efiencrypt 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -1
- package/{build-laCVTTyp.js → build-BfNzd1Cv.js} +677 -208
- package/efiencrypt +3 -3
- package/{extract-BW1V8DVW.js → extract-BvhlZgSs.js} +1 -1
- package/handlers.d.ts +4 -0
- package/index.js +1 -1
- package/package.json +1 -1
- package/schema.json +1 -1
- package/type.d.ts +16 -1
package/efiencrypt
CHANGED
|
@@ -5,7 +5,7 @@ import require$$2, { join, resolve } from "node:path";
|
|
|
5
5
|
import require$$3 from "node:fs";
|
|
6
6
|
import require$$4 from "node:process";
|
|
7
7
|
import { createRequire } from "node:module";
|
|
8
|
-
import { b as build } from "./build-
|
|
8
|
+
import { b as build } from "./build-BfNzd1Cv.js";
|
|
9
9
|
function getDefaultExportFromCjs(x) {
|
|
10
10
|
return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, "default") ? x["default"] : x;
|
|
11
11
|
}
|
|
@@ -3458,8 +3458,8 @@ const {
|
|
|
3458
3458
|
Help
|
|
3459
3459
|
} = commander;
|
|
3460
3460
|
const name = "efiencrypt";
|
|
3461
|
-
const version = "1.
|
|
3462
|
-
const description = "Encrypts an EFI binary using a hash derived from user-defined data (random data, disk sectors, SMBIOS fields, ...)";
|
|
3461
|
+
const version = "1.1.0";
|
|
3462
|
+
const description = "Encrypts an EFI binary using a hash derived from user-defined data (random data, disk sectors, SMBIOS fields, EFI variables, ...). The resulting EFI can also optionally embed secure boot keys to enroll if the system is in setup mode.";
|
|
3463
3463
|
program.name(name).description(description).showHelpAfterError(true).option("-c, --config-file <configFile>", "configuration file").option("-i, --input-file <inputFile>", "path to the input efi file to embed").option("-o, --output-file <outputFile>", "path to the output efi file to write").option("-s, --smbios <smbios>", "path to the input smbios dump file").option("-b, --build-folder <buildFolder>", "folder where to build the code").option("--skip-gen-code", "skip generating code").option("--skip-extract", "skip extracting source code").option("--skip-make", "skip calling make").version(version).action(async (options) => {
|
|
3464
3464
|
try {
|
|
3465
3465
|
let config = {};
|
|
@@ -11758,7 +11758,7 @@ ENTRY(efi_call10)
|
|
|
11758
11758
|
const __vite_glob_0_175 = '/*++\n\nCopyright (c) 1998 Intel Corporation\n\nModule Name:\n\n initplat.c\n\nAbstract:\n\n\n\n\nRevision History\n\n--*/\n\n#include "lib.h"\n\nVOID\nInitializeLibPlatform (\n IN EFI_HANDLE ImageHandle EFI_UNUSED,\n IN EFI_SYSTEM_TABLE *SystemTable EFI_UNUSED\n )\n{\n}\n\n';
|
|
11759
11759
|
const __vite_glob_0_176 = '/*++\n\nCopyright (c) 1998 Intel Corporation\n\nModule Name:\n\n math.c\n\nAbstract:\n\n\n\n\nRevision History\n\n--*/\n\n#include "lib.h"\n\n\n//\n// Declare runtime functions\n//\n\n#ifdef RUNTIME_CODE\n#ifndef __GNUC__\n#pragma RUNTIME_CODE(LShiftU64)\n#pragma RUNTIME_CODE(RShiftU64)\n#pragma RUNTIME_CODE(MultU64x32)\n#pragma RUNTIME_CODE(DivU64x32)\n#endif\n#endif\n\n//\n//\n//\n\nUINT64\nLShiftU64 (\n IN UINT64 Operand,\n IN UINTN