lanzatool: reuse code for signer
This commit is contained in:
nikstur
parent
c0391ce8d7
commit
7685ba088b
|
|
@ -76,6 +76,7 @@ pub fn install(
|
|||
];
|
||||
|
||||
for file in files_to_sign {
|
||||
println!("Signing {}...", file.display());
|
||||
signer
|
||||
.sign_file(&file)
|
||||
.with_context(|| format!("Failed to sign file {}", &file.display()))?;
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ mod esp;
|
|||
mod install;
|
||||
mod pe;
|
||||
mod signer;
|
||||
mod utils;
|
||||
|
||||
use anyhow::Result;
|
||||
use clap::Parser;
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ use anyhow::{Context, Result};
|
|||
use goblin::pe::PE;
|
||||
use tempfile::NamedTempFile;
|
||||
|
||||
use crate::utils;
|
||||
|
||||
pub fn lanzaboote_image(
|
||||
lanzaboote_stub: &Path,
|
||||
os_release: &Path,
|
||||
|
|
@ -47,7 +49,7 @@ fn wrap_in_pe(stub: &Path, sections: Vec<Section>) -> Result<PathBuf> {
|
|||
let image = NamedTempFile::new().context("Failed to generate named temp file")?;
|
||||
|
||||
let mut args: Vec<String> = sections.iter().flat_map(Section::to_objcopy).collect();
|
||||
let extra_args = vec![path_to_string(stub), path_to_string(&image)];
|
||||
let extra_args = vec![utils::path_to_string(stub), utils::path_to_string(&image)];
|
||||
args.extend(extra_args);
|
||||
|
||||
let status = Command::new("objcopy")
|
||||
|
|
@ -77,7 +79,7 @@ impl Section {
|
|||
fn to_objcopy(&self) -> Vec<String> {
|
||||
vec![
|
||||
String::from("--add-section"),
|
||||
format!("{}={}", self.name, path_to_string(&self.file_path)),
|
||||
format!("{}={}", self.name, utils::path_to_string(&self.file_path)),
|
||||
String::from("--change-section-vma"),
|
||||
format!("{}={:#x}", self.name, self.offset),
|
||||
]
|
||||
|
|
@ -137,18 +139,6 @@ fn image_base(pe: &PE) -> u64 {
|
|||
.image_base
|
||||
}
|
||||
|
||||
// All Linux file paths should be convertable to strings
|
||||
fn path_to_string(path: impl AsRef<Path>) -> String {
|
||||
path.as_ref()
|
||||
.to_owned()
|
||||
.into_os_string()
|
||||
.into_string()
|
||||
.expect(&format!(
|
||||
"Failed to convert path '{}' to a string",
|
||||
path.as_ref().display()
|
||||
))
|
||||
}
|
||||
|
||||
fn file_size(path: impl AsRef<Path>) -> Result<u64> {
|
||||
Ok(fs::File::open(path)?.metadata()?.size())
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
use anyhow::Result;
|
||||
|
||||
use std::path::{Path, PathBuf};
|
||||
use std::process::Command;
|
||||
|
||||
use anyhow::Result;
|
||||
|
||||
use crate::utils;
|
||||
|
||||
pub struct Signer {
|
||||
pub private_key: PathBuf,
|
||||
pub public_key: PathBuf,
|
||||
|
|
@ -19,12 +21,12 @@ impl Signer {
|
|||
pub fn sign_file(&self, filepath: &Path) -> Result<()> {
|
||||
let args = vec![
|
||||
String::from("--key"),
|
||||
String::from(self.private_key.to_str().unwrap()),
|
||||
utils::path_to_string(&self.private_key),
|
||||
String::from("--cert"),
|
||||
String::from(self.public_key.to_str().unwrap()),
|
||||
String::from(filepath.to_str().unwrap()),
|
||||
utils::path_to_string(&self.public_key),
|
||||
utils::path_to_string(filepath),
|
||||
String::from("--output"),
|
||||
String::from(filepath.to_str().unwrap()),
|
||||
utils::path_to_string(filepath),
|
||||
];
|
||||
|
||||
let status = Command::new("sbsign").args(&args).status()?;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,9 @@
|
|||
use std::path::Path;
|
||||
|
||||
// All Linux file paths should be convertable to strings
|
||||
pub fn path_to_string(path: impl AsRef<Path>) -> String {
|
||||
String::from(path.as_ref().to_str().expect(&format!(
|
||||
"Failed to convert path '{}' to a string",
|
||||
path.as_ref().display()
|
||||
)))
|
||||
}
|
||||
Loading…
Reference in New Issue