8 Commits

Author	SHA1	Message	Date
Morten Linderud	ff5369185b	revert dbx enrollment ... Needs to be iterated on, and preferably not work as the existing key databases. Reverts: 31c1228c15 Reverts: dae25b8abd Signed-off-by: Morten Linderud <morten@linderud.pw>	2023-11-19 19:00:21 +01:00
Morten Linderud	b35e74e2cb	Implement full support for loading builtin firmware certificates ... Signed-off-by: Morten Linderud <morten@linderud.pw>	2023-06-25 15:13:18 +02:00
Dustin L. Howett	f93d4752d6	Add support for loading certificates from dbDefault	2023-06-25 15:09:49 +02:00
Cornelius Hoffmann	c96abdb87f	Allow enrolling custom db and KEK certs	2023-05-11 16:44:56 +02:00
Alois Wohlschlager	9960dcd7b5	enroll-keys: Enroll Microsoft KEK along with their other keys ... If enrolling the Microsoft db keys, also enroll their KEK. This allows applying the official dbx updates, which are important for security, as they allow blocking binaries with known vulnerabilities which Microsoft has signed in the past.	2023-01-14 19:21:57 +01:00
Hugo Osvaldo Barrera	3f9d1d926c	Check returned errors ... Check a few errors that were not being handled properly. Co-authored-by: Morten Linderud <morten@linderud.pw>	2022-07-07 19:59:15 +02:00
Morten Linderud	956bfa1c5e	certs: Add tpm-eventlog vendor detection ... Signed-off-by: Morten Linderud <morten@linderud.pw>	2021-12-25 16:03:27 +01:00
Morten Linderud	9a1a83b98f	certs: Added certs package to support vendor certificates ... Signed-off-by: Morten Linderud <morten@linderud.pw>	2021-11-06 17:15:21 +01:00