From b9b2132d03a2b6d39f38c5904e0714265d125a7f Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Wed, 5 Apr 2023 08:56:04 -0500
Subject: [PATCH] rename pk and kek to give them a prefix of 'uefi-'

Signed-off-by: Serge Hallyn <serge@hallyn.com>
---
 cmd/trust/keyset.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/cmd/trust/keyset.go b/cmd/trust/keyset.go
index 7669a1c..1f31c29 100644
--- a/cmd/trust/keyset.go
+++ b/cmd/trust/keyset.go
@@ -40,7 +40,7 @@ func generateMosCreds(keysetPath string, ctemplate *x509.Certificate) error {
 }
 
 func makeKeydirs(keysetPath string) error {
-	keyDirs := []string{"manifest-ca", "manifest", "sudi-ca", "tpmpol-admin", "tpmpol-luks", "uefi-db", "uki-limited", "uki-production", "uki-tpm", "pk", "kek"}
+	keyDirs := []string{"manifest-ca", "manifest", "sudi-ca", "tpmpol-admin", "tpmpol-luks", "uefi-db", "uki-limited", "uki-production", "uki-tpm", "uefi-pk", "uefi-kek"}
 	err := os.MkdirAll(keysetPath, 0750)
 	if err != nil {
 		return err
@@ -116,7 +116,7 @@ func initkeyset(keysetName string, Org []string) error {
 	// Generate PK
 	caTemplate.Subject.CommonName = "UEFI PK"
 	caTemplate.NotAfter = time.Now().AddDate(50, 0, 0)
-	err = generaterootCA(filepath.Join(keysetPath, "pk"), &caTemplate, doGUID)
+	err = generaterootCA(filepath.Join(keysetPath, "uefi-pk"), &caTemplate, doGUID)
 	if err != nil {
 		return err
 	}
@@ -135,7 +135,7 @@ func initkeyset(keysetName string, Org []string) error {
 	}
 
 	// Generate KEK, signed by PK
-	CAcert, CAprivkey, err := getCA("pk", keysetName)
+	CAcert, CAprivkey, err := getCA("uefi-pk", keysetName)
 	if err != nil {
 		return err
 	}
@@ -143,12 +143,12 @@ func initkeyset(keysetName string, Org []string) error {
 	certTemplate.Subject.CommonName = "UEFI KEK"
 	certTemplate.NotAfter = time.Now().AddDate(50, 0, 0)
 	certTemplate.ExtKeyUsage = nil
-	err = SignCert(&certTemplate, CAcert, CAprivkey, filepath.Join(keysetPath, "kek"))
+	err = SignCert(&certTemplate, CAcert, CAprivkey, filepath.Join(keysetPath, "uefi-kek"))
 	if err != nil {
 		return err
 	}
 	guid := uuid.NewString()
-	err = os.WriteFile(filepath.Join(keysetPath, "kek", "guid"), []byte(guid), 0640)
+	err = os.WriteFile(filepath.Join(keysetPath, "uefi-kek", "guid"), []byte(guid), 0640)
 	if err != nil {
 		return err
 	}