Count\n )\n// Left shift 64bit by 32bit and get a 64bit result\n{\n#if defined(__GNUC__) || defined(_MSC_EXTENSIONS)\n return Operand << Count;\n#else\n UINT64 Result;\n _asm {\n mov eax, dword ptr Operand[0]\n mov edx, dword ptr Operand[4]\n mov ecx, Count\n and ecx, 63\n\n shld edx, eax, cl\n shl eax, cl\n\n cmp ecx, 32\n jc short ls10\n\n mov edx, eax\n xor eax, eax\n\nls10:\n mov dword ptr Result[0], eax\n mov dword ptr Result[4], edx\n }\n\n return Result;\n#endif\n}\n\nUINT64\nRShiftU64 (\n IN UINT64 Operand,\n IN UINTN Count\n )\n// Right shift 64bit by 32bit and get a 64bit result\n{\n#if defined(__GNUC__) || defined(_MSC_EXTENSIONS)\n return Operand >> Count;\n#else\n UINT64 Result;\n _asm {\n mov eax, dword ptr Operand[0]\n mov edx, dword ptr Operand[4]\n mov ecx, Count\n and ecx, 63\n\n shrd eax, edx, cl\n shr edx, cl\n\n cmp ecx, 32\n jc short rs10\n\n mov eax, edx\n xor edx, edx\n\nrs10:\n mov dword ptr Result[0], eax\n mov dword ptr Result[4], edx\n }\n\n return Result;\n#endif\n}\n\n\nUINT64\nMultU64x32 (\n IN UINT64 Multiplicand,\n IN UINTN Multiplier\n )\n// Multiple 64bit by 32bit and get a 64bit result\n{\n#if defined(__GNUC__) || defined(_MSC_EXTENSIONS)\n return Multiplicand * Multiplier;\n#else\n UINT64 Result;\n _asm {\n mov eax, dword ptr Multiplicand[0]\n mul Multiplier\n mov dword ptr Result[0], eax\n mov dword ptr Result[4], edx\n mov eax, dword ptr Multiplicand[4]\n mul Multiplier\n add dword ptr Result[4], eax\n }\n\n return Result;\n#endif\n}\n\nUINT64\nDivU64x32 (\n IN UINT64 Dividend,\n IN UINTN Divisor,\n OUT UINTN *Remainder OPTIONAL\n )\n// divide 64bit by 32bit and get a 64bit result\n// N.B. only works for 31bit divisors!!\n{\n#if defined(__GNUC__) || defined(_MSC_EXTENSIONS)\n if (Remainder)\n *Remainder = Dividend % Divisor;\n return Dividend / Divisor;\n#else\n UINT32 Rem;\n UINT32 bit; \n\n ASSERT (Divisor != 0);\n ASSERT ((Divisor >> 31) == 0);\n\n //\n // For each bit in the dividend\n //\n\n Rem = 0;\n for (bit=0; bit < 64; bit++) {\n _asm {\n shl dword ptr Dividend[0], 1 ; shift rem:dividend left one\n rcl dword ptr Dividend[4], 1 \n rcl dword ptr Rem, 1 \n\n mov eax, Rem\n cmp eax, Divisor ; Is Rem >= Divisor?\n cmc ; No - do nothing\n sbb eax, eax ; Else, \n sub dword ptr Dividend[0], eax ; set low bit in dividen\n and eax, Divisor ; and\n sub Rem, eax ; subtract divisor \n }\n }\n\n if (Remainder) {\n *Remainder = Rem;\n }\n\n return Dividend;\n#endif\n}\n';
|
|
11760
11760
|
const __vite_glob_0_177 = ' .text\n .globl setjmp\n#ifndef __MINGW32__\n .type setjmp, @function\n#else\n .def setjmp; .scl 2; .type 32; .endef\n#endif\nsetjmp:\n pop %rsi\n movq %rbx,0x00(%rdi)\n movq %rsp,0x08(%rdi)\n push %rsi\n movq %rbp,0x10(%rdi)\n movq %r12,0x18(%rdi)\n movq %r13,0x20(%rdi)\n movq %r14,0x28(%rdi)\n movq %r15,0x30(%rdi)\n movq %rsi,0x38(%rdi)\n xor %rax,%rax\n ret\n\n .globl longjmp\n#ifndef __MINGW32__\n .type longjmp, @function\n#else\n .def longjmp; .scl 2; .type 32; .endef\n#endif\nlongjmp:\n movl %esi, %eax\n movq 0x00(%rdi), %rbx\n movq 0x08(%rdi), %rsp\n movq 0x10(%rdi), %rbp\n movq 0x18(%rdi), %r12\n movq 0x20(%rdi), %r13\n movq 0x28(%rdi), %r14\n movq 0x30(%rdi), %r15\n xor %rdx,%rdx\n mov $1,%rcx\n cmp %rax,%rdx\n cmove %rcx,%rax\n jmp *0x38(%rdi)\n\n#if defined(__ELF__) && defined(__linux__)\n .section .note.GNU-stack,"",%progbits\n#endif\n';
