aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2023-03-19Version 0.9.5HEADv0.9.5masterJames Bottomley1-1/+1
2022-06-13Fix openssl-3.0 issue involving ASN1 xxx_itJeremi Piotrowski1-1/+1
2022-06-13Add support for openssl-3James Bottomley2-3/+10
2022-03-04sbsigntool: add support for RISC-V 64-bit PE/COFF imagesnextAndreas Schwab3-1/+3
2022-02-21sbvarsign: do not include PKCS#7 attributesDaniel Axtens1-1/+1
2020-08-18sbkeysync: Don't ignore errors from insert_new_keys()dann frazier1-3/+5
2020-06-11Version 0.9.4v0.9.4James Bottomley1-1/+1
2020-06-06docs: add man page for sbkeysyncJames Bottomley2-2/+5
2020-06-06Enable -Werror for buildsJames Bottomley1-1/+1
2020-06-06Fix errors on 32 bitJames Bottomley2-3/+5
2020-06-06sbverify: refer to unused functionJames Bottomley1-4/+5
2020-06-06sbvarsign: remove unused global variableJames Bottomley1-1/+0
2020-06-06Fix some openssl 1.1.0 deprecated functionsJames Bottomley6-0/+32
2020-06-05Tests: Add intermediate certificate tests to the sign-verify casesJames Bottomley5-13/+70
2020-06-05sbverify: fix verification with intermediate certificatesJames Bottomley1-2/+2
2020-06-05sbsign: allow for adding intermediate certificatesAKASHI Takahiro1-2/+48
2020-01-09Version 0.9.3v0.9.3James Bottomley1-1/+1
2020-01-09README: update git location and add mailing list informationJames Bottomley1-1/+15
2020-01-09sbvarsign: fix "EFI_VARIABLE_AUTHENTICATION_2.TimeStamp.Year" assignmentLaszlo Ersek1-1/+1
2019-07-27Fix PE/COFF checksum calculationSteve McIntyre1-5/+1
2019-01-09Version 0.9.2v0.9.2James Bottomley1-1/+1
2019-01-09src/image.c: remove alignment of regionsJames Bottomley1-2/+1
2019-01-09sbvarsign: use SignedData instead of PKCS7 for authenticated updatesJames Bottomley1-2/+2
2018-02-20Fix Fedora BuildGuy Lunardi2-2/+2
2017-10-28Version 0.9.1v0.9.1James Bottomley1-1/+1
2017-10-28sbsign, sbvarsign: support engine based private keysJames Bottomley4-6/+76
2017-10-19Version 0.9v0.9James Bottomley1-1/+1
2017-10-19Fix Debian 8 and Leap_42.1 buildsJames Bottomley1-0/+3
2017-10-19tests: Fix up to work on arbitrary architecturesJames Bottomley5-38/+56
2017-10-19tests/detach-remove.sh: fix for i386 pecoff size problemsJames Bottomley1-1/+5
2017-10-19tests: fix up the generation of the test pecoff binary for gcc-7.2James Bottomley3-126/+7
2017-10-19tests: fix signature resign/reattach test problemsJames Bottomley2-2/+10
2017-10-19Update OpenSSL API usage to support OpenSSL 1.1Ben Hutchings2-18/+41
2017-10-19make check: fix test environment problemJames Bottomley1-1/+2
2017-10-19Add OPENSSL_config(NULL) to each binary to load openssl.cnfJames Bottomley5-0/+10
2016-02-14Version: 0.8v0.8James Bottomley1-1/+1
2016-02-12sbkeysync: don't include efi.hJames Bottomley1-2/+0
2016-02-12configure: build on armJames Bottomley1-1/+1
2016-01-27sbverify: Clear out content for the signature we're buildingMathieu Trudel-Lapierre1-0/+4
2016-01-27Handle odd buffer lengths in checksumLinn Crosetto1-4/+7
2016-01-27Support openssl 1.0.2b and aboveSteve Langasek1-0/+1
2016-01-27sbsigntool: add support for ARM and Aarch64 PE/COFF imagesArd Biesheuvel2-5/+9
2016-01-27sbsigntool: fix handling of zero sized sectionsArd Biesheuvel1-17/+18
2016-01-27sbsigntool: remove doubly defined IMAGE_FILE_MACHINE_AMD64Ard Biesheuvel1-1/+0
