sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c466cc2ca5d0e935bfaa6f6f4ab594a0c242e84b
system76-edk2/UefiPayloadPkg/SecureBootEnrollDefaultKeys/keys
History
Tim Crawford c466cc2ca5 Add System76 Secure Boot keys 
Signed-off-by: Tim Crawford <tcrawford@system76.com>
2023-03-07 18:10:00 -07:00
..
crl.bin
Update DBX to 2022-09-07
2023-03-07 18:10:00 -07:00
db-1.crt
UefiPayloadPkg: Add Secureboot support
2021-11-02 19:24:49 -06:00
db-2.crt
UefiPayloadPkg: Add Secureboot support
2021-11-02 19:24:49 -06:00
db-system76.crt
Add System76 Secure Boot keys
2023-03-07 18:10:00 -07:00
kek-microsoft.crt
Add System76 Secure Boot keys
2023-03-07 18:10:00 -07:00
kek-system76.crt
Add System76 Secure Boot keys
2023-03-07 18:10:00 -07:00
pk.crt
Add System76 Secure Boot keys
2023-03-07 18:10:00 -07:00
README
UefiPayloadPkg: Add Secureboot support
2021-11-02 19:24:49 -06:00

README 

# PK certificate generation

* Do not save private key for re-usage.
* Generate a RSA 2048 / SHA256 x509 certificate
* Exponent should be 65537
* Microsoft certificates can be found here: https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-secure-boot-key-creation-and-management-guidance

openssl req -outform DER -newkey rsa:2048 -keyout /dev/null -passout file:<(head -c 40 /dev/urandom) -x509 -days 365 -out pk.crt