|
|
11761
|
-
const __vite_glob_0_178 = '#include <efi.h>\n#include <efilib.h>\n#include "aes.h"\n#include "gen-code.h"\n\nwchar_t *errorMsg = L"Error %d: %r\\n";\n\nEFI_STATUS\nefi_main(EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *system_table)\n{\n EFI_STATUS status = 0;\n\n InitializeLib(image_handle, system_table);\n\n UINT8 *payload = AllocatePool(enc_payload_len);\n CHECK_ERROR(!payload);\n\n sha256_context_t hash;\n sha256_init(&hash);\n status = gen_compute_hash(&hash, image_handle);\n sha256_finalize(&hash);\n\n aes_context_t decCTX;\n aes_context_init(&decCTX, (uint8_t *)hash.hash);\n aes_cbc_decrypt(\n &decCTX,\n iv,\n enc_payload,\n enc_payload_len,\n payload);\n sha256_init(&hash); // erase the key just after decryption\n size_t payload_len = aes_remove_padding(payload, enc_payload_len);\n\n EFI_HANDLE payloadHandle = NULL;\n status = uefi_call_wrapper(gBS->LoadImage, 6,\n FALSE,\n image_handle,\n
|
|
11761
|
+
const __vite_glob_0_178 = '#include <efi.h>\n#include <efilib.h>\n#include "aes.h"\n#include "gen-code.h"\n\nwchar_t *errorMsg = L"Error %d: %r\\n";\n\nEFI_STATUS\nefi_main(EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *system_table)\n{\n EFI_STATUS status = 0;\n\n InitializeLib(image_handle, system_table);\n\n UINT8 *payload = AllocatePool(enc_payload_len);\n CHECK_ERROR(!payload);\n\n sha256_context_t hash;\n sha256_init(&hash);\n status = gen_compute_hash(&hash, image_handle);\n sha256_finalize(&hash);\n\n aes_context_t decCTX;\n aes_context_init(&decCTX, (uint8_t *)hash.hash);\n aes_cbc_decrypt(\n &decCTX,\n iv,\n enc_payload,\n enc_payload_len,\n payload);\n sha256_init(&hash); // erase the key just after decryption\n size_t payload_len = aes_remove_padding(payload, enc_payload_len);\n\n EFI_GUID GUID_LOADED_IMAGE = EFI_LOADED_IMAGE_PROTOCOL_GUID;\n EFI_GUID GUID_DEVICE_PATH = EFI_DEVICE_PATH_PROTOCOL_GUID;\n EFI_LOADED_IMAGE_PROTOCOL *loadedImage = NULL;\n EFI_DEVICE_PATH_PROTOCOL *bootDevice = NULL;\n HANDLE_PROTOCOL(image_handle, GUID_LOADED_IMAGE, &loadedImage);\n if (loadedImage) {\n HANDLE_PROTOCOL(loadedImage->DeviceHandle, GUID_DEVICE_PATH, &bootDevice);\n }\n\n EFI_HANDLE payloadHandle = NULL;\n status = uefi_call_wrapper(gBS->LoadImage, 6,\n FALSE,\n image_handle,\n bootDevice,\n payload,\n payload_len,\n &payloadHandle);\n CHECK_ERROR(!payloadHandle);\n\n FREE_POOL(payload);\n\n status = uefi_call_wrapper(gBS->StartImage, 3, payloadHandle, NULL, NULL);\n CHECK_ERROR(0);\n\n return 0;\n}\n';
|
|
11762
11762
|
const __vite_glob_0_179 = `/*
|
|
11763
11763
|
* SHA-256 hash in x86-64 assembly
|
|
11764
11764
|
*
|
package/handlers.d.ts
CHANGED
package/index.js
CHANGED
package/package.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"name":"efiencrypt","version":"1.
