mirror of https://github.com/ericonr/sbctl.git
Merge commit 'refs/pull/75/head' of github.com:Foxboron/sbctl
This commit is contained in:
commit
faf366f5e7
2
go.mod
2
go.mod
|
@ -5,7 +5,7 @@ go 1.16
|
|||
require (
|
||||
github.com/anatol/vmtest v0.0.0-20210225191124-26540db15d49
|
||||
github.com/fatih/color v1.12.0
|
||||
github.com/foxboron/go-uefi v0.0.0-20210602193603-8589bbab9380
|
||||
github.com/foxboron/go-uefi v0.0.0-20210611230104-7a6a29e36155
|
||||
github.com/google/uuid v1.2.0
|
||||
github.com/mattn/go-isatty v0.0.13 // indirect
|
||||
github.com/spf13/cobra v1.1.3
|
||||
|
|
2
go.sum
2
go.sum
|
@ -43,6 +43,8 @@ github.com/fatih/color v1.12.0 h1:mRhaKNwANqRgUBGKmnI5ZxEk7QXmjQeCcuYFMX2bfcc=
|
|||
github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
|
||||
github.com/foxboron/go-uefi v0.0.0-20210602193603-8589bbab9380 h1:D8hRHRCC/jFjOg0alhvQo2unG/HU/qZFbhLvRJPo21I=
|
||||
github.com/foxboron/go-uefi v0.0.0-20210602193603-8589bbab9380/go.mod h1:bLcrn48nYQOkijhTK2iQw1MjXbBqJTG0k8RP6ww+CGQ=
|
||||
github.com/foxboron/go-uefi v0.0.0-20210611230104-7a6a29e36155 h1:9RnTC3NVUwcFpHGGzDYd2LqED59D929P9rl+bq8JL2c=
|
||||
github.com/foxboron/go-uefi v0.0.0-20210611230104-7a6a29e36155/go.mod h1:bLcrn48nYQOkijhTK2iQw1MjXbBqJTG0k8RP6ww+CGQ=
|
||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
|
||||
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||
|
|
38
keys.go
38
keys.go
|
@ -99,7 +99,18 @@ func Enroll(uuid util.EFIGUID, cert, signerKey, signerPem []byte, efivar string)
|
|||
c.AppendBytes(uuid, cert)
|
||||
buf := new(bytes.Buffer)
|
||||
signature.WriteSignatureList(buf, *c)
|
||||
signedBuf := efi.SignEFIVariable(util.ReadKey(signerKey), util.ReadCert(signerPem), efivar, buf.Bytes())
|
||||
key, err := util.ReadKey(signerKey)
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
crt, err := util.ReadCert(signerPem)
|
||||
if err != nil {
|
||||
return nil
|
||||
}
|
||||
signedBuf, err := efi.SignEFIVariable(key, crt, efivar, buf.Bytes())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return efi.WriteEFIVariable(efivar, signedBuf)
|
||||
}
|
||||
|
||||
|
@ -131,7 +142,10 @@ func VerifyFile(cert, file string) (bool, error) {
|
|||
return false, err
|
||||
}
|
||||
|
||||
x509Cert := util.ReadCertFromFile(cert)
|
||||
x509Cert, err := util.ReadCertFromFile(cert)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
sigs, err := pecoff.GetSignatures(peFile)
|
||||
if err != nil {
|
||||
return false, err
|
||||
|
@ -190,14 +204,26 @@ func SignFile(key, cert, file, output, checksum string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
Cert := util.ReadCertFromFile(cert)
|
||||
Key := util.ReadKeyFromFile(key)
|
||||
Cert, err := util.ReadCertFromFile(cert)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
Key, err := util.ReadKeyFromFile(key)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx := pecoff.PECOFFChecksum(peFile)
|
||||
|
||||
sig := pecoff.CreateSignature(ctx, Cert, Key)
|
||||
sig, err := pecoff.CreateSignature(ctx, Cert, Key)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
b := pecoff.AppendToBinary(ctx, sig)
|
||||
b, err := pecoff.AppendToBinary(ctx, sig)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err = os.WriteFile(file, b, si.Mode()); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue