#efi #authenticode #pe #uefi #secure-boot

nightly efi_signer

A crates for signing and parsing EFI image

7 releases

0.2.4 Jun 29, 2023
0.2.3 Jun 29, 2023
0.2.2 May 21, 2023
0.1.1 May 4, 2023

#540 in Hardware support

Download history 28/week @ 2023-06-05 20/week @ 2023-06-12 19/week @ 2023-06-19 76/week @ 2023-06-26 28/week @ 2023-07-03 46/week @ 2023-07-10 19/week @ 2023-07-17 37/week @ 2023-07-24 33/week @ 2023-07-31 26/week @ 2023-08-07 15/week @ 2023-08-14 13/week @ 2023-08-21 57/week @ 2023-08-28 23/week @ 2023-09-04 45/week @ 2023-09-11 62/week @ 2023-09-18

188 downloads per month

MulanPSL-2.0

1MB
835 lines

Contains (DOS exe, 1MB) tests/shimx64.efi.dualsigned, (DOS exe, 1MB) tests/shimx64.efi, (DOS exe, 1MB) tests/shimx64.efi.signed

EFI_SIGNER

Coverage Status cargo license

A pure rust library to sign/verify the EFI image.

HOWs

see examples

how to sign a EFI image

  1. generate certificates

    bash -ex scripts/make_codesign_cert.sh
    
  2. sign a EFI image

    ./main sign --key key.pem --cert certificate.pem shimx64.efi shimx64.efi.signed
    
  3. sign a EFI image with detached signature

    ./main sign --key key.pem --cert certificate.pem -d shimx64.efi efi.signed
    

    the efi.signed file will onlyl contain the signature itself which can be used by set_authenticode

how to parse the EFI image

./main --verbose parse shimx64.efi

Dependencies

~18–34MB
~554K SLoC