2016-01-27sbverify: add extra expiry errors to ignoreJames Bottomley1-1/+4
2016-01-27Update the PE checksum field using the somewhat-underdocumentedSteve Langasek2-1/+62
2015-01-06OBS add correcting definition of EFI_ARCHJames Bottomley1-1/+1
2014-12-19Version 0.7v0.7James Bottomley1-1/+1
2014-12-19sbsign, sbattach, sbverify: add multiple signature supportJames Bottomley5-125/+208
2014-12-19sbverify: fix verificationJames Bottomley1-3/+6
2014-12-19Clear ssl errors after loading everytingJames Bottomley5-2/+26
2014-12-19Fix for multi-signJames Bottomley1-1/+7
2014-12-19image.c: clear image variableJames Bottomley1-0/+1
2012-11-14sbkeysync: add corrected efivars magicJeremy Kerr1-2/+3
2012-10-11Version 0.6Jeremy Kerr1-1/+1
2012-10-11sbverify: explicitly trust all certificates given in --cert argumentsJeremy Kerr1-0/+18
2012-10-10sbverify: Add --verbose optionJeremy Kerr1-0/+67
2012-10-10Version 0.5Jeremy Kerr1-1/+1
2012-10-08sbkeysync: change default efivarfs mountpoint to /sys/.../efivars/Jeremy Kerr2-1/+11
2012-10-02Version 0.4Jeremy Kerr1-1/+1
2012-10-02image: improve handling of unaligned section tablesJeremy Kerr1-0/+22
2012-10-02image: use data_size in cert table headerJeremy Kerr1-1/+1
2012-09-28image: improve section table parsingJeremy Kerr1-1/+10
2012-09-28image: Allow variable sized data directoriesJeremy Kerr2-28/+44
2012-09-05sbvarsign: fix incorrect pointer in add_auth_descriptorJeremy Kerr1-1/+1
2012-09-05sbvarsign: auth descriptor hash does not cover the \0 in the varnameJeremy Kerr1-4/+2
2012-08-24sbkeysync: fix siglist iterationJeremy Kerr1-2/+2
2012-08-24sbvarsign: Improve default GUID choiceJeremy Kerr2-5/+22
2012-08-24skkeysync: Add PK-handing codeJeremy Kerr1-8/+68
2012-08-24sbkeysync: Refactor signature database data structuresJeremy Kerr1-167/+137
2012-08-24sbkeysync: fix invalid free in keystore_read_entryJeremy Kerr1-5/+3
2012-08-24sbkeysync: Improve error handling in read_firmware_key_databaseJeremy Kerr1-3/+15
2012-08-24sbkeysync: insert new keysJeremy Kerr1-0/+92
2012-08-24sbkeysync: print keystore before key databasesJeremy Kerr1-4/+5
2012-08-24sbkeysync: Find keys missing from firmware key databasesJeremy Kerr1-0/+92
2012-08-24sbkeysync: Rename struct keystore_entry->list to keystore_listJeremy Kerr1-5/+5
2012-08-24sbkeysync: Generate and print key descriptionsJeremy Kerr1-13/+18
2012-08-24sbkeysync: add comment to sigdb_iterateJeremy Kerr1-0/+8
2012-08-24sbkeysync: Change key_id to key_parseJeremy Kerr1-37/+25
2012-08-24sbkeysync: Print filesystem key databasesJeremy Kerr1-1/+13
2012-08-24sbkeysync: read keystore into kdb->filesystem_keysJeremy Kerr1-13/+138
2012-08-24sbkeysync: Unify key_databaseJeremy Kerr1-71/+54
2012-08-24sbkeysync: Add key_database->filesystem_keysJeremy Kerr1-4/+6
2012-08-24sbkeysync: keystore -> fs_keystoreJeremy Kerr1-15/+15
2012-08-24sbkeysync: pass data buffer (instead of EFI_SIGNATURE_DATA) to key_idJeremy Kerr1-15/+14
2012-08-24sbkeysync: add keystore_entry->rootJeremy Kerr1-4/+6
2012-08-24sbkeysync: Add --keystore and --no-default-keystores optionsJeremy Kerr1-6/+40
2012-08-24sbkeysync: Add --verbose option and conditionally print debug outputJeremy Kerr1-11/+27
2012-08-24sbkeysync: Add keystore parsing functionsJeremy Kerr1-4/+124
2012-08-24sbkeysync: Add --efivars-dir option to specific different locations for var f...Jeremy Kerr1-12/+24
