]>
git.proxmox.com Git - pve-edk2-firmware.git/blob - debian/python/UEFI/SignedBinary.py
2 # Copyright 2022 Canonical Ltd.
4 # - dann frazier <dann.frazier@canonical.com>
6 # This program is free software: you can redistribute it and/or modify it
7 # under the terms of the GNU General Public License version 3, as published
8 # by the Free Software Foundation.
10 # This program is distributed in the hope that it will be useful, but WITHOUT
11 # ANY WARRANTY; without even the implied warranties of MERCHANTABILITY,
12 # SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 # General Public License for more details.
15 # You should have received a copy of the GNU General Public License along with
16 # this program. If not, see <http://www.gnu.org/licenses/>.
25 def __init__(self
, binary_path
, key_path
, cert_path
, password
=None):
26 openssl_password_args
= []
28 openssl_password_args
= [
29 "-passin", f
"pass:{password}"
31 with tempfile
.NamedTemporaryFile() as keytmp
:
32 subprocess
.check_call(
35 ] + openssl_password_args
+ [
37 "-out", f
"{keytmp.name}",
40 with tempfile
.NamedTemporaryFile(delete
=False) as f
:
43 subprocess
.check_call(
45 "sbsign", "--key", f
"{keytmp.name}",
46 "--cert", f
"{cert_path}",
47 binary_path
, "--output", f
"{self.path}"