go-uefi
go-uefi copied to clipboard
Feedback on new crypto primitives and API
Yo,
I'm poking a bunch of people that is currently using this library to help provide feedback before I remove the old code. I assume people are relying on this code in different manners and It's hard for me to keep track.
-
pkcs7 and authenticode is rewritten with
x/crypto/cryptobyte
which is a lot easier to understand and deal with then the old struct based ASN.1 code. -
authenticode
appends signatures and rewrites the binary with severalSectionReader
andio.MultiReader
. I suspect this is the less clever part of the new code instead of reading the file as a byte slice and doing surgery on the file that way. -
efivarfs
is a new abstraction to deal withefivarfs
. -
efivarfs/testfs now has several abstractions to support an in-memory
efivarfs
for testing purposes. - tests is rewritten with vmtest for EDKII/tianocore integration testing.
New code example to sign a binary in the README.md.
Feel free to come with opinions and requests for the rewritten code :)
@zaolin @smoser @werwurm @malt3 @flanfly @robertfairhead @smira @edgrz