2012-08-24sbkeysync: Add X509 key parsingJeremy Kerr1-0/+46
2012-08-24sbkeysync: Add key ID data to print_key_database()Jeremy Kerr1-2/+7
2012-08-24sbkeysync: read & print signature databasesJeremy Kerr2-1/+403
2012-08-24Move EFI_CERT types to efivars.hJeremy Kerr2-10/+11
2012-08-24fileio: Add fileio_read_file_noerror()Jeremy Kerr2-16/+27
2012-08-23sbvarsign: Start with a default set of variable attributesJeremy Kerr1-5/+17
2012-08-23efivars: Move EFI_VARIABLE_* attributes to efivars.hJeremy Kerr2-7/+26
2012-08-22sbsiglist: fix signature size checkJeremy Kerr1-3/+2
2012-08-22sbvarsign: WIN_CERTIFICATE.dwLength should include the header sizeJeremy Kerr1-1/+1
2012-08-22sbvarsign: Fix invalid sizeof() for zeroing timestamp dataJeremy Kerr1-1/+1
2012-08-22sbsiglist: check for owner and type argumentsJeremy Kerr1-0/+12
2012-08-14sbsiglist: Fix SignatureSizeJeremy Kerr1-1/+1
2012-08-13image: use fileio_write_fileJeremy Kerr1-12/+1
2012-08-13Remove unused gen-keyfiles sourceJeremy Kerr1-216/+0
2012-08-13docs: Create man pages for sbvarsign & sbsiglistJeremy Kerr3-2/+7
2012-08-13Move sources to src/ subdirectoryJeremy Kerr22-46/+47
2012-08-13image: Use size of image data when writing imagesJeremy Kerr4-4/+26
2012-08-13image: always parse image regionsJeremy Kerr4-31/+30
2012-08-13Include efivars.h in automake infrastructureJeremy Kerr1-1/+2
2012-08-13tests: run tests for each archJeremy Kerr18-59/+136
2012-08-13image: Allow manipulation of i386 PE/COFF filesJeremy Kerr2-23/+89
2012-08-10Remove arch-specific coff headersJeremy Kerr5-134/+2
2012-08-10image: Prevent an uninitialized variable warningMaxim Kammerer1-0/+1
2012-08-10sbsiglist: Add utility for creating EFI_SIGNATURE_LISTsJeremy Kerr3-1/+295
2012-08-10fileio: Add fileio_write_fileJeremy Kerr2-0/+21
2012-08-10efivars: rename efi variable headerJeremy Kerr2-1/+1
2012-08-03fileio: Unify whole-file readsJeremy Kerr7-156/+88
2012-08-03fileio: Unify key & cert loadingJeremy Kerr6-88/+138
2012-08-03image: add functions to add and remove signaturesJeremy Kerr7-12/+56
2012-08-02sbattach: fix --detachJeremy Kerr3-4/+31
2012-08-02sbattach: fix missing openssl/evp.h headerJeremy Kerr1-0/+1
2012-08-02sbvarsign: First cut of a variable-signing toolJeremy Kerr5-3/+706
2012-06-28Version 0.3Jeremy Kerr1-1/+1
2012-06-28license: Add OpenSSL exception to GPLv3 termsJeremy Kerr9-621/+744
2012-06-28COPYING: remove non-license textJeremy Kerr1-53/+0
2012-06-28image: fix signature calculation when there's junk at the end of the efi binaryJames Bottomley1-4/+17
2012-06-28tests: Add test for PE/COFF cert table header validityJeremy Kerr2-1/+73
2012-06-28image: fix incorrect assumption about signature headerJames Bottomley2-2/+3
2012-06-28sbsign: handle errors from PKCS7_sign_add_signer()Jeremy Kerr1-0/+5
2012-06-27sbsign: fix failure to sign when key is password protectedJames Bottomley1-0/+1
2012-06-20configure: Add check for bfh.hIvan Hu1-0/+4
2012-06-19tests: Add a test to check invalid PKCS7 signature attachingIvan Hu2-1/+17
2012-06-19sbattach: Check that attached signatures are valid PKCS7 dataIvan Hu1-0/+25
2012-06-14sbverify: Use a variable for image filenameJeremy Kerr1-4/+6
2012-06-13image: Unconditionally parse PE/COFF dataJeremy Kerr5-52/+51
