GNU bug report logs - #68524
[PATCH 0/2] Support root encryption and secure boot.

Previous Next

Package: guix-patches;

Reported by: Lilah Tascheter <lilah <at> lunabee.space>

Date: Wed, 17 Jan 2024 04:38:02 UTC

Severity: normal

Tags: patch

Full log

View this message in rfc822 format

From: Herman Rimm <herman <at> rimm.ee>
To: 68524 <at> debbugs.gnu.org
Cc: Lilah Tascheter <lilah <at> lunabee.space>
Subject: [bug#68524] [PATCH v3 1/5] gnu: packages: Add pesign.
Date: Wed, 25 Sep 2024 13:11:59 +0200

From: Lilah Tascheter <lilah <at> lunabee.space>

* gnu/packages/efi.scm (pesign): New variable.

Change-Id: I00fcc679d9514c85d508183b9ec7e121e0a814db
---
 gnu/packages/efi.scm | 52 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/gnu/packages/efi.scm b/gnu/packages/efi.scm
index 499745eba1..e5f9d2d6a3 100644
--- a/gnu/packages/efi.scm
+++ b/gnu/packages/efi.scm
@@ -24,8 +24,10 @@ (define-module (gnu packages efi)
   #:use-module (gnu packages bash)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages man)
+  #:use-module (gnu packages nss)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages popt)
   #:use-module (gnu packages tls)
   #:use-module ((guix licenses) #:prefix license:)
   #:use-module (guix build-system gnu)
@@ -153,6 +155,56 @@ (define-public sbsigntools
     (home-page "https://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git/")
     (license license:gpl3+)))
 
+(define-public pesign
+  (package
+    (name "pesign")
+    (version "116")
+    (source
+      (origin
+        (method git-fetch)
+        (uri (git-reference
+               (url (string-append "https://github.com/rhboot/" name))
+               (commit version)))
+        (modules '((guix build utils)))
+        (snippet
+          #~(substitute* "Make.defaults"
+              (("RANLIB\t\\?= \\$\\(CROSS_COMPILE\\)") "RANLIB\t?=")
+              (("pkg-config-ccldflags") "pkg-config-ldflags")))
+        (sha256
+          (base32
+            "0fnqfiivj46bha4hsnwiqy8vq8b4i3w2dig0h9h2k4j7yq7r5qvj"))))
+    (build-system gnu-build-system)
+    (arguments
+      (list #:tests? #f ; The Makefile has no check target.
+            #:modules '((guix build gnu-build-system)
+                        (guix build utils)
+                        (ice-9 match))
+            #:phases #~(modify-phases %standard-phases (delete 'configure))
+            #:make-flags
+            (let ((system (%current-system))
+                  (target (%current-target-system)))
+              (define (arch s)
+                (if (target-x86-32? s)
+                    "ia32"
+                    (match (string-split s #\-)
+                      ((x _ ...) x))))
+              #~(list "prefix=/" "libdir=/lib/"
+                      (string-append "DESTDIR=" #$output)
+                      (string-append "HOSTARCH=" #$(arch system))
+                      (string-append "ARCH=" #$(arch (or target system)))
+                      (if #$target
+                          (string-append "CROSS_COMPILE=" #$target "-")
+                          "")))))
+    (inputs (list efivar nspr nss popt `(,util-linux "lib")))
+    (native-inputs (list mandoc pkg-config))
+    (synopsis "PE-COFF binary signing tools")
+    (description
+      "This package supports EFI keygen and subsequent signing of
+PE-COFF binaries. It contains the tools authvar, efikeygen, pesigcheck,
+pesign, pesign-client, and pesum.")
+    (home-page "https://github.com/rhboot/pesign")
+    (license license:gpl2+)))
+
 (define-public efitools
   (package
     (name "efitools")
-- 
2.45.2
This bug report was last modified 237 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.