|
|
1
|
+
{"name":"efiencrypt","version":"1.1.0","description":"Encrypts an EFI binary using a hash derived from user-defined data (random data, disk sectors, SMBIOS fields, EFI variables, ...). The resulting EFI can also optionally embed secure boot keys to enroll if the system is in setup mode.","type":"module","license":"MIT","bin":{"efiencrypt":"efiencrypt"},"repository":{"url":"https://github.com/davdiv/efiencrypt"},"keywords":{"0":"uefi","1":"encrypt","2":"efi","3":"secure-boot","4":"smbios"},"exports":{".":{"types":"./index.d.ts","default":"./index.js"},"./smbios":{"types":"./smbios.d.ts","default":"./smbios.js"},"./schema.json":"./schema.json"}}
|
package/schema.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"type":"object","properties":{"$schema":{"type":"string"},"inputFile":{"description":"Path to the input efi file to embed.","type":"string"},"outputFile":{"description":"Path to the output efi file to write.","type":"string"},"skipGenCode":{"description":"Whether to skip generating code","type":"boolean"},"skipExtract":{"description":"Whether to skip extracting source code\n(can be useful if the extraction was already done)","type":"boolean"},"skipMake":{"description":"Whether to skip calling make\n(can be useful to change the code before calling make)","type":"boolean"},"buildFolder":{"description":"Folder where to build the code.\nDefaults to a temporary folder that is removed when the build is finished.","type":"string"},"hashComponents":{"description":"Data to include in the hash for encryption.","type":"array","items":{"$ref":"#/definitions/HashComponent"}},"smbios":{"description":"Path to the input smbios dump file.\nCan be produced by: dmidecode --dump-bin <filePath>","type":"string"}},"additionalProperties":false,"required":["inputFile"],"definitions":{"HashComponent":{"anyOf":[{"$ref":"#/definitions/HashComponentRandom"},{"$ref":"#/definitions/HashComponentSmbios"},{"$ref":"#/definitions/HashComponentHardDiskData"},{"$ref":"#/definitions/HashComponentHardDiskSize"},{"$ref":"#/definitions/HashComponentFileData"},{"$ref":"#/definitions/HashComponentFileSize"},{"$ref":"#/definitions/HashComponentMiscStringData"}]},"HashComponentRandom":{"type":"object","properties":{"type":{"type":"string","const":"random"},"length":{"type":"number"}},"additionalProperties":false,"required":["length","type"]},"HashComponentSmbios":{"type":"object","properties":{"type":{"type":"string","const":"smbios"},"ref":{"$ref":"#/definitions/SmbiosFieldRef"},"value":{"type":"string"}},"additionalProperties":false,"required":["ref","type"]},"SmbiosFieldRef":{"anyOf":[{"type":"object","properties":{"table":{"$ref":"#/definitions/SmbiosTableRef"},"offset":{"type":"number"},"type":{"enum":["byte","dword","qword","string","uuid","word"],"type":"string"}},"additionalProperties":false,"required":["offset","table","type"]},{"enum":["baseboard-asset-tag","baseboard-manufacturer","baseboard-product-name","baseboard-serial-number","baseboard-version","bios-release-date","bios-revision","bios-vendor","bios-version","chassis-asset-tag","chassis-manufacturer","chassis-serial-number","chassis-version","processor-manufacturer","processor-version","system-family","system-manufacturer","system-product-name","system-serial-number","system-sku-number","system-uuid","system-version"],"type":"string"}]},"SmbiosTableRef":{"anyOf":[{"type":"object","properties":{"handle":{"type":"number"}},"additionalProperties":false,"required":["handle"]},{"type":"object","properties":{"type":{"type":"number"},"index":{"type":"number"}},"additionalProperties":false,"required":["type"]},{"enum":["32-bit