1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
package main
import (
"bytes"
"flag"
"fmt"
"log"
"os"
"github.com/foxboron/go-uefi/efi/signature"
"github.com/foxboron/go-uefi/efi/util"
"github.com/foxboron/go-uefi/efivar"
)
func main() {
key := flag.String("key", "", "Key")
cert := flag.String("cert", "", "Certificate")
variable := flag.String("var", "", "variable")
flag.Parse()
args := flag.Args()
if len(os.Args) == 1 {
fmt.Println("govarsign: -key <key> -cert <cert> -var <variable> [input] [output]")
}
if len(os.Args) == 2 {
fmt.Println("Missing input and output file")
os.Exit(1)
}
b, err := os.ReadFile(args[0])
if err != nil {
log.Fatal(err)
}
keyFile, err := util.ReadKeyFromFile(*key)
if err != nil {
log.Fatal(err)
}
certFile, err := util.ReadCertFromFile(*cert)
if err != nil {
log.Fatal(err)
}
var wvar efivar.Efivar
switch *variable {
case "db":
wvar = efivar.Db
case "KEK":
wvar = efivar.KEK
case "PK":
wvar = efivar.PK
}
siglist, err := signature.ReadSignatureDatabase(bytes.NewReader(b))
if err != nil {
log.Fatal(err)
}
_, sl, err := signature.SignEFIVariable(wvar, &siglist, keyFile, certFile)
if err != nil {
log.Fatal(err)
}
err = os.WriteFile(args[1], sl.Bytes(), 0644)
if err != nil {
log.Fatal(err)
}
}
|
