aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2019-01-08Version: 1.9.2HEADv1.9.2masterJames Bottomley1-1/+1
2019-01-08sha256: do not align raw section sizesJames Bottomley1-3/+5
2019-01-07sign-efi-sig-list: add man page entry for engine optionJames Bottomley1-0/+1
2019-01-06Version: 1.9.1v1.9.1James Bottomley1-1/+1
2019-01-06Makefile: Reverse the order of lib.a and -lcryptoJames Bottomley1-6/+6
2019-01-06Version: 1.9.0v1.9.0James Bottomley1-1/+1
2019-01-05use SignedData instead of PKCS7 for variable updatesJames Bottomley1-1/+1
2019-01-05support engine based keysJames Bottomley4-8/+107
2019-01-05factor out variable signing codeJames Bottomley5-59/+90
2018-12-18efi-updatevar: remove all authenticated attributes from signaturepai-yi.huang1-3/+3
2018-02-20Version: 1.8.1v1.8.1James Bottomley1-1/+1
2018-02-20Fix Fedora buildJames Bottomley1-3/+3
2017-10-19Version: 1.8.0v1.8.0James Bottomley1-1/+1
2017-10-19cert-to-efi-hash-list: fix for openssl 1.1James Bottomley1-1/+5
2017-03-01efitools: oid.h: Re-run oid.pl to regenerate oid.h includeNicholas Fish1-0/+2
2017-01-16kernel_efivars.c: fix mismatch between UNIX and EFI timePatrick Callaghan1-1/+2
2016-05-13PreLoader: use updated security policy install functionJames Bottomley1-1/+3
2016-05-13security_policy: fully convert to override,allow and deny functionsJames Bottomley1-25/+12
2016-05-13security_policy: factor out the current MoK hash policiesJames Bottomley2-10/+55
2016-03-25Version: 1.7.0v1.7.0James Bottomley1-1/+1
2016-03-25sig-list-to-certs: add -e option to break out all esl payloadsJames Bottomley1-3/+20
2016-03-25security_policy: convert to using pkcs7verify protocolJames Bottomley2-13/+31
2016-03-25shim_protocol: convert to using the pkcs7verify allow and deny functionJames Bottomley3-77/+8
2016-03-25pkcs7verify: add allow and deny checkersJames Bottomley2-1/+200
2016-03-25variables: add routines to get a list of hash algorithmsJames Bottomley2-0/+53
2016-03-25guid: add all currently defined hashing guidsJames Bottomley2-0/+21
2016-02-26shim_protocol: add implementation of read_headerJames Bottomley1-1/+8
2016-02-23ShimReplace: add new shim loader simply to install protocolJames Bottomley2-1/+65
2016-02-23pkcs7verify: add protocol locate functionJames Bottomley3-1/+63
2016-02-23shim_protocol: add protocol installerJames Bottomley3-1/+160
2016-02-23pkcs7verify: add header and GUID copied from tianocoreJames Bottomley3-0/+211
2016-02-23pcoff: add pecoff_get_signature functionJames Bottomley2-0/+31
2016-02-14Version: 1.6.1v1.6.1James Bottomley1-1/+1
2016-02-14Fix ARM32 buildJames Bottomley8-0/+52
2016-02-12arm build fixesJames Bottomley19-335/+191
2016-02-09Version: 1.6.0v1.6.0James Bottomley1-1/+1
2016-02-09enable arm buildsJames Bottomley1-1/+7
2016-02-09security_policy: switch to EFIAPI calling conventionJames Bottomley3-119/+13
2015-03-17flash-var: new routine for manipulating variables in flash imagesJames Bottomley4-1/+335
2015-03-17guid: add authenticated variable guidJames Bottomley2-0/+2
2015-03-17guid.c: add function to calculate owner GUID for known authenticated variablesJames Bottomley2-0/+23
2015-03-12Version: 1.5.3v1.5.3James Bottomley1-1/+1
2015-03-12Fix month offset problemJames Bottomley3-2/+4
2015-01-22Version: 1.5.2v1.5.2James Bottomley1-1/+1
2015-01-22sha256: Calculate hashes correctly for both X64 and IA32James Bottomley5-22/+41
2015-01-21pecoff: handle both IA32 and X64 imagesJames Bottomley1-10/+26
2015-01-06Make alterations for 32 bit cross compileJames Bottomley5-15/+110
2014-12-22Version 1.5.1v1.5.1James Bottomley1-1/+1
2014-12-22cert-to-efi-hash-list: only hash over TBSCertificateJames Bottomley1-1/+1
2014-12-22Version 1.5.0v1.5.0James Bottomley1-1/+1
2014-12-22cert-to-efi-hash-list: add man pageJames Bottomley1-0/+30
2014-12-22Makefile: Consolidate auth file building rulesJames Bottomley2-5/+16
2014-12-22KeyTool: Display revocation signature hashesJames Bottomley1-0/+20