Memory Error","64-bit Memory Error","Additional Information","Baseboard","Boot Integrity Services","Built-in Pointing Device","Cache","Chassis","Cooling Device","Electrical Current Probe","Firmware Inventory","Firmware Language","Group Associations","Hardware Security","IPMI Device","Management Controller Host Interface","Management Device","Management Device Component","Management Device Threshold Data","Memory Array Mapped Address","Memory Channel","Memory Controller","Memory Device","Memory Device Mapped Address","Memory Module","OEM Strings","Onboard Devices","Onboard Devices Extended Information","Out-of-band Remote Access","Physical Memory Array","Platform Firmware","Port Connector","Portable Battery","Power Supply","Processor","Processor Additional Information","String Property","System","System Boot","System Configuration Options","System Event Log","System Power Controls","System Reset","System Slots","TPM Device","Temperature Probe","Voltage Probe"],"type":"string"},{"type":"number"}]},"HashComponentHardDiskData":{"type":"object","properties":{"type":{"type":"string","const":"hd-data"},"device":{"type":"string"},"offsetRef":{"enum":["end","start"],"type":"string"},"offset":{"$ref":"#/definitions/BigNumber"},"value":{"anyOf":[{"$ref":"#/definitions/BinaryDataFromFile"},{"$ref":"#/definitions/BinaryDataFromLiteral"},{"$ref":"#/definitions/BinaryDataFromBuffer"},{"$ref":"#/definitions/BinaryMissingData"}]}},"additionalProperties":false,"required":["offset","offsetRef","type","value"]},"BigNumber":{"type":["string","number"]},"
|
|
1
|
+
{"type":"object","properties":{"$schema":{"type":"string"},"inputFile":{"description":"Path to the input efi file to embed.","type":"string"},"outputFile":{"description":"Path to the output efi file to write.","type":"string"},"skipGenCode":{"description":"Whether to skip generating code","type":"boolean"},"skipExtract":{"description":"Whether to skip extracting source code\n(can be useful if the extraction was already done)","type":"boolean"},"skipMake":{"description":"Whether to skip calling make\n(can be useful to change the code before calling make)","type":"boolean"},"buildFolder":{"description":"Folder where to build the code.\nDefaults to a temporary folder that is removed when the build is finished.","type":"string"},"hashComponents":{"description":"Data to include in the hash for encryption.","type":"array","items":{"$ref":"#/definitions/HashComponent"}},"smbios":{"description":"Path to the input smbios dump file.\nCan be produced by: dmidecode --dump-bin <filePath>","type":"string"},"enrollSecureBoot":{"description":"Secure boot keys to enroll automatically if the system is in setup mode.","$ref":"#/definitions/SecureBootEnrollConfig"}},"additionalProperties":false,"required":["inputFile"],"definitions":{"HashComponent":{"anyOf":[{"$ref":"#/definitions/HashComponentRandom"},{"$ref":"#/definitions/HashEfiVariable"},{"$ref":"#/definitions/HashComponentSmbios"},{"$ref":"#/definitions/HashComponentHardDiskData"},{"$ref":"#/definitions/HashComponentHardDiskSize"},{"$ref":"#/definitions/HashComponentFileData"},{"$ref":"#/definitions/HashComponentFileSize"},{"$ref":"#/definitions/HashComponentMiscStringData"}]},"HashComponentRandom":{"type":"object","properties":{"type":{"type":"string","const":"random"},"length":{"type":"number"}},"additionalProperties":false,"required":["length","type"]},"HashEfiVariable":{"type":"object","properties":{"type":{"type":"string","const":"efivar"},"guid":{"type":"string"},"name":{"type":"string"},"value":{"$ref":"#/definitions/BinaryData