hughsie
commented
1 year ago I think we have something similar: https://github.com/fwupd/fwupd/blob/main/libfwupdplugin/fu-efi-signature-list.c#L283 :)
Closed das-menschy closed 1 year ago
hughsie
commented
1 year ago I think we have something similar: https://github.com/fwupd/fwupd/blob/main/libfwupdplugin/fu-efi-signature-list.c#L283 :)
Hello, this is not a bug. I just wanted to draw attention to my hacky little script that can remove the Microsoft signature from these dbxupdate files and that can thereby convert the DBXUpdate files to EFI Signature List files (.esl): https://gist.github.com/das-menschy/79b976e6e91f0ac3c25292d86482838b
The script uses the information from https://blog.uncooperative.org/uefi/linux/secure%20boot/2014/10/23/uefi-security-databases.html to find out the structure of the DBXUpdate file and to remove the authentication header. Maybe you can include this script in the repo, maybe you can code a better script in python, maybe someone can make use of this.