diff --git a/rust/lanzatool/src/cli.rs b/rust/lanzatool/src/cli.rs index 80386f1..3dcd471 100644 --- a/rust/lanzatool/src/cli.rs +++ b/rust/lanzatool/src/cli.rs @@ -14,7 +14,23 @@ pub struct Cli { #[derive(Subcommand)] pub enum Commands { Install { + // Secure Boot Public Key + #[clap(long)] public_key: PathBuf, + + // Secure Boot Private Key + #[clap(long)] + private_key: PathBuf, + + // Secure Boot PKI Bundle for auto enrolling key + #[clap(long)] + pki_bundle: PathBuf, + + // Enable auto enrolling your keys in UEFI + // Be aware that this might irrevocably brick your device + #[clap(long, default_value = "false")] + auto_enroll: bool, + bootspec: PathBuf, }, } @@ -30,17 +46,36 @@ impl Commands { match self { Commands::Install { public_key, + private_key, + pki_bundle, + auto_enroll, bootspec, - } => install(&public_key, &bootspec), + } => install( + &public_key, + &private_key, + &pki_bundle, + auto_enroll, + &bootspec, + ), } } } -fn install(public_key: &Path, bootspec: &Path) -> Result<()> { +fn install( + public_key: &Path, + private_key: &Path, + pki_bundle: &Path, + auto_enroll: bool, + bootspec: &Path, +) -> Result<()> { let lanzaboote_stub = std::env::var("LANZABOOTE_STUB")?; let initrd_stub = std::env::var("LANZABOOTE_INITRD_STUB")?; + install::install( public_key, + private_key, + pki_bundle, + auto_enroll, bootspec, Path::new(&lanzaboote_stub), Path::new(&initrd_stub), diff --git a/rust/lanzatool/src/install.rs b/rust/lanzatool/src/install.rs index a582632..006a224 100644 --- a/rust/lanzatool/src/install.rs +++ b/rust/lanzatool/src/install.rs @@ -8,7 +8,10 @@ use crate::esp::EspPaths; use crate::pe; pub fn install( - _: &Path, + _public_key: &Path, + _private_key: &Path, + _pki_bundle: &Path, + _auto_enroll: bool, bootspec: &Path, lanzaboote_stub: &Path, initrd_stub: &Path,