Documentation
¶
Overview ¶
Package secureboot implements handling SecureBoot options.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrDisabled = fmt.Errorf("secure boot is disabled")
ErrDisabled is returned when SecureBoot is disabled.
Functions ¶
This section is empty.
Types ¶
type Options ¶
type Options struct {
// Enable SecureBoot asset generation.
Enabled bool
// File-based approach.
SigningKeyPath, SigningCertPath string
PCRKeyPath string
// Azure Key Vault approach.
AzureKeyVaultURL string
AzureCertificateName string
AzureKeyName string
// AWS KMS approach.
//
// AWS KMS Key ID, ACM certificate ARN, and region.
// Support local cert file for legacy use cases.
AwsKMSKeyID string
AwsKMSPCRKeyID string
AwsCertPath string
AwsCertARN string
AwsRegion string
}
Options configures SecureBoot.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service handles SecureBoot configuration.
func NewService ¶
NewService initializes SecureBoot from configuration.
func (*Service) GetSecureBootAssets ¶
func (s *Service) GetSecureBootAssets() (*profile.SecureBootAssets, error)
GetSecureBootAssets returns SecureBoot assets for the imager profile.
func (*Service) GetSecureBootSigningCert ¶
GetSecureBootSigningCert returns SecureBoot signing key PEM-encoded.
Source Files
Click to show internal directories.
Click to hide internal directories.