2014-12-22cert-to-efi-hash-list: binary for blacklisting by hashJames Bottomley5-3/+263
2014-12-22cert-to-efi-sig-list: clear FIPS errors on module loadJames Bottomley1-0/+5
2014-12-22ReadVars, UpdateVars: add support for dbtJames Bottomley2-16/+27
2014-12-22KeyTool: add support for dbtJames Bottomley1-6/+24
2014-12-22variable.h: add dbt detection supportJames Bottomley1-1/+2
2014-12-20KeyTool: consolidate definitions in keyinfo variableJames Bottomley1-17/+4
2014-12-19Version 1.4.4v1.4.4James Bottomley1-1/+1
2014-12-19Make: allow creation of multiple db certificatesJames Bottomley2-3/+2
2014-12-18Add MS KEK update bundleJames Bottomley2-2/+124
2014-12-17Add more .auth file generatorsJames Bottomley2-20/+21
2014-12-17console.c: Fix longstanding bug (causing crashes)James Bottomley1-6/+5
2014-12-17sign-efi-sig-list: fix timestampsJames Bottomley2-7/+19
2014-12-17Build an update bundle for the Microsoft db keyJames Bottomley2-1/+45
2014-12-16Makefile: add targets for DB and KEK update as well as replaceJames Bottomley1-1/+9
2014-12-16Keytool: Add ability to execute binary (no arguments)James Bottomley1-1/+50
2014-12-16Fix Make cleanJames Bottomley2-0/+3
2014-12-07version 1.4.3v1.4.3James Bottomley1-1/+1
2014-12-07sign-efi-sig-list: remove all authenticated attributes from signatureJames Bottomley1-3/+4
2014-12-07sign-efi-sig-list: fixs FIPS module verification errorsJames Bottomley1-0/+5
2014-05-27safer mount output parsingsakaki1-1/+1
2014-01-18kernel_efivars: Fix detection of efivarfs filesystem path.Edwin1-2/+2
2013-09-19Makefile/Make.rules: don't rely on vim-corev1.4.2Greg Kroah-Hartman3-2/+52
2013-04-17COPYING: complete lib/ transition to LGPLJames Bottomley1-1/+512
2013-03-19efi-readvar: add MokList as possible variable to read fromJames Bottomley1-2/+2
2013-03-11COPYING: update licence: GPLv2+openSSL and LGPLv2.1James Bottomley1-1/+4
2013-03-08security_policy: check that the override is actually installedJames Bottomley1-0/+8
2013-03-07cert-to-efi-sig-list: remove unimplemented RSA2048 certificate supportJames Bottomley1-9/+2
2013-03-07efitools: fix build warnings in cert-to-efi-sig-list.cJiri Kosina1-0/+1
2013-03-05Version: 1.4.1v1.4.1James Bottomley1-1/+1
2013-03-05UpdateVars: need %s not %d to print a filenameJames Bottomley1-1/+1
2013-03-05PreLoader: add keystroke check to start HashToolJames Bottomley1-0/+5
2013-03-05console: add new console_check_for_keystroke() functionJames Bottomley2-0/+26
2013-03-05variables: Fix SetMem cockupJames Bottomley2-4/+4
2013-03-01Fix for Ubuntu BuildsJames Bottomley1-1/+1
2013-03-01fix for debian builds (include sys/wait.h for WEXITSTATUS)James Bottomley2-1/+2
2013-03-01Version 1.4.0v1.4.0James Bottomley1-1/+1
2013-03-01efi-keytool is vestigial, don't build itJames Bottomley1-1/+1
2013-03-01efi-updatevar: Add variable deletion as an optionJames Bottomley2-8/+73
2013-03-01efi-updatevar: add ability to update in User ModeJames Bottomley2-8/+148
2013-02-28efi-updatevar: use hash_to_esl() functionJames Bottomley1-5/+14
2013-02-28kernel_efivars: separate out hash to esl conversion function for later useJames Bottomley2-9/+28
2013-02-28efi-updatevar: add ability to insert X509 key from certificate fileJames Bottomley2-23/+79
2013-02-28guid: return error if str_to_guid() failsJames Bottomley2-7/+11
2013-02-28efi-readvar: add option to save signature listsJames Bottomley1-4/+23
2013-02-28efi-readvar: add documentation and variable list restrictionsJames Bottomley2-6/+96
2013-02-27Makefile: Correct a cockup in .auth file generationJames Bottomley2-3/+9
2013-02-27efi-updatevar: add utility to perform the tasks of UpdateVars.efiJames Bottomley6-2/+304
2013-02-27kernel_efivars: fix check for fedoraJames Bottomley1-4/+15
2013-02-27efi-keytool, efi-readvar: begin constructing linux versions of efi toolsJames Bottomley4-1/+161
2013-02-27guid: add compare_guid() function for linux executablesJames Bottomley2-0/+7
2013-02-27kernel_efivars: add library routine to parse efivarfs entriesJames Bottomley5-17/+170
2013-02-23Version 1.3.6v1.3.6James Bottomley1-1/+1
2013-02-23Make.rules: add a finder for all the daft places gnu-efi installs on distrosJames Bottomley1-2/+5
2013-02-18PreLoader: add check to permit booting on a non secure boot systemJames Bottomley1-1/+29
2013-02-04Version 1.3.5v1.3.5James Bottomley1-1/+1
2013-02-04PreLoader: per Microsoft request, remove KeyTool from authorised hashJames Bottomley1-1/+1
2013-02-02ReadVars: add -c option (no print)James Bottomley1-3/+7
2013-01-22ReadVars: Update to allow single variable selection and asn1 parse x509James Bottomley2-34/+117
2013-01-22UpdateVars: Factor out argsplitJames Bottomley4-46/+61
2013-01-22ReadVars: add Mok VariableJames Bottomley1-2/+2
2013-01-22UpdateVars: Fix to work on shells that don't erroneously have a trailing spaceJames Bottomley1-7/+9
2013-01-22UpdateVars: Add ability to calculate hash from binaryJames Bottomley1-4/+20
2013-01-22UpdateVars: Allow updating of MoK variablesJames Bottomley1-6/+21
2013-01-20Version 1.3.4v1.3.4James Bottomley1-1/+1
2013-01-20security_policy: per UEFI spec, explicit hash can override forbidden sigJames Bottomley1-7/+0
2013-01-20configtable: remove rest of debugging printsJames Bottomley1-3/+5
2013-01-20security_policy: don't check image table in legacy if mok failsJames Bottomley1-2/+1
2013-01-20security_policy: Consult the image table to find dbx forbidden keysJames Bottomley4-3/+220
2013-01-20console: fix bug where ESC isn't properly propagatedJames Bottomley1-0/+3
2013-01-16Version 1.3.3v1.3.3James Bottomley1-1/+1
2013-01-16console: no return from console_reset()James Bottomley2-2/+2
2013-01-09KeyTool: TianoCore still allows unathenticated updates in user modeJames Bottomley2-4/+6
2013-01-09HashTool: Don't display keytool prompt if no executableJames Bottomley1-1/+1
2013-01-09KeyTool: Better errors on save keysJames Bottomley2-7/+8
2013-01-09console, PreLoader: add console resetJames Bottomley3-0/+15
2013-01-09security_policy: fix a problem with the UEFI confusion over security failureJames Bottomley1-4/+17
2013-01-07Version: 1.3.2v1.3.2James Bottomley1-1/+1
2013-01-07security_policy: don't allow internal hash to override dbxJames Bottomley1-1/+1
2013-01-07KeyTool: Fix key deletionJames Bottomley1-29/+38
2013-01-02console: fix problem with ESC and no selectionJames Bottomley3-5/+8
2013-01-01KeyTool: Permit saving of individual keys in their entiretyJames Bottomley1-55/+119
2013-01-01Error handling for sha256 hash failuresJames Bottomley3-4/+24
2013-01-01KeyTool: Add MokList to list of saved variablesJames Bottomley1-2/+3
2013-01-01hash-to-efi-sig-list: Allow creation of multiple hashesJames Bottomley1-25/+33
2012-12-31KeyTool: should still be able to delete MOK entries in user modeJames Bottomley1-1/+1
2012-12-31KeyTool: Fix hang when saving all keysJames Bottomley1-0/+1
2012-12-31KeyTool: Implement adding certificates from DER format .cer filesJames Bottomley3-51/+47
2012-12-31sig-list-to-certs: use new traversal mechanismJames Bottomley1-57/+63
2012-12-30Keytool/Variables: Improve signature list traversal.James Bottomley3-38/+36
2012-12-30UpdateVars: Allow updating with an esl fileJames Bottomley1-32/+17
2012-12-30variables.c: Don't do an ESL update to PK in user modeJames Bottomley1-5/+14
2012-12-30Hashtool: eliminate option to move programmatically to setup modeJames Bottomley1-7/+9
2012-12-20Version: 1.3.1v1.3.1James Bottomley1-1/+1
2012-12-20console.c: fix oversize lines in printingJames Bottomley1-11/+10
2012-12-20Version 1.3v1.3James Bottomley1-1/+1
2012-12-20Update with changes required by MicrosoftJames Bottomley3-10/+24
2012-12-12Merge branch 'v1.2'James Bottomley1-6/+7
2012-12-12execute: fix some of the quirks in DevPathToStr()James Bottomley1-6/+7
