-
Notifications
You must be signed in to change notification settings - Fork 13
/
main.go
74 lines (68 loc) · 1.62 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package main
import (
"bytes"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"flag"
"fmt"
"io/ioutil"
"log"
"github.com/foxboron/go-uefi/efi"
"github.com/foxboron/go-uefi/efi/signature"
"github.com/foxboron/go-uefi/efi/util"
)
var (
sigdata = signature.SignatureData{
Owner: util.EFIGUID{Data1: 0xc1095e1b, Data2: 0x8a3b, Data3: 0x4cf5, Data4: [8]uint8{0x9d, 0x4a, 0xaf, 0xc7, 0xd7, 0x5d, 0xca, 0x68}},
Data: []uint8{}}
certFile *x509.Certificate
keyFile *rsa.PrivateKey
)
func main() {
var err error
key := flag.String("key", "", "Key")
cert := flag.String("cert", "", "Certificate")
flag.Parse()
keyFile, err = util.ReadKeyFromFile(*key)
if err != nil {
log.Fatal(err)
}
certFile, err = util.ReadCertFromFile(*cert)
if err != nil {
log.Fatal(err)
}
args := flag.Args()
peFile, err := ioutil.ReadFile(args[1])
if err != nil {
log.Fatal(err)
}
// ctx := pecoff.PECOFFChecksum(peFile)
// bufChecksum := sha256.Sum256(ctx.SigData.Bytes())
bufChecksum := sha256.Sum256(peFile)
sigdata.Data = bufChecksum[:]
db, err := efi.Getdb()
if err != nil {
log.Fatal(err)
}
switch args[0] {
case "show":
fmt.Printf("%x", bufChecksum[:])
case "append":
err = db.AppendSignature(signature.CERT_SHA256_GUID, &sigdata)
case "remove":
err = db.RemoveSignature(signature.CERT_SHA256_GUID, &sigdata)
}
if err != nil {
log.Fatal(err)
}
buf := new(bytes.Buffer)
signature.WriteSignatureDatabase(buf, *db)
bufSomething, err := efi.SignEFIVariable(keyFile, certFile, "db", buf.Bytes())
if err != nil {
log.Fatal(err)
}
if err := efi.WriteEFIVariable("db", bufSomething); err != nil {
log.Fatal(err)
}
}