From 102910e3f2b71f0a73f1d65035bbdcbf8ee189b2 Mon Sep 17 00:00:00 2001 From: tigro Date: Thu, 14 Nov 2024 09:07:30 +0300 Subject: [PATCH] Added msvsphere certificates for secure boot --- SOURCES/certs_add.sh | 14 ++++ SOURCES/msvsphereca1.pem | 86 ++++++++++++++++++++++ SOURCES/msvspheredup1.pem | 86 ++++++++++++++++++++++ SOURCES/msvsphereima.pem | 75 +++++++++++++++++++ SOURCES/msvspherepatch1.pem | 86 ++++++++++++++++++++++ SOURCES/nvidiagpuoot001.pem | 125 ++++++++++++++++++++++++++++++++ SOURCES/rheldup3.pem | 102 ++++++++++++++++++++++++++ SOURCES/rhelima.pem | 70 ++++++++++++++++++ SOURCES/rhelima_centos.pem | 70 ++++++++++++++++++ SOURCES/rhelimaca1.pem | 81 +++++++++++++++++++++ SOURCES/rhelkpatch1.pem | 102 ++++++++++++++++++++++++++ SOURCES/spheresecureboot001.pem | 86 ++++++++++++++++++++++ SOURCES/spheresecurebootca.pem | 86 ++++++++++++++++++++++ SPECS/edk2.spec | 21 +++++- 14 files changed, 1088 insertions(+), 2 deletions(-) create mode 100755 SOURCES/certs_add.sh create mode 100644 SOURCES/msvsphereca1.pem create mode 100644 SOURCES/msvspheredup1.pem create mode 100644 SOURCES/msvsphereima.pem create mode 100644 SOURCES/msvspherepatch1.pem create mode 100644 SOURCES/nvidiagpuoot001.pem create mode 100644 SOURCES/rheldup3.pem create mode 100644 SOURCES/rhelima.pem create mode 100644 SOURCES/rhelima_centos.pem create mode 100644 SOURCES/rhelimaca1.pem create mode 100644 SOURCES/rhelkpatch1.pem create mode 100644 SOURCES/spheresecureboot001.pem create mode 100644 SOURCES/spheresecurebootca.pem diff --git a/SOURCES/certs_add.sh b/SOURCES/certs_add.sh new file mode 100755 index 0000000..4284e6b --- /dev/null +++ b/SOURCES/certs_add.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +IMAGE="$1" + +[ -f "$IMAGE" ] || { echo "File $IMAGE is not found!"; exit 1; } + +GUID=$(virt-fw-vars -i $IMAGE -p -v 2>/dev/null | awk '{if($1 ~ /name=db$/){sub(/guid=guid:/,"",$2);print $2}}') + +[ -n "$GUID" ] || { echo "GUID is not set!"; exit 1; } + +for F in `ls ./*.pem`; do + echo "virt-fw-vars --add-db $GUID $F -i $IMAGE -o $IMAGE"; + virt-fw-vars --add-db $GUID $F -i $IMAGE -o $IMAGE; +done diff --git a/SOURCES/msvsphereca1.pem b/SOURCES/msvsphereca1.pem new file mode 100644 index 0000000..5d83801 --- /dev/null +++ b/SOURCES/msvsphereca1.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 52:17:7c:cc:f0:fd:5d:71:2f:84:89:87:48:d3:d9:07:71:f5:c3:c1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN = MSVSphere IMA CA, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority + Validity + Not Before: Oct 17 14:50:46 2023 GMT + Not After : May 31 14:50:46 2040 GMT + Subject: CN = MSVSphere IMA CA, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a7:93:2f:b8:68:02:6e:4c:a8:ec:d4:b5:5c:24: + f9:30:e9:ef:4a:16:2e:d6:19:f8:44:0f:b8:f1:7d: + 32:74:2a:05:d4:2d:3b:36:89:70:d7:59:f9:c8:b1: + 9c:7e:71:c5:61:72:59:b6:c5:c8:d1:a2:d6:57:f4: + 14:f2:c1:67:bd:a3:aa:75:df:f2:f9:48:cb:13:f2: + b9:f0:94:02:a5:3c:cf:9b:43:f1:a1:b2:8c:ff:c7: + 20:3b:1e:75:14:d6:e6:0c:01:04:6d:82:f7:56:25: + 9a:d8:e3:72:b2:1b:17:87:3a:3c:da:6f:5d:06:c2: + 8c:b9:de:ef:e1:f5:38:ae:d4:c9:26:3c:57:be:af: + b2:57:5d:ec:ce:cd:14:98:39:77:cd:b8:f5:ad:a4: + 3c:a7:1c:c3:2b:80:d2:89:b8:7e:22:9a:67:00:91: + d8:c1:52:e7:b3:61:21:3c:8c:80:39:68:8c:1e:ee: + 23:a5:86:6a:80:16:e1:4a:27:fa:37:fd:69:62:89: + 28:d6:5c:cd:cb:3e:d4:d7:f4:23:57:ce:cb:c2:ec: + ca:ff:4a:04:ec:98:b4:cd:b9:f6:81:3c:fd:ab:bc: + 83:b1:ed:47:be:65:8e:93:14:13:d3:bd:df:99:8b: + fa:93:ca:55:9c:c1:2e:74:54:f5:ae:86:a1:20:29: + b2:d9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 77:00:6F:8D:E0:2B:DC:27:EA:D8:DB:F4:C1:DA:12:AD:BF:6E:05:EC + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Authority Key Identifier: + 77:00:6F:8D:E0:2B:DC:27:EA:D8:DB:F4:C1:DA:12:AD:BF:6E:05:EC + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + a3:d4:fc:8d:25:5c:d9:3a:60:c3:6d:41:e1:c1:d9:7b:aa:bf: + 13:97:71:9f:8f:c1:a6:c9:fe:8d:50:49:cb:14:cc:03:76:80: + 69:8a:9a:af:84:e0:b8:9b:ef:8e:03:04:ea:38:01:5c:c0:cd: + f0:af:85:e0:de:9f:f8:05:1e:6c:36:13:c5:24:f3:57:4d:0d: + 97:ef:f2:ef:18:e9:82:c0:ce:1f:4a:b5:55:94:1b:c5:06:33: + 29:de:c8:45:1a:c3:10:2b:c9:ba:9f:8e:66:50:24:b8:78:a8: + 42:72:28:54:2e:67:1c:4f:74:d2:bf:45:cc:cb:f2:b9:44:86: + 01:1a:54:e0:58:19:e7:dc:00:15:80:0a:47:6e:5a:25:9a:21: + 7c:47:c6:de:c4:73:82:7a:0e:2c:3b:4a:e8:1a:4d:32:33:b1: + f2:02:1f:dc:f3:b2:45:79:db:5f:3d:67:a7:b5:b3:90:41:e4: + 49:e6:40:29:39:d3:b6:72:06:17:d5:96:80:c1:20:29:4b:f1: + 51:03:18:60:66:e3:b3:14:50:b3:0e:72:ad:d7:d6:a2:eb:94: + 8f:2f:7f:db:02:1f:a6:a9:f5:a4:2e:fc:73:43:8f:0e:84:96: + 8b:d5:c5:60:f1:2d:9f:e4:ca:07:ea:af:5f:68:93:9f:41:73: + 31:8b:b6:a7 +-----BEGIN CERTIFICATE----- +MIIEVzCCAz+gAwIBAgIUUhd8zPD9XXEvhImHSNPZB3H1w8EwDQYJKoZIhvcNAQEL +BQAwgbIxGTAXBgNVBAMMEE1TVlNwaGVyZSBJTUEgQ0ExETAPBgNVBAoMCE5DU0Qg +TExDMQswCQYDVQQGEwJSVTEPMA0GA1UECAwGTW9zY293MQ8wDQYDVQQHDAZNb3Nj +b3cxJzAlBgkqhkiG9w0BCQEWGHNlY3VyaXR5QG1zdnNwaGVyZS1vcy5ydTEqMCgG +A1UECwwhTVNWU3BoZXJlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIzMTAx +NzE0NTA0NloXDTQwMDUzMTE0NTA0NlowgbIxGTAXBgNVBAMMEE1TVlNwaGVyZSBJ +TUEgQ0ExETAPBgNVBAoMCE5DU0QgTExDMQswCQYDVQQGEwJSVTEPMA0GA1UECAwG +TW9zY293MQ8wDQYDVQQHDAZNb3Njb3cxJzAlBgkqhkiG9w0BCQEWGHNlY3VyaXR5 +QG1zdnNwaGVyZS1vcy5ydTEqMCgGA1UECwwhTVNWU3BoZXJlIENlcnRpZmljYXRp +b24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5Mv +uGgCbkyo7NS1XCT5MOnvShYu1hn4RA+48X0ydCoF1C07Nolw11n5yLGcfnHFYXJZ +tsXI0aLWV/QU8sFnvaOqdd/y+UjLE/K58JQCpTzPm0PxobKM/8cgOx51FNbmDAEE +bYL3ViWa2ONyshsXhzo82m9dBsKMud7v4fU4rtTJJjxXvq+yV13szs0UmDl3zbj1 +raQ8pxzDK4DSibh+IppnAJHYwVLns2EhPIyAOWiMHu4jpYZqgBbhSif6N/1pYoko +1lzNyz7U1/QjV87LwuzK/0oE7Ji0zbn2gTz9q7yDse1HvmWOkxQT073fmYv6k8pV +nMEudFT1roahICmy2QIDAQABo2MwYTAdBgNVHQ4EFgQUdwBvjeAr3Cfq2Nv0wdoS +rb9uBewwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBR3AG+N4CvcJ+rY2/TB +2hKtv24F7DAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKPU/I0l +XNk6YMNtQeHB2XuqvxOXcZ+PwabJ/o1QScsUzAN2gGmKmq+E4Lib744DBOo4AVzA +zfCvheDen/gFHmw2E8Uk81dNDZfv8u8Y6YLAzh9KtVWUG8UGMyneyEUawxArybqf +jmZQJLh4qEJyKFQuZxxPdNK/RczL8rlEhgEaVOBYGefcABWACkduWiWaIXxHxt7E +c4J6Diw7SugaTTIzsfICH9zzskV52189Z6e1s5BB5EnmQCk507ZyBhfVloDBIClL +8VEDGGBm47MUULMOcq3X1qLrlI8vf9sCH6ap9aQu/HNDjw6ElovVxWDxLZ/kygfq +r19ok59BczGLtqc= +-----END CERTIFICATE----- diff --git a/SOURCES/msvspheredup1.pem b/SOURCES/msvspheredup1.pem new file mode 100644 index 0000000..9d2533d --- /dev/null +++ b/SOURCES/msvspheredup1.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + d6:39:17:e7:e5:6a:47:54:b8:56:f2:eb:47:6b:f8:c3 + Signature Algorithm: sha256WithRSAEncryption + Issuer: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Secure Boot CA + Validity + Not Before: Mar 22 16:42:54 2023 GMT + Not After : Mar 22 16:42:54 2053 GMT + Subject: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Driver update signing key + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ba:09:cd:1d:80:9c:00:59:96:07:ce:1f:69:a2: + d7:8b:29:2e:68:13:6f:87:42:5e:ff:42:58:19:b1: + 75:b2:ba:af:5d:84:37:74:50:0e:dd:5a:1d:45:f2: + f1:e0:9b:b5:f3:9c:d5:a8:29:5a:cd:8c:85:8a:13: + d4:60:b9:52:ad:c9:fe:0c:4f:fe:af:08:25:ec:a7: + c6:2a:e3:ff:66:b8:b0:89:69:5a:fe:b1:a8:68:8a: + de:79:1e:68:e7:a8:14:01:c8:45:5b:0e:00:54:98: + 32:40:4a:5d:e7:18:55:ce:bd:bc:77:3d:94:38:ac: + db:e8:5e:71:d2:be:e4:38:60:39:f8:e1:9a:ee:1a: + 84:df:14:33:ce:ce:db:c4:57:c8:cf:d1:3e:72:a9: + eb:b5:7e:50:57:a1:51:06:d5:07:9c:e2:57:1a:1c: + 66:8c:ba:05:aa:50:dc:e2:19:d5:04:fd:a8:bd:83: + eb:70:06:19:81:f0:ab:2a:3f:ec:cd:f3:0f:ce:ee: + 75:87:87:93:1b:0e:44:e1:f9:ba:e5:53:91:ef:09: + 6e:d8:63:8e:69:00:6e:37:1d:90:83:99:3f:23:c7: + 33:d7:ae:13:cb:c8:fa:76:d8:5d:26:b5:9f:5a:5e: + 18:22:b1:3a:c5:84:6c:67:20:e3:72:98:07:02:43: + 83:55 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + 49:59:67:B5:13:6C:C8:DF:7E:64:B9:22:E3:A9:35:50:6B:95:84:D5 + X509v3 Extended Key Usage: + Code Signing, 1.3.6.1.4.1.2312.16.1.2 + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + 20:11:38:3B:AE:1E:E8:65:DE:29:6E:C4:7B:90:7F:4D:38:27:EB:DE + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 82:29:45:3f:f4:79:e2:b5:d4:4a:a3:22:1e:16:75:68:38:44: + 46:61:0d:4c:74:cc:7d:11:f5:e2:db:c3:a3:ba:5f:03:77:95: + 9e:37:b8:72:68:ea:ee:a9:f2:09:a9:d6:07:d7:45:27:6c:fa: + a1:b8:20:77:fb:22:f1:59:26:70:fa:4c:2f:1c:6e:fc:ec:4a: + 15:91:c2:90:d6:89:b8:50:9e:c6:56:e3:1f:4a:e2:20:e5:90: + 09:16:80:a2:89:a9:90:a8:f2:37:e8:6e:29:d8:9a:61:31:d2: + 2b:2a:23:2f:69:1a:7c:9f:7f:66:e0:93:29:1f:5f:9b:78:0b: + ec:74:5b:58:33:6f:bc:62:9e:98:87:9b:ae:38:b5:ed:4f:f3: + b6:48:24:16:da:18:72:09:a0:b1:01:ee:d7:6e:e4:b4:c3:eb: + b8:06:5f:38:69:78:c8:bb:40:6d:c7:8a:e9:82:69:fa:db:28: + 54:2d:8c:c0:83:4c:4f:d7:8f:a5:fd:a0:96:b7:e9:c7:b1:78: + e7:09:72:e7:62:37:44:67:3f:53:b8:4c:17:17:c8:a8:1f:ec: + a5:5f:2a:18:4d:3d:aa:1a:f5:7d:c3:17:5b:42:ba:28:68:f8: + 36:ad:6a:28:6b:a8:a9:aa:be:82:96:11:a8:0e:88:b5:20:52: + c1:23:aa:15 +-----BEGIN CERTIFICATE----- +MIIEeTCCA2GgAwIBAgIRANY5F+flakdUuFby60dr+MMwDQYJKoZIhvcNAQELBQAw +gbcxKjAoBgNVBAsTIU1TVlNwaGVyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEk +MCIGCSqGSIb3DQEJARYVc2VjdXJpdHlAbXN2c3BoZXJlLnJ1MQ8wDQYDVQQHEwZN +b3Njb3cxDzANBgNVBAgTBk1vc2NvdzELMAkGA1UEBhMCUlUxETAPBgNVBAoTCE5D +U0QgTExDMSEwHwYDVQQDExhNU1ZTcGhlcmUgU2VjdXJlIEJvb3QgQ0EwIBcNMjMw +MzIyMTY0MjU0WhgPMjA1MzAzMjIxNjQyNTRaMIHCMSowKAYDVQQLEyFNU1ZTcGhl +cmUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJDAiBgkqhkiG9w0BCQEWFXNlY3Vy +aXR5QG1zdnNwaGVyZS5ydTEPMA0GA1UEBxMGTW9zY293MQ8wDQYDVQQIEwZNb3Nj +b3cxCzAJBgNVBAYTAlJVMREwDwYDVQQKEwhOQ1NEIExMQzEsMCoGA1UEAxMjTVNW +U3BoZXJlIERyaXZlciB1cGRhdGUgc2lnbmluZyBrZXkwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQC6Cc0dgJwAWZYHzh9poteLKS5oE2+HQl7/QlgZsXWy +uq9dhDd0UA7dWh1F8vHgm7XznNWoKVrNjIWKE9RguVKtyf4MT/6vCCXsp8Yq4/9m +uLCJaVr+sahoit55HmjnqBQByEVbDgBUmDJASl3nGFXOvbx3PZQ4rNvoXnHSvuQ4 +YDn44ZruGoTfFDPOztvEV8jP0T5yqeu1flBXoVEG1Qec4lcaHGaMugWqUNziGdUE +/ai9g+twBhmB8KsqP+zN8w/O7nWHh5MbDkTh+brlU5HvCW7YY45pAG43HZCDmT8j +xzPXrhPLyPp22F0mtZ9aXhgisTrFhGxnIONymAcCQ4NVAgMBAAGjcTBvMB8GA1Ud +IwQYMBaAFElZZ7UTbMjffmS5IuOpNVBrlYTVMB8GA1UdJQQYMBYGCCsGAQUFBwMD +BgorBgEEAZIIEAECMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCARODuuHuhl3ilu +xHuQf004J+veMA0GCSqGSIb3DQEBCwUAA4IBAQCCKUU/9HnitdRKoyIeFnVoOERG +YQ1MdMx9EfXi28Ojul8Dd5WeN7hyaOruqfIJqdYH10UnbPqhuCB3+yLxWSZw+kwv +HG787EoVkcKQ1om4UJ7GVuMfSuIg5ZAJFoCiiamQqPI36G4p2JphMdIrKiMvaRp8 +n39m4JMpH1+beAvsdFtYM2+8Yp6Yh5uuOLXtT/O2SCQW2hhyCaCxAe7XbuS0w+u4 +Bl84aXjIu0Btx4rpgmn62yhULYzAg0xP14+l/aCWt+nHsXjnCXLnYjdEZz9TuEwX +F8ioH+ylXyoYTT2qGvV9wxdbQrooaPg2rWooa6ipqr6ClhGoDoi1IFLBI6oV +-----END CERTIFICATE----- diff --git a/SOURCES/msvsphereima.pem b/SOURCES/msvsphereima.pem new file mode 100644 index 0000000..9dbaa7d --- /dev/null +++ b/SOURCES/msvsphereima.pem @@ -0,0 +1,75 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 