"}},"additionalProperties":false,"required":["guid","name","type","value"]},"BinaryData":{"anyOf":[{"$ref":"#/definitions/BinaryDataFromFile"},{"$ref":"#/definitions/BinaryDataFromLiteral"},{"$ref":"#/definitions/BinaryDataFromBuffer"}]},"BinaryDataFromFile":{"type":"object","properties":{"type":{"type":"string","const":"file"},"file":{"type":"string"},"offset":{"type":"number"},"size":{"type":"number"}},"additionalProperties":false,"required":["file","type"]},"BinaryDataFromLiteral":{"type":"object","properties":{"type":{"$ref":"#/definitions/global.BufferEncoding"},"buffer":{"type":"string"}},"additionalProperties":false,"required":["buffer","type"]},"global.BufferEncoding":{"enum":["ascii","base64","base64url","binary","hex","latin1","ucs-2","ucs2","utf-16le","utf-8","utf16le","utf8"],"type":"string"},"BinaryDataFromBuffer":{"type":"object","properties":{"type":{"type":"string","const":"buffer"},"buffer":{"type":"object"}},"additionalProperties":false,"required":["buffer","type"]},"HashComponentSmbios":{"type":"object","properties":{"type":{"type":"string","const":"smbios"},"ref":{"$ref":"#/definitions/SmbiosFieldRef"},"value":{"type":"string"}},"additionalProperties":false,"required":["ref","type"]},"SmbiosFieldRef":{"anyOf":[{"type":"object","properties":{"table":{"$ref":"#/definitions/SmbiosTableRef"},"offset":{"type":"number"},"type":{"enum":["byte","dword","qword","string","uuid","word"],"type":"string"}},"additionalProperties":false,"required":["offset","table","type"]},{"enum":["baseboard-asset-tag","baseboard-manufacturer","baseboard-product-name","baseboard-serial-number","baseboard-version","bios-release-date","bios-revision","bios-vendor","bios-version","chassis-asset-tag","chassis-manufacturer","chassis-serial-number","chassis-version","processor-manufacturer","processor-version","system-family","system-manufacturer","system-product-name","system-serial-number","system-sku-number","system-uuid","system-version"],"type":"string"}]},"SmbiosTableRef":{"anyOf":[{"type":"object","properties":{"handle":{"type":"number"}},"additionalProperties":false,"required":["handle"]},{"type":"object","properties":{"type":{"type":"number"},"index":{"type":"number"}},"additionalProperties":false,"required":["type"]},{"enum":["32-bit Memory Error","64-bit Memory Error","Additional Information","Baseboard","Boot Integrity Services","Built-in Pointing Device","Cache","Chassis","Cooling Device","Electrical Current Probe","Firmware Inventory","Firmware Language","Group Associations","Hardware Security","IPMI Device","Management Controller Host Interface","Management Device","Management Device Component","Management Device Threshold Data","Memory Array Mapped Address","Memory Channel","Memory Controller","Memory Device","Memory Device Mapped Address","Memory Module","OEM Strings","Onboard Devices","Onboard Devices Extended Information","Out-of-band Remote Access","Physical Memory Array","Platform Firmware","Port Connector","Portable Battery","Power Supply","Processor","Processor Additional Information","String Property","System","System Boot","System Configuration Options","System Event Log","System Power Controls","System Reset","System Slots","TPM Device","Temperature Probe","Voltage