2012-06-13sbverify: Check for failed image loadJeremy Kerr1-0/+5
2012-06-13tests: Add tests for missing image, cert & key filesJeremy Kerr6-1/+68
2012-06-13tests: Execute tests in a clean (temporary) directoryJeremy Kerr4-17/+22
2012-06-13tests: Use COMPILE.S for assembing test objectJeremy Kerr1-1/+1
2012-06-13Version 0.2Jeremy Kerr1-1/+1
2012-06-13docs: Add simple manpage for sbattachJeremy Kerr2-2/+4
2012-06-13automake: Clean generated man filesJeremy Kerr1-0/+1
2012-06-13tests: Add a few simple testsJeremy Kerr9-2/+158
2012-06-13Remove unused test.c fileJeremy Kerr1-2/+0
2012-06-12sbattach: Add too to manage detached signaturesJeremy Kerr2-1/+241
2012-06-12image: Add facility to write unsigned imagesJeremy Kerr3-12/+23
2012-06-11sbsign,sbverify: Update getopt_long optstringsJeremy Kerr2-2/+2
2012-06-11sbverify: Add support for detached signaturesJeremy Kerr1-3/+64
2012-06-11sbverify: Split image signature table reading to separate functionJeremy Kerr1-8/+26
2012-06-11Fix warnings from added -W flagsJeremy Kerr3-10/+40
2012-06-11automake: Add -Wall -Wextra CFLAGSJeremy Kerr1-2/+4
2012-06-11sbsign: Add --detached option to create detached PKCS7 signaturesJeremy Kerr3-3/+37
2012-06-11sbsign: fix flag for verbose operationJeremy Kerr1-1/+1
2012-06-11docs: Fix manpage creationJeremy Kerr2-2/+3
2012-05-29autogen.sh: Fix ccan_module assignmentAdam Conrad1-1/+1
2012-05-28image: use read_write_all from ccanJeremy Kerr2-38/+12
2012-05-28image: Fix format specifier for 32-bit buildsJeremy Kerr1-2/+2
2012-05-28autoconfiscateJeremy Kerr7-112/+129
2012-05-24docs: Add initial manpagesJeremy Kerr3-2/+17
2012-05-24sbsign,sbverify: help2man-ize usage outputJeremy Kerr3-15/+47
2012-05-24Makefile: Add dist targetsJeremy Kerr1-0/+24
2012-05-24ccan: Add ccan import logicJeremy Kerr2-3/+32
2012-05-24Move ccan submoduleJeremy Kerr3-3/+2
2012-05-15Remove unused headerJeremy Kerr1-12/+0
2012-05-14Remove pkcs7-simple test fileJeremy Kerr1-59/+0
2012-05-14Makefile: add install targetJeremy Kerr1-0/+12
2012-05-14Makefile: Comment componentsJeremy Kerr1-2/+3
2012-05-14sbverify: clean up openssl initJeremy Kerr1-3/+1
2012-05-14sbverify: add check for invalid PKCS7 dataJeremy Kerr1-2/+7
2012-05-14sbverify: Add certificate chain verificationJeremy Kerr1-6/+100
2012-05-12verify: move idc-related parsing to idc.cJeremy Kerr3-27/+46
2012-05-12sbsign: fix incorrect check for certificate loadJeremy Kerr1-1/+1
2012-05-12image: reformat gap warningsJeremy Kerr1-3/+13
2012-05-12image: add cert table to image sizeJeremy Kerr1-1/+1
2012-05-12sbverify: Add check for image hashJeremy Kerr4-5/+77
2012-05-12sbverify: check for presence of signature tableJeremy Kerr1-0/+6
2012-05-12Makefile: add $(tools) varJeremy Kerr1-2/+4
2012-05-12sbsigntool -> sbsignJeremy Kerr2-4/+4
2012-05-12image: open output file with O_TRUNCJeremy Kerr1-1/+1
2012-04-24sbsigntooL: expand usage infoJeremy Kerr1-1/+10
2012-04-24Add GPLv3 text in COPYINGJeremy Kerr1-0/+674
2012-04-24coff: remove unneeded coff includesJeremy Kerr37-8435/+0
2012-04-23Add copyright commentsJeremy Kerr7-2/+126
2012-04-23image: warn about potential checksum differencesJeremy Kerr1-1/+14
2012-04-23idc: allocate using the image contextJeremy Kerr1-2/+2
2012-04-23Initial commitJeremy Kerr56-0/+11468
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-29 10:38:05 +0000