narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
opengnsys_ipxe/src/usr
History
Michael Brown 72316b820d [image] Add the "imgdecrypt" command 
Add the "imgdecrypt" command that can be used to decrypt a detached
encrypted data image using a cipher key obtained from a separate CMS
envelope image.  For example:

  # Create non-detached encrypted CMS messages
  #
  openssl cms -encrypt -binary -aes-256-gcm -recip client.crt \
              -in vmlinuz -outform DER -out vmlinuz.cms
  openssl cms -encrypt -binary -aes-256-gcm -recip client.crt \
              -in initrd.img -outform DER -out initrd.img.cms

  # Detach data from envelopes (using iPXE's contrib/crypto/cmsdetach)
  #
  cmsdetach vmlinuz.cms -d vmlinuz.dat -e vmlinuz.env
  cmsdetach initrd.img.cms -d initrd.img.dat -e initrd.img.env

and then within iPXE:

  #!ipxe
  imgfetch http://192.168.0.1/vmlinuz.dat
  imgfetch http://192.168.0.1/initrd.img.dat
  imgdecrypt vmlinuz.dat    http://192.168.0.1/vmlinuz.env
  imgdecrypt initrd.img.dat http://192.168.0.1/initrd.img.env
  boot vmlinuz

Signed-off-by: Michael Brown <mcb30@ipxe.org>
 		2024-08-29 15:11:30 +01:00
..
autoboot.c [block] Allow for additional SAN boot parameters alongside filename 2024-03-06 12:19:22 +00:00
certmgmt.c [x509] Record root of trust used when validating a certificate 2020-12-08 15:04:28 +00:00
dhcpmgmt.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
fcmgmt.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
ibmgmt.c [infiniband] Add "ibstat" command 2016-03-08 17:38:06 +00:00
ifmgmt.c [ifmgmt] Make "ifstat" show the link-layer protocol for each netdev 2021-01-26 21:02:10 +00:00
imgarchive.c [image] Add "imgextract" command for extracting archive images 2021-05-08 15:34:19 +01:00
imgcrypt.c [image] Add the "imgdecrypt" command 2024-08-29 15:11:30 +01:00
imgmgmt.c [image] Generalise concept of selected image 2023-05-17 14:42:03 +01:00
imgtrust.c [crypto] Generalise cms_signature to cms_message 2024-08-14 13:04:01 +01:00
ipstat.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
iwmgmt.c [legal] Update FSF mailing address in GPL licence texts 2012-07-20 19:55:45 +01:00
lotest.c [cmdline] Expose "iflinkwait" as a command 2021-01-26 17:07:52 +00:00
neighmgmt.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
nslookup.c [ipv6] Add support for resolving IPv6 addresses via the "nslookup" command 2013-12-05 01:53:25 +00:00
ntpmgmt.c [cmdline] Add "ntp" command 2016-06-13 15:57:16 +01:00
pingmgmt.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
profstat.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
prompt.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
pxemenu.c [pxe] Avoid drawing menu items on bottom row of screen 2023-01-23 20:30:59 +00:00
route.c [build] Fix the REQUIRE_SYMBOL mechanism 2015-03-05 00:59:38 +00:00
route_ipv4.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
route_ipv6.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00
shimmgmt.c [efi] Support versions of shim that perform SBAT verification 2023-05-23 15:27:20 +01:00
sync.c [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-02 14:17:31 +00:00