diff --git a/Makefile b/Makefile index 421af33..1fd9450 100644 --- a/Makefile +++ b/Makefile @@ -42,6 +42,8 @@ sbsign: $(sbsign_objs) $(ccan_objs) sbverify: $(sbverify_objs) $(ccan_objs) $(LINK.o) -o $@ $^ $(libs) +sbsign.o sbverify.o: CPPFLAGS+=-DVERSION=\"$(version)\" + gen-keyfiles: gen-keyfiles.o $(ccan_objs) $(LINK.o) -o $@ $^ $(libs) gen-keyfiles: libs = -luuid diff --git a/sbsign.c b/sbsign.c index 32c608c..4d8030e 100644 --- a/sbsign.c +++ b/sbsign.c @@ -41,6 +41,8 @@ #include "idc.h" #include "image.h" +static const char *toolname = "sbsign"; + struct sign_context { struct image *image; const char *infilename; @@ -53,21 +55,28 @@ static struct option options[] = { { "cert", required_argument, NULL, 'c' }, { "key", required_argument, NULL, 'k' }, { "verbose", no_argument, NULL, 'v' }, + { "help", no_argument, NULL, 'h' }, + { "version", no_argument, NULL, 'V' }, { NULL, 0, NULL, 0 }, }; -static void usage(const char *progname) +static void usage(void) { - fprintf(stderr, - "usage: %s --key --cert " + printf("Usage: %s [options] --key --cert " "\n" - "options:\n" + "Sign an EFI boot image for use with secure boot.\n\n" + "Options:\n" "\t--key signing key (PEM-encoded RSA " "private key)\n" "\t--cert certificate (x509 certificate)\n" "\t--output write signed data to \n" - "\t (default .signed)\n" - , progname); + "\t (default .signed)\n", + toolname); +} + +static void version(void) +{ + printf("%s %s\n", toolname, VERSION); } static void set_default_outfilename(struct sign_context *ctx) @@ -106,11 +115,17 @@ int main(int argc, char **argv) case 'd': ctx->verbose = 1; break; + case 'V': + version(); + return EXIT_SUCCESS; + case 'h': + usage(); + return EXIT_SUCCESS; } } if (argc != optind + 1) { - usage(argv[0]); + usage(); return EXIT_FAILURE; } @@ -121,13 +136,13 @@ int main(int argc, char **argv) if (!certfilename) { fprintf(stderr, "error: No certificate specified (with --cert)\n"); - usage(argv[0]); + usage(); return EXIT_FAILURE; } if (!keyfilename) { fprintf(stderr, "error: No key specified (with --key)\n"); - usage(argv[0]); + usage(); return EXIT_FAILURE; } diff --git a/sbverify.c b/sbverify.c index bb11b07..262a830 100644 --- a/sbverify.c +++ b/sbverify.c @@ -35,6 +35,8 @@ #include #include +static const char *toolname = "sbverify"; + enum verify_status { VERIFY_FAIL = 0, VERIFY_OK = 1, @@ -43,17 +45,24 @@ enum verify_status { static struct option options[] = { { "cert", required_argument, NULL, 'c' }, { "no-verify", no_argument, NULL, 'n' }, + { "help", no_argument, NULL, 'h' }, + { "version", no_argument, NULL, 'V' }, { NULL, 0, NULL, 0 }, }; -static void usage(const char *progname) +static void usage(void) { - fprintf(stderr, - "usage: %s --cert \n" - "options:\n" + printf("Usage: %s [options] --cert \n" + "Verify a UEFI secure boot image.\n\n" + "Options:\n" "\t--cert certificate (x509 certificate)\n" "\t--no-verify don't perform certificate verification\n", - progname); + toolname); +} + +static void version(void) +{ + printf("%s %s\n", toolname, VERSION); } int load_cert(X509_STORE *certs, const char *filename) @@ -135,12 +144,18 @@ int main(int argc, char **argv) case 'n': verify = 0; break; + case 'V': + version(); + return EXIT_SUCCESS; + case 'h': + usage(); + return EXIT_SUCCESS; } } if (argc != optind + 1) { - usage(argv[0]); + usage(); return EXIT_FAILURE; }