1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66
|
package main
import (
"bytes"
"flag"
"fmt"
"log"
"os"
"github.com/foxboron/go-uefi/efi/signature"
"github.com/foxboron/go-uefi/efi/util"
"github.com/foxboron/go-uefi/efivar"
)
func main() {
key := flag.String("key", "", "Key")
cert := flag.String("cert", "", "Certificate")
variable := flag.String("var", "", "variable")
flag.Parse()
args := flag.Args()
if len(os.Args) == 1 {
fmt.Println("govarsign: -key <key> -cert <cert> -var <variable> [input] [output]")
}
if len(os.Args) == 2 {
fmt.Println("Missing input and output file")
os.Exit(1)
}
b, err := os.ReadFile(args[0])
if err != nil {
log.Fatal(err)
}
keyFile, err := util.ReadKeyFromFile(*key)
if err != nil {
log.Fatal(err)
}
certFile, err := util.ReadCertFromFile(*cert)
if err != nil {
log.Fatal(err)
}
var wvar efivar.Efivar
switch *variable {
case "db":
wvar = efivar.Db
case "KEK":
wvar = efivar.KEK
case "PK":
wvar = efivar.PK
}
siglist, err := signature.ReadSignatureDatabase(bytes.NewReader(b))
if err != nil {
log.Fatal(err)
}
_, sl, err := signature.SignEFIVariable(wvar, &siglist, keyFile, certFile)
if err != nil {
log.Fatal(err)
}
err = os.WriteFile(args[1], sl.Bytes(), 0644)
if err != nil {
log.Fatal(err)
}
}
|