Skip to content

Commit

Permalink
Merge commit 'refs/pull/75/head' of github.com:Foxboron/sbctl
Browse files Browse the repository at this point in the history
  • Loading branch information
@Foxboron
Foxboron committed Jun 13, 2021
2 parents d8af3d8 + 9545839 commit faf366f
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 7 deletions.
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ go 1.16
require (
github.com/anatol/vmtest v0.0.0-20210225191124-26540db15d49
github.com/fatih/color v1.12.0
github.com/foxboron/go-uefi v0.0.0-20210602193603-8589bbab9380
github.com/foxboron/go-uefi v0.0.0-20210611230104-7a6a29e36155
github.com/google/uuid v1.2.0
github.com/mattn/go-isatty v0.0.13 // indirect
github.com/spf13/cobra v1.1.3
Expand Down
2 changes: 2 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ github.com/fatih/color v1.12.0 h1:mRhaKNwANqRgUBGKmnI5ZxEk7QXmjQeCcuYFMX2bfcc=
github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
github.com/foxboron/go-uefi v0.0.0-20210602193603-8589bbab9380 h1:D8hRHRCC/jFjOg0alhvQo2unG/HU/qZFbhLvRJPo21I=
github.com/foxboron/go-uefi v0.0.0-20210602193603-8589bbab9380/go.mod h1:bLcrn48nYQOkijhTK2iQw1MjXbBqJTG0k8RP6ww+CGQ=
github.com/foxboron/go-uefi v0.0.0-20210611230104-7a6a29e36155 h1:9RnTC3NVUwcFpHGGzDYd2LqED59D929P9rl+bq8JL2c=
github.com/foxboron/go-uefi v0.0.0-20210611230104-7a6a29e36155/go.mod h1:bLcrn48nYQOkijhTK2iQw1MjXbBqJTG0k8RP6ww+CGQ=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
Expand Down
38 changes: 32 additions & 6 deletions keys.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,18 @@ func Enroll(uuid util.EFIGUID, cert, signerKey, signerPem []byte, efivar string)
c.AppendBytes(uuid, cert)
buf := new(bytes.Buffer)
signature.WriteSignatureList(buf, *c)
signedBuf := efi.SignEFIVariable(util.ReadKey(signerKey), util.ReadCert(signerPem), efivar, buf.Bytes())
key, err := util.ReadKey(signerKey)
if err != nil {
return nil
}
crt, err := util.ReadCert(signerPem)
if err != nil {
return nil
}
signedBuf, err := efi.SignEFIVariable(key, crt, efivar, buf.Bytes())
if err != nil {
return err
}
return efi.WriteEFIVariable(efivar, signedBuf)
}

Expand Down Expand Up @@ -131,7 +142,10 @@ func VerifyFile(cert, file string) (bool, error) {
return false, err
}

x509Cert := util.ReadCertFromFile(cert)
x509Cert, err := util.ReadCertFromFile(cert)
if err != nil {
return false, err
}
sigs, err := pecoff.GetSignatures(peFile)
if err != nil {
return false, err
Expand Down Expand Up @@ -190,14 +204,26 @@ func SignFile(key, cert, file, output, checksum string) error {
return err
}

Cert := util.ReadCertFromFile(cert)
Key := util.ReadKeyFromFile(key)
Cert, err := util.ReadCertFromFile(cert)
if err != nil {
return err
}
Key, err := util.ReadKeyFromFile(key)
if err != nil {
return err
}

ctx := pecoff.PECOFFChecksum(peFile)

sig := pecoff.CreateSignature(ctx, Cert, Key)
sig, err := pecoff.CreateSignature(ctx, Cert, Key)
if err != nil {
return err
}

b := pecoff.AppendToBinary(ctx, sig)
b, err := pecoff.AppendToBinary(ctx, sig)
if err != nil {
return err
}
if err = os.WriteFile(file, b, si.Mode()); err != nil {
return err
}
Expand Down

0 comments on commit faf366f

Please sign in to comment.