#efi #uefi #pe #authenticode #secure-boot

nightly efi_signer

A crates for signing and parsing EFI image

10 releases

0.2.7 Nov 13, 2023
0.2.6 Nov 10, 2023
0.2.4 Jun 29, 2023
0.2.2 May 21, 2023
0.1.1 May 4, 2023

#941 in Cryptography

Download history 19/week @ 2024-03-11 5/week @ 2024-03-18 42/week @ 2024-04-01 7/week @ 2024-04-08 9/week @ 2024-04-22 1/week @ 2024-04-29 19/week @ 2024-05-06 26/week @ 2024-05-13 32/week @ 2024-05-20 16/week @ 2024-05-27 24/week @ 2024-06-03 18/week @ 2024-06-10 17/week @ 2024-06-17 22/week @ 2024-06-24

83 downloads per month

MulanPSL-2.0

1MB
861 lines

Contains (DOS exe, 1MB) tests/shimx64.efi.dualsigned, (DOS exe, 1MB) tests/shimx64.efi, (DOS exe, 1MB) tests/shimx64.efi.signed

EFI_SIGNER

Coverage Status cargo license

A pure rust library to sign/verify the EFI image.

HOWs

see examples

how to sign a EFI image

  1. generate certificates

    bash -ex scripts/make_codesign_cert.sh
    
  2. sign a EFI image

    ./main sign --key key.pem --cert certificate.pem shimx64.efi shimx64.efi.signed
    
  3. sign a EFI image with detached signature

    ./main sign --key key.pem --cert certificate.pem -d shimx64.efi efi.signed
    

    the efi.signed file will onlyl contain the signature itself which can be used by set_authenticode

how to parse the EFI image

./main --verbose parse shimx64.efi

Dependencies

~21–37MB
~597K SLoC