2012-12-12security_policy: put the return in the right place!James Bottomley1-2/+2
2012-12-12gitignore: test binary and a few other filesJames Bottomley2-0/+7
2012-12-12enumerator: pull out lots of unused codeJames Bottomley2-296/+0
2012-12-12identification: work in both EFI and non-EFI environmentsJames Bottomley2-3/+6
2012-12-12asn1: eliminate more unused code from identification.cJames Bottomley2-103/+4
2012-12-12Keytool: Display rudimentary asn1 information about the keysJames Bottomley7-15/+75
2012-12-12asn1: complete definitions and strip copied filesJames Bottomley15-1968/+88
2012-12-12asn1: more updates to pare the parser downJames Bottomley4-37/+38
2012-12-12asn1: complete parser with more pieces from strongswanJames Bottomley11-0/+2511
2012-12-12asn1: Add parser files straight from strongswan-5.0.1James Bottomley8-0/+2689
2012-12-12Merge tag 'v1.2.3'James Bottomley6-4/+17
2012-12-11version: 1.2.3v1.2.3James Bottomley1-1/+1
2012-12-11SetNull: simple program to prevent *NULL from being 0James Bottomley2-1/+12
2012-12-11version: 1.2.2v1.2.2James Bottomley1-1/+1
2012-12-11simple_file: fix missing files problemJames Bottomley4-3/+5
2012-12-11KeyTool: Add ability to enrol hashJames Bottomley6-63/+168
2012-12-11console: make selected option sticky and use in KeyTool and HashToolJames Bottomley4-11/+27
2012-12-08KeyTool: Improve key saving dialogue (add volume selector)James Bottomley1-1/+35
2012-12-08PreLoader: add error box for security policy uninstallJames Bottomley1-1/+3
2012-12-08security_policy: fix five arg thunk and always install all possible policiesJames Bottomley1-30/+37
2012-12-07version 1.2.1v1.2.1James Bottomley1-1/+1
2012-12-07Fix the file selectors to work properly in a relative directoryJames Bottomley4-77/+45
2012-12-07version: 1.2.0v1.2.0James Bottomley1-1/+1
2012-12-07security_policy: Make it functional on PI 1.2 systemsJames Bottomley5-41/+223
2012-12-06Bump version to 1.1.0v1.1.0James Bottomley1-1/+1
2012-12-06PreLoader: Add dialogue boxes and make suitable for gummibootJames Bottomley1-14/+40
2012-12-06simple_file: Put .. directory last alwaysJames Bottomley1-11/+25
2012-12-06simple_file: Fix directory traversalJames Bottomley1-10/+12
2012-12-06security_policy: remove debuggingJames Bottomley3-13/+0
2012-12-06gitignore: ignore new hash-to-efi-sig-list and *.hash filesJames Bottomley1-0/+2
2012-12-06Move PreLoader and HashTool to new execution modelJames Bottomley2-17/+22
2012-12-06sha256.h: main dir efi objects aren't built with BUILD_EFIJames Bottomley1-2/+0
2012-12-06execute: add capability to execute via Boot ServicesJames Bottomley5-130/+175
2012-12-06add new security_policyJames Bottomley3-1/+214
2012-12-06guid: add SECURITY2_PROTOCOL_GUIDJames Bottomley2-0/+2
2012-12-06variables: separate find_in_esl() from find_in_variable_esl()James Bottomley2-7/+23
2012-12-04Loader: rename boot loader to linux-loader.efiJames Bottomley1-1/+1
2012-12-04version: add automated version numbersv1.0.0James Bottomley4-18/+11
2012-12-04PreLoader: Add built in whitelist hash tableJames Bottomley5-6/+36
2012-12-04hash-to-efi-sig-list: new binary to create hashes as efi signature listsJames Bottomley6-26/+189
2012-12-04simple_file: fix bug in generate_path on top level filesJames Bottomley1-1/+2
2012-12-03HelloWorld: Add return to shut obs upJames Bottomley1-0/+2
2012-12-03Remove debugging statementsJames Bottomley2-6/+1
2012-12-03mkusb.sh: script to create a bootable USB image with the filesJames Bottomley2-0/+38
2012-12-03HashTool: KeyTool binary needs preceeding backslashJames Bottomley1-1/+1
2012-12-03HelloWorld: Replace with console box based oneJames Bottomley2-9/+11
2012-12-03Fix problem with efi status returnJames Bottomley2-4/+4
2012-12-03Makefile: go back to single signature binariesJames Bottomley2-6/+9
2012-12-03PreLoader: Simple preloaderJames Bottomley2-1/+58
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-29 09:10:19 +0000