EFI_SIGNER

Coverage Status cargo license

A pure rust library to sign/verify the EFI image.

HOWs

see examples

how to sign a EFI image

  1. generate certificates bash bash -ex scripts/make_codesign_cert.sh

  2. sign a EFI image bash ./main sign --key key.pem --cert certificate.pem shimx64.efi shimx64.efi.signed

  3. sign a EFI image with detached signature bash ./main sign --key key.pem --cert certificate.pem -d shimx64.efi efi.signed the efi.signed file will onlyl contain the signature itself which can be used by set_authenticode

    how to parse the EFI image

bash ./main --verbose parse shimx64.efi