Probe"],"type":"string"},{"type":"number"}]},"HashComponentHardDiskData":{"type":"object","properties":{"type":{"type":"string","const":"hd-data"},"device":{"type":"string"},"offsetRef":{"enum":["end","start"],"type":"string"},"offset":{"$ref":"#/definitions/BigNumber"},"value":{"anyOf":[{"$ref":"#/definitions/BinaryDataFromFile"},{"$ref":"#/definitions/BinaryDataFromLiteral"},{"$ref":"#/definitions/BinaryDataFromBuffer"},{"$ref":"#/definitions/BinaryMissingData"}]}},"additionalProperties":false,"required":["offset","offsetRef","type","value"]},"BigNumber":{"type":["string","number"]},"BinaryMissingData":{"type":"object","properties":{"type":{"type":"string","const":"missing"},"size":{"type":"number"}},"additionalProperties":false,"required":["type"]},"HashComponentHardDiskSize":{"type":"object","properties":{"type":{"type":"string","const":"hd-size"},"device":{"type":"string"},"value":{"$ref":"#/definitions/BigNumber"}},"additionalProperties":false,"required":["type","value"]},"HashComponentFileData":{"type":"object","properties":{"type":{"type":"string","const":"file-data"},"device":{"type":"string"},"file":{"type":"string"},"offsetRef":{"enum":["end","full","start"],"type":"string"},"offset":{"type":["string","number"]},"value":{"anyOf":[{"$ref":"#/definitions/BinaryDataFromFile"},{"$ref":"#/definitions/BinaryDataFromLiteral"},{"$ref":"#/definitions/BinaryDataFromBuffer"},{"$ref":"#/definitions/BinaryMissingData"}]}},"additionalProperties":false,"required":["file","type","value"]},"HashComponentFileSize":{"type":"object","properties":{"type":{"type":"string","const":"file-size"},"device":{"type":"string"},"file":{"type":"string"},"value":{"$ref":"#/definitions/BigNumber"}},"additionalProperties":false,"required":["file","type","value"]},"HashComponentMiscStringData":{"type":"object","properties":{"type":{"enum":["boot-file","boot-hd-device","boot-partition-device"],"type":"string"},"value":{"type":"string"}},"additionalProperties":false,"required":["type","value"]},"SecureBootEnrollConfig":{"type":"object","properties":{"kek":{"$ref":"#/definitions/BinaryData"},"db":{"$ref":"#/definitions/BinaryData"},"pk":{"$ref":"#/definitions/BinaryData"}},"additionalProperties":false,"required":["db","kek","pk"]}},"$schema":"http://json-schema.org/draft-07/schema#"}
|
package/type.d.ts
CHANGED
|
@@ -26,6 +26,12 @@ export interface HashComponentRandom {
|
|
|
26
26
|
type: "random";
|
|
27
27
|
length: number;
|
|
28
28
|
}
|
|
29
|
+
export interface HashEfiVariable {
|
|
30
|
+
type: "efivar";
|
|
31
|
+
guid: string;
|
|
32
|
+
name: string;
|
|
33
|
+
value: BinaryData;
|
|
34
|
+
}
|
|
29
35
|
export interface HashComponentSmbios {
|
|
30
36
|
type: "smbios";
|
|
31
37
|
ref: SmbiosFieldRef;
|
|
@@ -61,7 +67,12 @@ export interface HashComponentMiscStringData {
|
|
|
61
67
|
type: "boot-hd-device" | "boot-partition-device" | "boot-file";
|
|
62
68
|
value: string;
|
|
63
69
|
}
|
|
64
|
-
export type HashComponent = HashComponentRandom | HashComponentSmbios | HashComponentFileData | HashComponentFileSize | HashComponentHardDiskData | HashComponentHardDiskSize | HashComponentMiscStringData;
|
|
70
|
+
export type HashComponent = HashComponentRandom | HashEfiVariable | HashComponentSmbios | HashComponentFileData | HashComponentFileSize | HashComponentHardDiskData | HashComponentHardDiskSize | HashComponentMiscStringData;
|
|
71
|
+
export interface SecureBootEnrollConfig {
|
|
72
|
+
kek: BinaryData;
|
|
73
|
+
db: BinaryData;
|
|
74
|
+
pk: BinaryData;
|
|
75
|
+
}
|
|
65
76
|
export interface Config {
|
|
66
77
|
$schema?: string;
|
|
67
78
|
/**
|
|
@@ -100,4 +111,8 @@ export interface Config {
|
|
|
100
111
|
* Can be produced by: dmidecode --dump-bin <filePath>
|
|
101
112
|
*/
|
|
102
113
|
smbios?: string;
|
|
114
|
+
/**
|
|
115
|
+
* Secure boot keys to enroll automatically if the system is in setup mode.
|
|
116
|
+
*/
|
|
117
|
+
enrollSecureBoot?: SecureBootEnrollConfig;
|
|
103
118
|
}
|