath)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
logging.Print("Using Owner UUID %s\n", uuid)
|
||||
if !sbctl.CheckIfKeysInitialized(sbctl.KeysPath) {
|
||||
logging.Print("Creating secure boot keys...")
|
||||
err := sbctl.InitializeSecureBootKeys(sbctl.DatabasePath)
|
||||
|
|
|
|||
14
keys.go
14
keys.go
|
|
@ -225,6 +225,7 @@ var SecureBootKeys = []struct {
|
|||
// },
|
||||
}
|
||||
|
||||
// Check if we have already intialized keys in the given output directory
|
||||
func CheckIfKeysInitialized(output string) bool {
|
||||
for _, key := range SecureBootKeys {
|
||||
path := filepath.Join(output, key.Key)
|
||||
|
|
@ -235,14 +236,15 @@ func CheckIfKeysInitialized(output string) bool {
|
|||
return true
|
||||
}
|
||||
|
||||
// Initialize the secure boot keys needed to setup secure boot.
|
||||
// It creates the following keys:
|
||||
// * Platform Key (PK)
|
||||
// * Key Exchange Key (KEK)
|
||||
// * db (database)
|
||||
func InitializeSecureBootKeys(output string) error {
|
||||
os.MkdirAll(output, os.ModePerm)
|
||||
uuid, err := CreateGUID(output)
|
||||
if err != nil {
|
||||
return err
|
||||
if CheckIfKeysInitialized(output) {
|
||||
return nil
|
||||
}
|
||||
logging.Print("Using Owner UUID %s\n", uuid)
|
||||
// Create the directories we need and keys
|
||||
for _, key := range SecureBootKeys {
|
||||
path := filepath.Join(output, "keys", key.Key)
|
||||
os.MkdirAll(path, os.ModePerm)
|
||||
|
|
|
|||
13
util.go
13
util.go
|
|
@ -22,6 +22,19 @@ func ChecksumFile(file string) (string, error) {
|
|||
return hex.EncodeToString(hasher.Sum(nil)), nil
|
||||
}
|
||||
|
||||
func CreateDirectory(path string) error {
|
||||
if _, err := os.Stat(path); errors.Is(err, os.ErrExist) {
|
||||
return nil
|
||||
} else if errors.Is(err, os.ErrNotExist) {
|
||||
} else if err != nil {
|
||||
return err
|
||||
}
|
||||
if err := os.MkdirAll(path, os.ModePerm); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func ReadOrCreateFile(filePath string) ([]byte, error) {
|
||||
// Try to access or create the file itself
|
||||
f, err := os.ReadFile(filePath)
|
||||
|
|
|
|||
Loading…
Reference in New Issue