RidgeRun Developer Wiki

RidgeRun Platform Security Manual/Getting Started/Secure Boot: Difference between revisions

Page Discussion

RidgeRun Platform Security Manual/Getting Started/Secure Boot (view source)

Revision as of 16:52, 6 March 2025

158 bytes added ,  6 March
→‎Create the UEFI Keys Config File
VisualWikitext
Line 251: Line 251:
where:
where:


* UEFI_DB_1_KEY_FILE and UEFI_DB_1_CERT_FILE are the key used to sign UEFI payloads
* UEFI_DB_1_KEY_FILE and UEFI_DB_1_CERT_FILE are the key and certificate used to sign UEFI payloads
* UEFI_DEFAULT_PK_ES is the Platform Key.
* UEFI_DEFAULT_PK_ES is the Platform Key EFI Signature list.
* UEFI_DEFAULT_KEK_ESL_0 is the Key encryption key.  
* UEFI_DEFAULT_KEK_ESL_0 is the Key encryption key EFI Signature list.  
* UEFI_DEFAULT_DB_ESL_0 is for the file with the list of digital signatures of trusted software.
* UEFI_DEFAULT_DB_ESL_0 is the EFI Signature List of the signature database (db).
* UEFI_DEFAULT_DB_ESL_1 is the EFI Signature List of the signature database for known untrusted code signatures (dbx).


==== Generate the UEFI Secure Boot DTBO ====
==== Generate the UEFI Secure Boot DTBO ====
Chidalgo
130

edits

Retrieved from "https://developer.ridgerun.com/wiki/index.php/Special:MobileDiff/64600"