Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Linux UEFI library written in pure Go.

License

NotificationsYou must be signed in to change notification settings

Foxboron/go-uefi

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

A UEFI library written to interact with Linux efivars. The goal is to provide aGo library to enable application authors to better utilize secure boot and UEFI.This also includes unit-testing to ensure the library is compatible withexisting tools, and integration tests to ensure the library is able of deal withfuture UEFI revisions.

Features

  • Implements most Secure Boot relevant structs as defined in UEFI Spec Version 2.8 Errata A (February 14th 2020).
  • PE/COFF Checksumming.
  • Microsoft Authenticode signing.
  • A subset of PKCS7
  • Working with EFI_SIGNATURE_LIST and EFI_SIGNATURE_DATABASE.
  • Integration tests utilizingvmtest and tianocore.
  • Virtual filesystem support for easier testing.

Examples

Some example can be found undercmd/.

Code Examples

Append signatures to db

package mainimport ("github.com/foxboron/go-uefi/efi/signature""github.com/foxboron/go-uefi/efi/util""github.com/foxboron/go-uefi/efivar""github.com/foxboron/go-uefi/efivarfs")var (cert,_=util.ReadKeyFromFile("signing.key")key,_=util.ReadCertFromFile("signing.cert")sigdata= signature.SignatureData{Owner: util.EFIGUID{Data1:0xc1095e1b,Data2:0x8a3b,Data3:0x4cf5,Data4: [8]uint8{0x9d,0x4a,0xaf,0xc7,0xd7,0x5d,0xca,0x68}},Data:  []uint8{}})funcmain() {efifs:=efivarfs.NewFS().Open()db,_:=efifs.Getdb()db.AppendSignature(signature.CERT_SHA256_GUID,&sigdata)efifs.WriteSignedUpdate(efivar.Db,db,key,cert)}

Use a in-memory efivarfs for tests

package mainimport ("github.com/foxboron/go-uefi/efi""github.com/foxboron/go-uefi/efi/efitest""github.com/foxboron/go-uefi/efi/signature""github.com/foxboron/go-uefi/efivarfs")funcTestSecureBootOn(t*testing.T) {efifs:=efivarfs.NewTestFS().With(efitest.SecureBootOn()).Open()ok,err:=efifs.GetSetupMode()iferr!=nil {t.Fatalf("%v",err)}if!ok {t.Fatalf("Secure Boot is not enabled")}}

Sign UEFI binary

package mainimport ("github.com/foxboron/go-uefi/authenticode""github.com/foxboron/go-uefi/efi/util")var (key,_:= util.ReadKeyFromFile("signing.key")cert,_:=util.ReadCertFromFile("signing.cert"))funcmain(){peFile,_:=os.ReadFile("somefile")file,_:=authenticode.Parse(peFile)file.Sign(key,cert)os.WriteFile("somefile.signed",file.Bytes(),0644)}

Checksum UEFI executable

package mainimport ("github.com/foxboron/go-uefi/authenticode")funcmain(){peFile,_:=os.ReadFile("somefile")file,_:=authenticode.Parse(peFile)checksum:=file.Hash(crypto.SHA256)fmt.Printf("%x\n",checksum)}

About

Linux UEFI library written in pure Go.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Languages

[8]ページ先頭
©2009-2025 Movatter.jp