71:a3:0f:db:5d:68:ba:11:ad:0d:d7:a2:bb:f2:9b:33:69:22:69:1b + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN = MSVSphere IMA CA, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority + Validity + Not Before: Oct 17 14:52:34 2023 GMT + Not After : May 31 14:52:34 2040 GMT + Subject: CN = MSVSphere 9 IMA release key, O = NCSD LLC, C = RU, ST = Moscow, L = Moscow, emailAddress = security@msvsphere-os.ru, OU = MSVSphere Certification Authority + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:8f:3a:c4:74:50:a0:dd:2b:7c:eb:48:63:06:f9: + ec:a5:f9:c2:ef:1a:5a:64:79:95:14:9c:2a:da:3a: + f7:bb:50:36:16:51:ca:2d:e4:0f:2e:a1:a5:16:9a: + 63:a6:f0:ce:c2:69:2a:aa:08:ce:40:17:8f:db:de: + 16:08:47:02:6d:0b:39:36:80:bd:0d:12:f5:aa:9e: + 80:8d:ae:c9:90:d6:d3:5e:a4:c0:26:a6:78:83:04: + ce:9e:09:17:b7:3e:52 + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: critical + Digital Signature + X509v3 Extended Key Usage: critical + Code Signing + X509v3 Subject Key Identifier: + 90:88:18:27:43:0F:80:32:F8:AB:35:AC:DE:28:6D:3B:B9:F5:55:E0 + X509v3 Authority Key Identifier: + 77:00:6F:8D:E0:2B:DC:27:EA:D8:DB:F4:C1:DA:12:AD:BF:6E:05:EC + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 18:6a:36:58:96:ad:13:f2:48:97:e6:87:14:ec:00:43:2d:a4: + 9a:43:80:5a:92:06:fb:cb:26:62:fe:04:23:b2:11:e8:d4:7a: + 25:6e:14:e4:2b:c0:8d:27:2e:92:b1:19:41:2d:ce:e4:e5:30: + 99:72:d5:fd:86:b2:d6:15:32:86:91:20:5f:02:da:be:fe:2d: + b0:24:60:48:7b:df:41:11:36:0e:df:97:d0:a3:36:4a:0b:88: + ec:7c:32:b7:9e:a0:72:6f:f5:4f:b4:bb:c0:71:1d:6c:38:22: + 3c:e8:e8:9d:58:40:54:7d:86:1d:43:f3:02:df:16:07:89:1b: + 5b:d0:d5:ea:9c:4d:b5:04:5d:99:f1:64:42:67:ab:d7:15:e6: + 44:3f:2e:a8:03:51:ae:3a:df:7e:9c:8b:3d:91:5c:ce:a1:b2: + b7:69:81:43:ed:a1:f7:63:93:e8:f7:b7:0f:7d:5d:94:55:18: + f4:0a:35:13:01:d6:4b:06:57:50:ca:7c:ea:23:b3:e5:9c:ed: + 87:80:23:7e:0b:64:09:49:98:a2:22:51:83:3c:b8:e4:0b:8b: + 16:c2:3a:11:ee:78:6a:f2:a4:c7:13:de:b0:3d:97:c6:d5:84: + f5:6a:8e:4a:5e:1d:c1:f3:d8:80:b6:71:f5:8f:3b:fd:ad:15: + d6:c9:78:d6 +-----BEGIN CERTIFICATE----- +MIIDyTCCArGgAwIBAgIUcaMP211ouhGtDdeiu/KbM2kiaRswDQYJKoZIhvcNAQEL +BQAwgbIxGTAXBgNVBAMMEE1TVlNwaGVyZSBJTUEgQ0ExETAPBgNVBAoMCE5DU0Qg +TExDMQswCQYDVQQGEwJSVTEPMA0GA1UECAwGTW9zY293MQ8wDQYDVQQHDAZNb3Nj +b3cxJzAlBgkqhkiG9w0BCQEWGHNlY3VyaXR5QG1zdnNwaGVyZS1vcy5ydTEqMCgG +A1UECwwhTVNWU3BoZXJlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIzMTAx +NzE0NTIzNFoXDTQwMDUzMTE0NTIzNFowgb0xJDAiBgNVBAMMG01TVlNwaGVyZSA5 +IElNQSByZWxlYXNlIGtleTERMA8GA1UECgwITkNTRCBMTEMxCzAJBgNVBAYTAlJV +MQ8wDQYDVQQIDAZNb3Njb3cxDzANBgNVBAcMBk1vc2NvdzEnMCUGCSqGSIb3DQEJ +ARYYc2VjdXJpdHlAbXN2c3BoZXJlLW9zLnJ1MSowKAYDVQQLDCFNU1ZTcGhlcmUg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASP +OsR0UKDdK3zrSGMG+eyl+cLvGlpkeZUUnCraOve7UDYWUcot5A8uoaUWmmOm8M7C +aSqqCM5AF4/b3hYIRwJtCzk2gL0NEvWqnoCNrsmQ1tNepMAmpniDBM6eCRe3PlKj +eDB2MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMBYGA1UdJQEB/wQMMAoG +CCsGAQUFBwMDMB0GA1UdDgQWBBSQiBgnQw+AMvirNazeKG07ufVV4DAfBgNVHSME +GDAWgBR3AG+N4CvcJ+rY2/TB2hKtv24F7DANBgkqhkiG9w0BAQsFAAOCAQEAGGo2 +WJatE/JIl+aHFOwAQy2kmkOAWpIG+8smYv4EI7IR6NR6JW4U5CvAjScukrEZQS3O +5OUwmXLV/Yay1hUyhpEgXwLavv4tsCRgSHvfQRE2Dt+X0KM2SguI7Hwyt56gcm/1 +T7S7wHEdbDgiPOjonVhAVH2GHUPzAt8WB4kbW9DV6pxNtQRdmfFkQmer1xXmRD8u +qANRrjrffpyLPZFczqGyt2mBQ+2h92OT6Pe3D31dlFUY9Ao1EwHWSwZXUMp86iOz +5Zzth4AjfgtkCUmYoiJRgzy45AuLFsI6Ee54avKkxxPesD2XxtWE9WqOSl4dwfPY +gLZx9Y87/a0V1sl41g== +-----END CERTIFICATE----- diff --git a/SOURCES/msvspherepatch1.pem b/SOURCES/msvspherepatch1.pem new file mode 100644 index 0000000..407ec63 --- /dev/null +++ b/SOURCES/msvspherepatch1.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + f3:41:d2:7d:2e:b9:42:05:b5:8d:9a:39:b4:a8:dd:cf + Signature Algorithm: sha256WithRSAEncryption + Issuer: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Secure Boot CA + Validity + Not Before: Mar 22 16:42:54 2023 GMT + Not After : Mar 22 16:42:54 2053 GMT + Subject: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere kpatch signing key + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e1:8d:77:fe:7c:63:d5:a8:03:20:d3:ce:f0:96: + 2a:84:1b:9c:e3:8f:01:f7:a0:76:c3:f8:ee:17:44: + 10:cc:0d:58:df:65:73:2c:30:78:55:13:80:f9:9f: + af:88:87:4b:ef:98:cd:06:ff:62:37:f9:2d:ce:1c: + 5e:7d:e9:b0:ac:4e:0f:08:70:45:ff:a3:a4:d8:f8: + d4:65:ed:1a:93:ab:bc:31:a6:de:ea:9c:81:f6:e6: + 5b:c7:5c:d1:47:8d:e2:4f:3d:e9:17:c8:3e:c8:66: + 51:4d:a8:df:14:f8:1f:55:df:31:2c:f4:a0:fb:8d: + 39:3b:79:f7:3d:4e:cc:5f:e5:56:59:6a:77:0c:bf: + eb:fc:84:7d:ea:5b:51:34:fc:bc:4e:7a:be:7d:a3: + af:79:e0:9f:29:49:dc:f5:11:c8:3d:9e:39:89:25: + bb:63:57:7c:23:b0:e0:f8:ec:7b:4c:cb:bc:c9:92: + fb:f0:8f:8f:13:b0:ba:5f:65:68:78:f5:6e:dc:e1: + 57:3d:50:c0:94:b1:41:63:23:ff:07:c9:c1:2a:e3: + 68:94:c9:42:a4:52:4f:1f:dd:e0:9a:d9:c4:91:73: + ba:2e:29:24:67:e8:9c:92:3e:82:46:d8:f3:15:08: + f1:85:07:17:c8:f9:9b:ba:9c:87:ed:0f:d1:88:dc: + 71:05 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + 49:59:67:B5:13:6C:C8:DF:7E:64:B9:22:E3:A9:35:50:6B:95:84:D5 + X509v3 Extended Key Usage: + Code Signing, 1.3.6.1.4.1.2312.16.1.2 + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + E0:DA:A8:81:5B:FF:F2:CC:A3:53:F9:46:E2:33:E2:E7:AC:2A:E0:FA + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 7e:95:d0:2f:4f:e6:6b:e6:9b:ad:b2:a4:72:4e:bd:f1:c9:68: + 23:cd:c6:31:35:ab:34:15:c2:ed:8d:ef:0f:82:f3:8a:12:16: + 16:82:a9:d9:5a:b5:98:20:b6:f5:d2:24:53:58:c3:b9:ec:79: + 40:ca:b4:4a:7b:9c:74:b9:1e:2b:a9:66:5c:b3:57:46:f2:98: + 9b:96:23:48:a2:4f:0b:86:96:a2:30:0d:b7:8f:fb:83:95:3a: + 29:96:24:80:d3:23:78:05:a9:ee:6f:af:e6:5c:70:61:4f:15: + 5d:2c:75:22:a8:22:9a:6f:cf:86:52:01:03:73:ce:8c:86:67: + 90:3c:f5:38:50:04:59:70:f0:25:35:da:34:cc:3e:84:e7:4f: + 93:4c:01:33:34:3d:6c:e7:ea:d8:1e:63:43:1d:6a:b1:bf:01: + 1b:20:a8:27:df:62:9e:af:7c:bd:52:95:fe:ad:0c:68:a5:1a: + b0:fc:59:b0:f9:c0:38:b0:5f:b2:3c:7d:ec:32:3a:a2:73:53: + c8:91:7e:cb:3b:cb:7f:85:de:d8:5d:f1:92:80:e6:61:7d:6d: + c3:8f:e8:a7:ce:14:33:d2:22:c1:7e:f6:ab:c1:75:8c:c3:70: + dd:ab:fd:c4:e9:db:9e:1a:bb:98:32:94:2b:56:d7:e1:31:99: + 84:5e:c6:4d +-----BEGIN CERTIFICATE----- +MIIEcjCCA1qgAwIBAgIRAPNB0n0uuUIFtY2aObSo3c8wDQYJKoZIhvcNAQELBQAw +gbcxKjAoBgNVBAsTIU1TVlNwaGVyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEk +MCIGCSqGSIb3DQEJARYVc2VjdXJpdHlAbXN2c3BoZXJlLnJ1MQ8wDQYDVQQHEwZN +b3Njb3cxDzANBgNVBAgTBk1vc2NvdzELMAkGA1UEBhMCUlUxETAPBgNVBAoTCE5D +U0QgTExDMSEwHwYDVQQDExhNU1ZTcGhlcmUgU2VjdXJlIEJvb3QgQ0EwIBcNMjMw +MzIyMTY0MjU0WhgPMjA1MzAzMjIxNjQyNTRaMIG7MSowKAYDVQQLEyFNU1ZTcGhl +cmUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJDAiBgkqhkiG9w0BCQEWFXNlY3Vy +aXR5QG1zdnNwaGVyZS5ydTEPMA0GA1UEBxMGTW9zY293MQ8wDQYDVQQIEwZNb3Nj +b3cxCzAJBgNVBAYTAlJVMREwDwYDVQQKEwhOQ1NEIExMQzElMCMGA1UEAxMcTVNW +U3BoZXJlIGtwYXRjaCBzaWduaW5nIGtleTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAOGNd/58Y9WoAyDTzvCWKoQbnOOPAfegdsP47hdEEMwNWN9lcyww +eFUTgPmfr4iHS++YzQb/Yjf5Lc4cXn3psKxODwhwRf+jpNj41GXtGpOrvDGm3uqc +gfbmW8dc0UeN4k896RfIPshmUU2o3xT4H1XfMSz0oPuNOTt59z1OzF/lVllqdwy/ +6/yEfepbUTT8vE56vn2jr3ngnylJ3PURyD2eOYklu2NXfCOw4Pjse0zLvMmS+/CP +jxOwul9laHj1btzhVz1QwJSxQWMj/wfJwSrjaJTJQqRSTx/d4JrZxJFzui4pJGfo +nJI+gkbY8xUI8YUHF8j5m7qch+0P0YjccQUCAwEAAaNxMG8wHwYDVR0jBBgwFoAU +SVlntRNsyN9+ZLki46k1UGuVhNUwHwYDVR0lBBgwFgYIKwYBBQUHAwMGCisGAQQB +kggQAQIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU4NqogVv/8syjU/lG4jPi56wq +4PowDQYJKoZIhvcNAQELBQADggEBAH6V0C9P5mvmm62ypHJOvfHJaCPNxjE1qzQV +wu2N7w+C84oSFhaCqdlatZggtvXSJFNYw7nseUDKtEp7nHS5HiupZlyzV0bymJuW +I0iiTwuGlqIwDbeP+4OVOimWJIDTI3gFqe5vr+ZccGFPFV0sdSKoIppvz4ZSAQNz +zoyGZ5A89ThQBFlw8CU12jTMPoTnT5NMATM0PWzn6tgeY0MdarG/ARsgqCffYp6v +fL1Slf6tDGilGrD8WbD5wDiwX7I8fewyOqJzU8iRfss7y3+F3thd8ZKA5mF9bcOP +6KfOFDPSIsF+9qvBdYzDcN2r/cTp254au5gylCtW1+ExmYRexk0= +-----END CERTIFICATE----- diff --git a/SOURCES/nvidiagpuoot001.pem b/SOURCES/nvidiagpuoot001.pem new file mode 100644 index 0000000..7de48cd --- /dev/null +++ b/SOURCES/nvidiagpuoot001.pem @@ -0,0 +1,125 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + c5:2a:b8:18:9b:cc:bb:16 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN = Nvidia GPU OOT CA, emailAddress = secalert@redhat.com + Validity + Not Before: Nov 28 17:57:33 2023 GMT + Not After : Jan 18 17:57:33 2038 GMT + Subject: CN = Nvidia GPU OOT signing 001, emailAddress = secalert@redhat.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:aa:e7:0f:55:10:c8:19:46:a2:de:ec:0a:54:88: + f3:72:72:47:2b:0d:f9:13:28:e8:db:c8:76:17:51: + 26:ab:da:31:e9:2f:f4:ec:a1:08:df:72:6a:e0:86: + 1e:27:00:4f:a2:00:e7:14:c1:92:2a:0b:b5:6f:38: + f1:79:8b:0b:f3:7d:bb:e4:31:2f:34:12:9e:f5:8f: + fb:e4:f6:06:b4:92:1f:b4:11:21:bf:e4:bc:1f:93: + d6:88:d4:b5:f5:a1:a4:1c:a1:1f:15:40:ef:ff:b6: + 2e:bf:b9:a9:10:a5:fe:0c:4b:a0:1d:7c:98:ea:2c: + 12:8b:3c:f2:b0:5f:f6:22:89:c8:ca:d1:ec:3d:cb: + 9c:e7:7c:d9:af:02:d5:69:77:6e:e4:98:a9:dd:92: + bd:62:1e:a6:2f:03:69:e5:3b:53:93:8d:88:54:c0: + db:d7:63:ad:82:3b:5b:74:90:6b:4e:91:2b:e4:9f: + 5b:23:fc:8b:28:a5:68:01:88:b1:e1:90:a2:4b:e6: + ff:e0:e4:16:ae:a2:f6:64:57:4b:c7:a9:68:a8:c4: + 45:fb:54:3c:cf:ef:fd:4e:b1:c6:08:4e:da:ae:51: + f8:5f:2a:b4:12:06:b1:03:60:1a:e7:45:22:f9:cd: + 59:a1:91:36:2d:dd:6f:ec:42:35:98:2e:92:d9:31: + 9b:4d:c3:00:4b:ea:8b:70:d6:dc:34:da:b3:66:2a: + f3:5e:00:4e:83:14:21:24:71:7a:ed:ea:09:c7:57: + 2c:58:39:32:1e:24:1f:ef:52:7b:bc:8d:18:47:ba: + b3:16:a4:56:65:e3:9d:fe:ae:44:59:93:a1:c4:c6: + ec:64:03:71:ed:35:54:9e:2d:dc:b3:ad:2b:cc:74: + 1f:db:66:8f:73:19:47:5d:19:bf:e3:5c:48:bd:5d: + 3b:10:b3:9c:a2:ed:30:af:a0:2e:ac:cc:6a:bf:d6: + 1b:83:c2:98:86:bb:92:26:f3:ce:57:41:d2:68:74: + 57:f3:3a:f4:71:e4:52:8f:26:9b:60:65:cd:c3:87: + 3d:af:dd:06:99:30:70:08:ba:39:91:47:18:ea:c6: + 68:aa:ad:f4:e7:6f:26:bf:51:ff:be:1a:3c:52:45: + 9c:a0:03:7a:f5:e8:cc:55:89:ac:16:1a:6c:c2:18: + 75:3a:51:68:3d:8a:9c:b3:8e:ce:ed:00:a9:ac:47: + a1:1e:04:14:b7:fd:d3:75:ca:97:52:90:6e:d0:96: + 94:bf:44:2c:75:63:7b:78:3c:40:cc:13:bc:52:dd: + 71:14:ef:ee:d8:45:6c:37:85:bd:a8:01:df:ce:e6: + b1:fb:9c:4d:72:e7:47:fd:cb:a4:6e:cd:a7:4e:cb: + 01:b9:11 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: critical + Digital Signature + X509v3 Extended Key Usage: critical + Code Signing + X509v3 Subject Key Identifier: + 55:E1:CE:F8:81:93:E6:04:19:F0:B0:EC:37:9C:49:F7:75:45:AC:F0 + X509v3 Authority Key Identifier: + 5E:D6:FB:11:3F:AB:FD:E7:63:F0:13:73:E9:E2:D1:51:FB:B3:85:12 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 45:40:c8:30:a9:1a:1a:94:82:1c:65:49:99:1e:82:34:2d:bd: + 8b:ee:f9:93:a3:5d:89:b1:57:68:ec:d2:c7:3c:ea:2c:6a:14: + 6d:44:39:7e:63:b5:e5:38:0e:7e:a9:25:2d:5e:69:b0:18:8a: + c0:80:f7:0e:99:4c:26:f9:74:54:95:ad:08:46:5a:c5:ee:0c: + 24:7a:07:75:cc:26:41:ff:c0:69:46:d2:08:08:7f:2b:2f:0c: + 37:50:7a:7e:59:09:7d:00:26:fe:e8:1b:3b:92:62:f4:62:5a: + c2:b1:30:8d:12:12:07:ce:4f:a9:78:09:f8:a6:6e:26:24:b4: + e8:a7:ac:ac:b8:ba:62:f1:79:b9:71:34:0b:45:f5:c0:32:f3: + fa:d6:7c:05:4d:94:b3:c3:19:61:6f:0e:af:d3:90:29:aa:29: + 70:bf:90:bd:8b:53:d6:7f:5b:ac:f9:41:9b:39:b8:55:1e:0b: + 65:cd:2e:96:1c:1b:f9:65:1e:30:7b:ab:04:d8:44:f1:41:5d: + 13:3c:e1:c4:cf:fc:be:0c:75:dc:a8:47:e3:d6:3f:cf:c1:15: + d4:e4:e3:db:aa:9d:70:7b:13:10:4d:46:de:63:57:28:3a:70: + f9:3e:e6:d3:a6:52:dd:8f:fe:1f:97:e5:03:63:d1:7e:c4:9a: + f7:11:ea:6c:06:ee:58:4e:e5:a8:fb:d5:ff:46:b0:f6:13:a7: + aa:f2:7b:df:32:80:73:27:0f:4a:55:0c:e6:b9:f3:a7:0d:61: + 2e:20:6b:d9:b1:d2:07:9a:d3:89:af:99:89:87:90:ab:b0:1f: + 89:74:19:bd:7a:24:66:ef:ab:55:34:d5:f5:9a:74:62:02:81: + 22:67:71:ae:c2:bf:9d:b6:08:7c:88:83:df:42:35:95:5e:75: + 82:bc:40:83:ca:11:96:01:e1:1a:f1:c6:f0:36:fa:57:3f:4f: + ce:87:6a:3d:92:52:a9:bf:13:cd:92:a9:8f:b2:02:32:1d:94: + b3:ba:af:58:e7:0d:d4:a2:03:69:ac:b4:af:d9:b3:ae:57:01: + 24:60:7a:bc:27:7d:37:89:e6:d8:7b:27:b1:ea:0f:97:3e:bc: + 7b:e8:6d:ad:5e:7c:6f:9b:ed:65:f0:86:2b:28:9c:50:a6:43: + e6:2c:4c:03:31:70:64:25:4e:60:25:b3:27:4e:1a:59:8e:7a: + cd:c2:28:c9:e0:a4:e0:31:12:39:8f:c0:f1:f6:cd:e5:8e:69: + c4:ca:0e:d7:37:50:7b:3d:cd:51:cd:4b:ac:02:50:bf:8c:5e: + 78:15:0a:eb:79:73:21:da:bb:e0:2f:36:ae:7f:d4:98:f4:0d: + ad:f3:c7:72:0d:e9:6f:94 +-----BEGIN CERTIFICATE----- +MIIFhDCCA2ygAwIBAgIJAMUquBibzLsWMA0GCSqGSIb3DQEBCwUAMEAxGjAYBgNV +BAMMEU52aWRpYSBHUFUgT09UIENBMSIwIAYJKoZIhvcNAQkBFhNzZWNhbGVydEBy +ZWRoYXQuY29tMB4XDTIzMTEyODE3NTczM1oXDTM4MDExODE3NTczM1owSTEjMCEG +A1UEAwwaTnZpZGlhIEdQVSBPT1Qgc2lnbmluZyAwMDExIjAgBgkqhkiG9w0BCQEW +E3NlY2FsZXJ0QHJlZGhhdC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCq5w9VEMgZRqLe7ApUiPNyckcrDfkTKOjbyHYXUSar2jHpL/TsoQjfcmrg +hh4nAE+iAOcUwZIqC7VvOPF5iwvzfbvkMS80Ep71j/vk9ga0kh+0ESG/5Lwfk9aI +1LX1oaQcoR8VQO//ti6/uakQpf4MS6AdfJjqLBKLPPKwX/YiicjK0ew9y5znfNmv +AtVpd27kmKndkr1iHqYvA2nlO1OTjYhUwNvXY62CO1t0kGtOkSvkn1sj/IsopWgB +iLHhkKJL5v/g5BauovZkV0vHqWioxEX7VDzP7/1OscYITtquUfhfKrQSBrEDYBrn +RSL5zVmhkTYt3W/sQjWYLpLZMZtNwwBL6otw1tw02rNmKvNeAE6DFCEkcXrt6gnH +VyxYOTIeJB/vUnu8jRhHurMWpFZl453+rkRZk6HExuxkA3HtNVSeLdyzrSvMdB/b +Zo9zGUddGb/jXEi9XTsQs5yi7TCvoC6szGq/1huDwpiGu5Im885XQdJodFfzOvRx +5FKPJptgZc3Dhz2v3QaZMHAIujmRRxjqxmiqrfTnbya/Uf++GjxSRZygA3r16MxV +iawWGmzCGHU6UWg9ipyzjs7tAKmsR6EeBBS3/dN1ypdSkG7QlpS/RCx1Y3t4PEDM +E7xS3XEU7+7YRWw3hb2oAd/O5rH7nE1y50f9y6RuzadOywG5EQIDAQABo3gwdjAM +BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAWBgNVHSUBAf8EDDAKBggrBgEF +BQcDAzAdBgNVHQ4EFgQUVeHO+IGT5gQZ8LDsN5xJ93VFrPAwHwYDVR0jBBgwFoAU +Xtb7ET+r/edj8BNz6eLRUfuzhRIwDQYJKoZIhvcNAQELBQADggIBAEVAyDCpGhqU +ghxlSZkegjQtvYvu+ZOjXYmxV2js0sc86ixqFG1EOX5jteU4Dn6pJS1eabAYisCA +9w6ZTCb5dFSVrQhGWsXuDCR6B3XMJkH/wGlG0ggIfysvDDdQen5ZCX0AJv7oGzuS +YvRiWsKxMI0SEgfOT6l4CfimbiYktOinrKy4umLxeblxNAtF9cAy8/rWfAVNlLPD +GWFvDq/TkCmqKXC/kL2LU9Z/W6z5QZs5uFUeC2XNLpYcG/llHjB7qwTYRPFBXRM8 +4cTP/L4MddyoR+PWP8/BFdTk49uqnXB7ExBNRt5jVyg6cPk+5tOmUt2P/h+X5QNj +0X7EmvcR6mwG7lhO5aj71f9GsPYTp6rye98ygHMnD0pVDOa586cNYS4ga9mx0gea +04mvmYmHkKuwH4l0Gb16JGbvq1U01fWadGICgSJnca7Cv522CHyIg99CNZVedYK8 +QIPKEZYB4RrxxvA2+lc/T86Haj2SUqm/E82SqY+yAjIdlLO6r1jnDdSiA2mstK/Z +s65XASRgerwnfTeJ5th7J7HqD5c+vHvoba1efG+b7WXwhisonFCmQ+YsTAMxcGQl +TmAlsydOGlmOes3CKMngpOAxEjmPwPH2zeWOacTKDtc3UHs9zVHNS6wCUL+MXngV +Cut5cyHau+AvNq5/1Jj0Da3zx3IN6W+U +-----END CERTIFICATE----- diff --git a/SOURCES/rheldup3.pem b/SOURCES/rheldup3.pem new file mode 100644 index 0000000..61cd804 --- /dev/null +++ b/SOURCES/rheldup3.pem @@ -0,0 +1,102 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + df:05:cc:0a:a1:21:9e:3e + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN = Red Hat Enterprise Linux Driver Update Program (key 3), emailAddress = secalert@redhat.com + Validity + Not Before: Mar 31 08:40:36 2014 GMT + Not After : Mar 25 08:40:36 2037 GMT + Subject: CN = Red Hat Enterprise Linux Driver Update Program (key 3), emailAddress = secalert@redhat.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (3072 bit) + Modulus: + 00:a6:6a:c6:0a:73:d6:e0:67:ab:09:21:b7:8e:61: + bb:e2:80:96:55:fd:be:35:5c:7a:9f:c8:9e:2a:1f: + 41:b1:54:25:8b:c1:6b:7a:75:83:8d:df:6b:c8:20: + 4d:94:31:f0:c6:ed:d6:66:6e:e5:cc:6e:20:5f:17: + 3f:e0:d4:5a:41:cf:de:ff:31:70:44:a5:fe:79:8d: + 14:d9:04:2e:66:08:ac:cb:14:6e:75:53:38:f5:85: + 44:99:43:f6:b1:03:bc:7c:d6:bd:9d:1b:e2:3c:8d: + a4:f0:1c:97:ff:0e:37:61:cc:a1:c7:51:2a:44:69: + 9f:88:f9:1a:62:d5:dd:f7:bf:04:66:90:57:6e:83: + d8:07:cc:fe:eb:61:99:fb:3b:3e:97:c7:5b:8f:e5: + 8c:eb:01:ab:a1:99:95:5c:1c:cf:8d:2b:6e:74:82: + 80:6c:14:be:bd:81:d8:9a:ba:57:aa:49:26:fd:c8: + 3d:06:8e:35:77:bf:56:f8:53:10:69:1b:da:93:41: + 05:cd:51:65:ca:3b:40:82:f5:4f:dd:df:1d:be:db: + 96:ed:c0:e5:d7:03:f1:39:53:3c:fc:4a:c6:af:3b: + 36:ab:3d:9f:c9:19:c4:67:f5:41:b0:bd:93:98:38: + bc:4f:fe:c6:64:05:ec:a5:cb:9a:fb:c3:72:90:da: + b7:9d:91:68:8b:00:b6:b0:83:62:8c:5b:e0:bd:1c: + b0:a5:3b:49:be:77:37:be:54:37:0a:a5:2b:7a:05: + ef:61:97:68:a3:5d:e1:90:5e:d6:d6:22:bf:50:d1: + 2b:22:be:7d:f2:30:bd:5a:0d:6e:91:6a:8e:89:56: + 97:30:7d:14:93:a4:05:69:e5:0d:8f:be:39:6d:17: + 02:66:7f:a6:05:db:5f:f6:b2:39:43:04:1e:44:fc: + ae:f2:de:12:02:d7:e4:e0:eb:08:a6:1f:b9:cd:d4: + 8b:75:40:b3:bb:4f:92:15:78:a1:2e:4b:c4:8f:2f: + 7d:ad:34:be:6b:2a:29:18:d5:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: + Digital Signature + X509v3 Subject Key Identifier: + BF:57:F3:E8:73:62:BC:72:29:D9:F4:65:32:17:73:DF:D1:F7:7A:80 + X509v3 Authority Key Identifier: + BF:57:F3:E8:73:62:BC:72:29:D9:F4:65:32:17:73:DF:D1:F7:7A:80 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 62:a8:a3:1c:39:5a:69:fa:a6:c6:ff:ab:6c:f6:9e:9a:f5:6b: + 84:72:c8:18:6f:15:2d:07:9f:ac:b4:a0:49:fb:20:02:32:b8: + 25:80:98:fb:d7:57:7f:9c:78:a9:19:dd:f5:b8:bd:c7:59:03: + a0:06:85:a9:18:7a:35:df:9f:53:f0:22:61:bf:0a:bb:1c:f3: + a6:9e:db:8e:2c:1c:25:b2:86:a3:0d:97:ce:0d:f4:d0:28:39: + 76:00:38:07:f2:02:f5:e0:a8:01:20:30:a8:18:7c:1f:0e:91: + 41:a6:cc:0a:a7:2e:78:c2:32:de:ae:f6:2d:9d:b1:43:17:31: + f1:ff:74:b1:f5:ef:bd:a2:53:bf:17:20:1a:da:bd:5e:7b:db: + 79:43:c7:7b:79:a7:31:ca:3e:54:28:e4:44:2b:ac:41:b9:c0: + 03:44:ce:e9:56:13:0b:87:f9:82:e6:1e:82:75:23:c2:2c:cf: + 8d:8e:ad:47:40:16:b4:86:82:92:4d:77:8c:02:27:7a:cf:93: + ed:21:4a:fa:d8:fb:e9:30:d4:b9:c8:e2:05:a7:2e:5d:4b:80: + db:ec:aa:4f:e2:4e:5d:94:13:ad:73:65:26:7e:4d:0e:44:49: + 03:8f:42:e5:4e:e8:43:4b:1f:76:fc:18:d1:c1:c1:ac:85:de: + ec:97:13:e1:de:e6:fa:75:c6:f0:fd:c2:15:7e:23:72:f2:28: + fa:b6:6f:a3:96:e5:d4:b5:b2:a5:6b:e3:b6:cf:47:46:6b:a6: + 93:7c:7d:28:5d:ba:ce:da:19:e9:4c:a8:a4:9a:1e:77:fc:5a: + b5:43:ad:9f:f7:bb:be:5f:85:9e:c9:0e:4c:a1:01:54:01:a1: + 6e:ae:67:13:84:ee:ad:e9:20:77:66:be:6d:06:73:80:18:dc: + c8:d5:16:c4:7f:8a:b5:63:b8:37:fa:be:95:8b:5d:46:2d:a9: + 69:71:bc:d4:44:38:68:e4:11:8d:8e:8d:99:a2:9a:4b:07:ae: + 11:cf:05:d8:b7:ff +-----BEGIN CERTIFICATE----- +MIIEqjCCAxKgAwIBAgIJAN8FzAqhIZ4+MA0GCSqGSIb3DQEBCwUAMGUxPzA9BgNV +BAMTNlJlZCBIYXQgRW50ZXJwcmlzZSBMaW51eCBEcml2ZXIgVXBkYXRlIFByb2dy +YW0gKGtleSAzKTEiMCAGCSqGSIb3DQEJARYTc2VjYWxlcnRAcmVkaGF0LmNvbTAe +Fw0xNDAzMzEwODQwMzZaFw0zNzAzMjUwODQwMzZaMGUxPzA9BgNVBAMTNlJlZCBI +YXQgRW50ZXJwcmlzZSBMaW51eCBEcml2ZXIgVXBkYXRlIFByb2dyYW0gKGtleSAz +KTEiMCAGCSqGSIb3DQEJARYTc2VjYWxlcnRAcmVkaGF0LmNvbTCCAaIwDQYJKoZI +hvcNAQEBBQADggGPADCCAYoCggGBAKZqxgpz1uBnqwkht45hu+KAllX9vjVcep/I +niofQbFUJYvBa3p1g43fa8ggTZQx8Mbt1mZu5cxuIF8XP+DUWkHP3v8xcESl/nmN +FNkELmYIrMsUbnVTOPWFRJlD9rEDvHzWvZ0b4jyNpPAcl/8ON2HMocdRKkRpn4j5 +GmLV3fe/BGaQV26D2AfM/uthmfs7PpfHW4/ljOsBq6GZlVwcz40rbnSCgGwUvr2B +2Jq6V6pJJv3IPQaONXe/VvhTEGkb2pNBBc1RZco7QIL1T93fHb7blu3A5dcD8TlT +PPxKxq87Nqs9n8kZxGf1QbC9k5g4vE/+xmQF7KXLmvvDcpDat52RaIsAtrCDYoxb +4L0csKU7Sb53N75UNwqlK3oF72GXaKNd4ZBe1tYiv1DRKyK+ffIwvVoNbpFqjolW +lzB9FJOkBWnlDY++OW0XAmZ/pgXbX/ayOUMEHkT8rvLeEgLX5ODrCKYfuc3Ui3VA +s7tPkhV4oS5LxI8vfa00vmsqKRjV6QIDAQABo10wWzAMBgNVHRMBAf8EAjAAMAsG +A1UdDwQEAwIHgDAdBgNVHQ4EFgQUv1fz6HNivHIp2fRlMhdz39H3eoAwHwYDVR0j +BBgwFoAUv1fz6HNivHIp2fRlMhdz39H3eoAwDQYJKoZIhvcNAQELBQADggGBAGKo +oxw5Wmn6psb/q2z2npr1a4RyyBhvFS0Hn6y0oEn7IAIyuCWAmPvXV3+ceKkZ3fW4 +vcdZA6AGhakYejXfn1PwImG/Crsc86ae244sHCWyhqMNl84N9NAoOXYAOAfyAvXg +qAEgMKgYfB8OkUGmzAqnLnjCMt6u9i2dsUMXMfH/dLH1772iU78XIBravV5723lD +x3t5pzHKPlQo5EQrrEG5wANEzulWEwuH+YLmHoJ1I8Isz42OrUdAFrSGgpJNd4wC +J3rPk+0hSvrY++kw1LnI4gWnLl1LgNvsqk/iTl2UE61zZSZ+TQ5ESQOPQuVO6ENL +H3b8GNHBwayF3uyXE+He5vp1xvD9whV+I3LyKPq2b6OW5dS1sqVr47bPR0ZrppN8 +fShdus7aGelMqKSaHnf8WrVDrZ/3u75fhZ7JDkyhAVQBoW6uZxOE7q3pIHdmvm0G +c4AY3MjVFsR/irVjuDf6vpWLXUYtqWlxvNREOGjkEY2OjZmimksHrhHPBdi3/w== +-----END CERTIFICATE----- diff --git a/SOURCES/rhelima.pem b/SOURCES/rhelima.pem new file mode 100644 index 0000000..6224ac6 --- /dev/null +++ b/SOURCES/rhelima.pem @@ -0,0 +1,70 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + d6:78:a4:e3:e7:d3:c5:a9 + Signature Algorithm: sha256WithRSAEncryption + Issuer: O = RH-IMA-CA, CN = Red Hat IMA CA, emailAddress = secalert@redhat.com + Validity + Not Before: Jul 1 16:14:04 2023 GMT + Not After : Jan 18 16:14:04 2038 GMT + Subject: CN = Red Hat IMA release key (for verification) + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:4f:0e:ef:bf:e2:23:89:91:27:4e:7c:32:a1:d0: + c0:26:92:de:37:8d:b0:5d:ea:7f:d6:27:18:9b:b4: + 62:be:06:85:3d:f9:cc:47:7e:c7:bd:91:54:53:62: + b4:c0:8a:43:48:c2:59:07:2b:88:d7:3d:4b:30:8d: + 6c:32:fb:a5:da:dc:8a:85:e9:61:44:18:fc:d9:8b: + f5:5e:38:c8:85:77:ca:73:68:ce:48:df:af:3d:06: + 43:2f:4b:6c:0c:cd:88 + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: critical + Digital Signature + X509v3 Extended Key Usage: critical + Code Signing + X509v3 Subject Key Identifier: + 22:FA:01:DC:0E:A0:26:9F:69:A8:67:E5:CF:E4:9C:FB:D3:32:04:49 + X509v3 Authority Key Identifier: + FB:31:82:5D:D0:E0:73:68:5B:26:4E:30:38:96:36:73:F7:53:95:9A + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 1a:1e:c1:2d:65:ad:f0:24:ec:9e:a7:fd:d4:ea:e1:54:dc:31: + 1c:62:8c:29:0b:7a:56:6e:f7:b4:87:92:3e:ff:d5:40:4b:24: + a1:68:6e:ee:9c:35:65:a1:3f:8e:f3:8b:9b:18:b1:03:ed:fb: + 50:2e:a3:23:d1:93:1d:d6:82:0a:10:6f:34:be:d6:3a:bd:76: + 8c:44:0e:ad:a7:2a:c4:8e:8d:c4:e4:8d:51:d8:26:b7:38:89: + d1:23:a0:23:88:76:fa:f1:27:91:57:3e:b2:0f:cf:73:53:db: + 20:40:5d:82:b9:e9:bc:a2:94:09:57:fb:85:0d:56:4b:dc:19: + 65:12:2f:6d:6a:3b:be:35:1f:d4:52:ea:e4:72:36:f9:fe:cb: + d4:1b:0f:e3:0e:88:7c:68:58:28:c3:06:5f:bd:d2:f9:2e:1a: + 30:f0:63:65:2d:55:e1:a4:fd:97:cf:ff:c0:52:22:1c:24:a3: + 6e:de:7a:c9:9d:75:d2:d0:82:b0:7f:6f:db:21:01:69:f0:54: + 76:04:19:68:2c:22:72:dd:3b:0d:04:d5:ad:5a:80:30:68:90: + 6e:c2:27:f4:28:af:1b:78:f6:0a:70:74:5c:3a:61:42:f5:63: + 7c:83:12:5a:1b:43:bc:d4:1b:28:b5:ef:98:c5:14:04:42:80: + dd:54:30:a4 +-----BEGIN CERTIFICATE----- +MIIC0zCCAbugAwIBAgIJANZ4pOPn08WpMA0GCSqGSIb3DQEBCwUAMFExEjAQBgNV +BAoMCVJILUlNQS1DQTEXMBUGA1UEAwwOUmVkIEhhdCBJTUEgQ0ExIjAgBgkqhkiG +9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMjMwNzAxMTYxNDA0WhcNMzgw +MTE4MTYxNDA0WjA1MTMwMQYDVQQDDCpSZWQgSGF0IElNQSByZWxlYXNlIGtleSAo +Zm9yIHZlcmlmaWNhdGlvbikwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARPDu+/4iOJ +kSdOfDKh0MAmkt43jbBd6n/WJxibtGK+BoU9+cxHfse9kVRTYrTAikNIwlkHK4jX +PUswjWwy+6Xa3IqF6WFEGPzZi/VeOMiFd8pzaM5I3689BkMvS2wMzYijeDB2MAwG +A1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMBYGA1UdJQEB/wQMMAoGCCsGAQUF +BwMDMB0GA1UdDgQWBBQi+gHcDqAmn2moZ+XP5Jz70zIESTAfBgNVHSMEGDAWgBT7 +MYJd0OBzaFsmTjA4ljZz91OVmjANBgkqhkiG9w0BAQsFAAOCAQEAGh7BLWWt8CTs +nqf91OrhVNwxHGKMKQt6Vm73tIeSPv/VQEskoWhu7pw1ZaE/jvOLmxixA+37UC6j +I9GTHdaCChBvNL7WOr12jEQOracqxI6NxOSNUdgmtziJ0SOgI4h2+vEnkVc+sg/P +c1PbIEBdgrnpvKKUCVf7hQ1WS9wZZRIvbWo7vjUf1FLq5HI2+f7L1BsP4w6IfGhY +KMMGX73S+S4aMPBjZS1V4aT9l8//wFIiHCSjbt56yZ110tCCsH9v2yEBafBUdgQZ +aCwict07DQTVrVqAMGiQbsIn9CivG3j2CnB0XDphQvVjfIMSWhtDvNQbKLXvmMUU +BEKA3VQwpA== +-----END CERTIFICATE----- diff --git a/SOURCES/rhelima_centos.pem b/SOURCES/rhelima_centos.pem new file mode 100644 index 0000000..ab468b8 --- /dev/null +++ b/SOURCES/rhelima_centos.pem @@ -0,0 +1,70 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + d6:78:a4:e3:e7:d3:c5:ab + Signature Algorithm: sha256WithRSAEncryption + Issuer: O = RH-IMA-CA, CN = Red Hat IMA CA, emailAddress = secalert@redhat.com + Validity + Not Before: Jul 1 16:14:51 2023 GMT + Not After : Jan 18 16:14:51 2038 GMT + Subject: CN = CentOS IMA release key (for verification) + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:d4:d0:31:08:09:0d:97:d0:5c:c8:49:ff:90:f4: + 3a:16:85:a3:73:a1:d9:c4:28:4c:f7:aa:a8:22:c2: + cf:0e:8b:d7:9a:ed:e6:f0:89:f8:85:95:72:c3:38: + 27:2a:29:97:6a:6b:2b:01:04:a3:32:ba:f4:75:f9: + e4:c8:48:2f:f5:36:69:44:27:f9:35:b3:0c:c3:22: + 24:67:51:06:d3:73:f1:56:94:20:a8:8c:82:34:c0: + 10:ef:ce:f9:b4:7a:42 + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: critical + Digital Signature + X509v3 Extended Key Usage: critical + Code Signing + X509v3 Subject Key Identifier: + 54:E5:A3:4F:16:2B:32:B7:77:FF:E3:4F:1E:8B:66:12:7C:43:5B:B5 + X509v3 Authority Key Identifier: + FB:31:82:5D:D0:E0:73:68:5B:26:4E:30:38:96:36:73:F7:53:95:9A + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + c6:1d:92:0e:92:40:d6:ae:a5:5d:4e:5d:2a:e1:0f:92:42:20: + 89:e1:a9:82:87:35:42:c9:7f:77:dd:19:e3:cf:ef:be:8b:39: + 4f:99:2e:cd:cc:a3:18:23:7f:81:4b:7d:63:5d:71:b4:4b:9c: + ea:dc:2f:1d:16:da:4c:ed:98:bf:df:88:11:d0:8b:af:01:55: + 71:05:fe:d7:ac:78:4e:46:de:48:9f:04:74:42:c2:c8:1a:fc: + c5:46:6a:99:3e:9a:b0:e4:04:07:48:e2:4c:65:e5:01:a8:ad: + 3c:8d:c0:ca:c5:73:23:36:88:27:54:8b:90:f8:ea:55:fc:eb: + b8:69:a5:8b:a0:1d:8b:f1:93:dd:71:9e:e9:88:f0:2d:0e:7d: + 86:a4:8d:0b:fd:00:c9:c0:73:aa:b1:65:b1:60:6e:a4:09:1b: + 3e:30:d9:62:2a:15:d6:50:2a:6a:fd:24:e7:8c:93:78:4a:28: + d5:b1:d9:ba:1b:8d:ef:48:0d:f4:8c:79:90:0f:95:8d:79:39: + 8d:41:a5:fc:6f:e4:ef:5c:ee:3b:f4:c3:2c:c3:a0:b7:61:ac: + 7e:e9:eb:a0:3a:ba:05:2c:bd:aa:a9:1f:c5:b9:ee:72:f6:c4: + 54:1f:71:3b:e1:70:1a:30:f4:04:18:50:60:c4:5a:da:93:cd: + b6:f6:67:c8 +-----BEGIN CERTIFICATE----- +MIIC0jCCAbqgAwIBAgIJANZ4pOPn08WrMA0GCSqGSIb3DQEBCwUAMFExEjAQBgNV +BAoMCVJILUlNQS1DQTEXMBUGA1UEAwwOUmVkIEhhdCBJTUEgQ0ExIjAgBgkqhkiG +9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMjMwNzAxMTYxNDUxWhcNMzgw +MTE4MTYxNDUxWjA0MTIwMAYDVQQDDClDZW50T1MgSU1BIHJlbGVhc2Uga2V5IChm +b3IgdmVyaWZpY2F0aW9uKTB2MBAGByqGSM49AgEGBSuBBAAiA2IABNTQMQgJDZfQ +XMhJ/5D0OhaFo3Oh2cQoTPeqqCLCzw6L15rt5vCJ+IWVcsM4Jyopl2prKwEEozK6 +9HX55MhIL/U2aUQn+TWzDMMiJGdRBtNz8VaUIKiMgjTAEO/O+bR6QqN4MHYwDAYD +VR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwFgYDVR0lAQH/BAwwCgYIKwYBBQUH +AwMwHQYDVR0OBBYEFFTlo08WKzK3d//jTx6LZhJ8Q1u1MB8GA1UdIwQYMBaAFPsx +gl3Q4HNoWyZOMDiWNnP3U5WaMA0GCSqGSIb3DQEBCwUAA4IBAQDGHZIOkkDWrqVd +Tl0q4Q+SQiCJ4amChzVCyX933Rnjz+++izlPmS7NzKMYI3+BS31jXXG0S5zq3C8d +FtpM7Zi/34gR0IuvAVVxBf7XrHhORt5InwR0QsLIGvzFRmqZPpqw5AQHSOJMZeUB +qK08jcDKxXMjNognVIuQ+OpV/Ou4aaWLoB2L8ZPdcZ7piPAtDn2GpI0L/QDJwHOq +sWWxYG6kCRs+MNliKhXWUCpq/STnjJN4SijVsdm6G43vSA30jHmQD5WNeTmNQaX8 +b+TvXO479MMsw6C3Yax+6eugOroFLL2qqR/Fue5y9sRUH3E74XAaMPQEGFBgxFra +k8229mfI +-----END CERTIFICATE----- diff --git a/SOURCES/rhelimaca1.pem b/SOURCES/rhelimaca1.pem new file mode 100644 index 0000000..704553d --- /dev/null +++ b/SOURCES/rhelimaca1.pem @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + aa:05:bd:59:88:e4:fe:ba + Signature Algorithm: sha256WithRSAEncryption + Issuer: O = RH-IMA-CA, CN = Red Hat IMA CA, emailAddress = secalert@redhat.com + Validity + Not Before: Jul 1 15:22:50 2023 GMT + Not After : Jan 18 15:22:50 2038 GMT + Subject: O = RH-IMA-CA, CN = Red Hat IMA CA, emailAddress = secalert@redhat.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ca:74:5e:05:ee:bd:00:33:4a:49:92:6d:b9:2e: + 4b:1a:b5:3d:05:49:68:50:70:9e:39:28:a0:58:87: + 55:b7:b0:54:8e:21:cc:1a:b3:0f:1c:bc:11:76:1c: + 9a:0f:de:56:97:79:41:83:2d:5d:c6:b8:32:36:dd: + 20:f4:0f:b1:28:9a:e7:fd:ff:27:cd:f6:57:30:0d: + b1:dd:4c:2f:71:be:49:d1:57:06:5a:6d:4b:59:ca: + 87:fb:25:0d:ac:f1:41:c7:8e:10:e8:18:8b:40:ae: + c3:fe:1f:9a:0d:da:ee:4f:6d:da:f2:c0:27:f8:cb: + ae:6e:84:bb:49:b8:9a:e2:c2:9d:de:81:e9:e2:d6: + 03:6f:ee:eb:17:b3:2d:da:50:51:1e:da:f6:12:54: + f7:89:c3:bc:5a:90:fb:1d:ba:21:a4:25:07:87:3e: + d4:12:c1:d6:f8:3f:c1:80:65:c0:15:81:6a:51:92: + 36:af:63:39:7a:83:4e:48:3e:19:5d:a5:a3:48:e1: + 7c:5c:ff:e3:ed:bb:59:7b:c3:93:5d:d5:1f:c2:97: + df:6d:c5:ff:73:c3:66:64:4b:0f:6c:72:43:e2:65: + 60:03:38:b8:c0:51:b6:ae:5a:f8:8e:f9:c2:8f:55: + 9c:d0:d2:db:94:ac:75:c8:0f:85:49:b1:96:82:01: + 4b:67 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + FB:31:82:5D:D0:E0:73:68:5B:26:4E:30:38:96:36:73:F7:53:95:9A + X509v3 Authority Key Identifier: + FB:31:82:5D:D0:E0:73:68:5B:26:4E:30:38:96:36:73:F7:53:95:9A + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 52:71:86:bc:05:f4:08:dc:0b:8b:b2:b6:95:a9:04:a3:f8:19: + e9:0a:a9:6d:4b:b7:1e:f5:7d:ff:d8:1a:0b:4f:1e:cb:07:94: + 09:b0:93:16:3d:20:61:03:5b:15:b9:60:f0:c1:5f:28:70:59: + b5:59:de:c1:1e:76:92:1c:bb:43:d9:53:ae:2b:ad:7c:09:20: + 7a:ac:29:b8:1e:17:48:b6:54:d4:11:60:72:2b:44:3e:2e:f2: + 48:35:73:05:81:51:5e:b5:0c:a5:cc:35:15:de:29:1b:f0:75: + 4e:af:b8:46:51:96:98:6a:ac:75:08:d8:90:5d:d0:1a:eb:a3: + 95:58:d2:8b:03:bf:f2:37:fc:85:20:49:7c:f6:16:67:31:eb: + 40:11:65:94:1a:cf:9e:6e:6d:f0:83:17:84:63:05:e5:08:97: + 31:dc:e2:75:46:52:8b:a9:57:95:0f:41:df:37:1e:fa:18:35: + 19:57:23:0a:c1:fa:79:da:62:85:85:7c:68:c1:bb:6f:78:96: + 02:8c:0e:be:53:fb:97:15:d3:bb:d7:fe:90:99:6f:0e:c1:5d: + 3a:ec:ac:07:b5:69:e9:86:04:25:29:36:9f:48:e0:3d:a1:aa: + 8c:71:66:85:30:f3:2e:e6:cb:91:8e:76:24:ab:4e:3e:2d:de: + 5a:d1:43:c6 +-----BEGIN CERTIFICATE----- +MIIDiDCCAnCgAwIBAgIJAKoFvVmI5P66MA0GCSqGSIb3DQEBCwUAMFExEjAQBgNV +BAoMCVJILUlNQS1DQTEXMBUGA1UEAwwOUmVkIEhhdCBJTUEgQ0ExIjAgBgkqhkiG +9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMjMwNzAxMTUyMjUwWhcNMzgw +MTE4MTUyMjUwWjBRMRIwEAYDVQQKDAlSSC1JTUEtQ0ExFzAVBgNVBAMMDlJlZCBI +YXQgSU1BIENBMSIwIAYJKoZIhvcNAQkBFhNzZWNhbGVydEByZWRoYXQuY29tMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynReBe69ADNKSZJtuS5LGrU9 +BUloUHCeOSigWIdVt7BUjiHMGrMPHLwRdhyaD95Wl3lBgy1dxrgyNt0g9A+xKJrn +/f8nzfZXMA2x3Uwvcb5J0VcGWm1LWcqH+yUNrPFBx44Q6BiLQK7D/h+aDdruT23a +8sAn+MuuboS7Sbia4sKd3oHp4tYDb+7rF7Mt2lBRHtr2ElT3icO8WpD7HbohpCUH +hz7UEsHW+D/BgGXAFYFqUZI2r2M5eoNOSD4ZXaWjSOF8XP/j7btZe8OTXdUfwpff +bcX/c8NmZEsPbHJD4mVgAzi4wFG2rlr4jvnCj1Wc0NLblKx1yA+FSbGWggFLZwID +AQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT7MYJd0OBzaFsmTjA4 +ljZz91OVmjAfBgNVHSMEGDAWgBT7MYJd0OBzaFsmTjA4ljZz91OVmjAOBgNVHQ8B +Af8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAFJxhrwF9AjcC4uytpWpBKP4GekK +qW1Ltx71ff/YGgtPHssHlAmwkxY9IGEDWxW5YPDBXyhwWbVZ3sEedpIcu0PZU64r +rXwJIHqsKbgeF0i2VNQRYHIrRD4u8kg1cwWBUV61DKXMNRXeKRvwdU6vuEZRlphq +rHUI2JBd0Brro5VY0osDv/I3/IUgSXz2Fmcx60ARZZQaz55ubfCDF4RjBeUIlzHc +4nVGUoupV5UPQd83HvoYNRlXIwrB+nnaYoWFfGjBu294lgKMDr5T+5cV07vX/pCZ +bw7BXTrsrAe1aemGBCUpNp9I4D2hqoxxZoUw8y7my5GOdiSrTj4t3lrRQ8Y= +-----END CERTIFICATE----- diff --git a/SOURCES/rhelkpatch1.pem b/SOURCES/rhelkpatch1.pem new file mode 100644 index 0000000..71f2837 --- /dev/null +++ b/SOURCES/rhelkpatch1.pem @@ -0,0 +1,102 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 91:5d:16:42:f6:60:09:e4 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN = Red Hat Enterprise Linux kpatch signing key, emailAddress = secalert@redhat.com + Validity + Not Before: Mar 31 08:34:47 2014 GMT + Not After : Mar 25 08:34:47 2037 GMT + Subject: CN = Red Hat Enterprise Linux kpatch signing key, emailAddress = secalert@redhat.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (3072 bit) + Modulus: + 00:a6:ad:de:2d:77:ee:76:a9:29:30:fc:f2:b7:11: + ac:41:94:72:68:52:6b:08:54:68:8a:c7:0a:a5:b2: + 10:b6:b4:83:6f:3c:ff:4f:fe:9b:1e:a6:e4:a7:78: + 78:7a:d1:06:30:b2:2c:f5:b3:68:1a:1d:28:b9:24: + 4f:75:aa:e2:76:00:8b:dd:06:e3:24:52:a5:14:e2: + 42:17:17:4f:01:5a:6a:97:bf:60:08:ad:e0:17:60: + 20:bc:59:11:e2:87:3d:6c:c7:b8:8a:f1:44:87:09: + 13:71:fd:76:7d:ef:e5:2b:ca:78:61:4d:16:8e:68: + e0:0a:85:d2:e3:de:37:e1:d1:e6:d8:a0:f7:30:d3: + 62:fa:c4:20:81:97:9a:d7:c2:4e:a2:49:80:00:d0: + 6d:ac:c6:3e:99:5a:48:70:cf:5b:52:e5:8c:88:51: + 02:89:0f:0a:3f:b8:12:85:1a:cb:2f:72:32:97:ce: + fa:fe:04:47:f6:1d:81:4a:01:65:8f:17:20:20:6d: + c5:16:91:be:cb:92:cc:ad:1f:a6:d6:2c:8e:d9:48: + 58:7d:8d:fe:08:a7:54:f4:c3:a5:e6:ae:25:da:e7: + 7b:b1:20:06:3b:6c:b7:91:e5:93:41:95:95:bf:9a: + cc:5c:20:4f:0b:96:55:90:fe:40:5c:99:59:fe:0e: + 1b:fa:b7:78:b5:dd:b7:ff:d0:49:97:e8:bf:5a:34: + d2:02:05:90:36:c5:c9:2e:8d:27:1d:5c:7b:97:fc: + ca:22:b4:01:00:36:7c:6d:0f:a6:35:0e:34:3f:07: + 59:8a:39:09:77:47:09:6f:0a:45:e4:e2:e6:0c:99: + f3:01:c8:3d:d8:f9:2e:f5:fa:2c:61:a1:6a:58:43: + 06:72:84:b0:a4:bb:5a:8c:2c:27:b6:2d:e2:b8:13: + f0:15:69:f7:23:05:4f:23:5c:df:95:7a:06:a4:98: + bb:39:34:c7:eb:01:61:a8:c4:7c:cc:0d:fb:56:8d: + 1a:da:e1:94:c5:a7:e9:28:1a:35 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: + Digital Signature + X509v3 Subject Key Identifier: + 4D:38:FD:86:4E:BE:18:C5:F0:B7:2E:38:52:E2:01:4C:3A:67:6F:C8 + X509v3 Authority Key Identifier: + 4D:38:FD:86:4E:BE:18:C5:F0:B7:2E:38:52:E2:01:4C:3A:67:6F:C8 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 17:d2:03:8c:49:cd:13:e9:2b:99:91:c9:0f:46:1d:91:5c:a9: + ef:17:46:3f:ee:d1:05:10:72:90:09:55:1b:94:a6:c8:34:8d: + 89:fb:96:cf:b5:7b:08:38:ba:77:6b:e5:69:d7:1e:71:ea:ad: + 34:e5:b3:1f:1d:cb:d7:c7:6d:f6:45:a8:c0:74:79:2d:ca:e5: + 06:af:3e:b7:40:af:66:98:81:e0:45:d5:04:f3:a6:2b:ff:55: + b1:4e:6d:29:da:ea:a5:ab:27:82:9c:d7:78:6e:56:4d:82:b0: + 6d:de:bf:60:e9:5a:a7:c4:8d:8b:c3:6a:f0:c5:8c:f3:ce:2f: + 6e:3f:d9:7f:8d:ce:9e:8e:6f:9c:95:79:dc:95:9f:b2:10:97: + 57:ae:3b:6b:e0:72:18:32:cb:b2:08:8b:34:cb:f0:51:db:ea: + 07:96:32:a0:0b:79:d4:f7:63:99:c9:77:58:71:6e:77:03:e9: + 7d:52:90:d2:26:a2:6d:0a:11:32:29:84:b0:2c:52:d9:fe:6b: + d9:6a:9c:aa:49:4c:87:6a:8b:5b:84:51:f7:9f:23:2a:b9:f8: + 9c:eb:ff:9d:ff:8d:23:09:00:df:77:f8:e3:17:8d:06:35:bc: + 7e:8f:bf:a6:23:b5:51:2b:c7:5f:2d:77:13:43:47:8f:62:40: + a7:9c:9f:ab:34:3a:87:96:83:de:00:a7:60:4b:09:60:49:ab: + 39:f1:d5:a2:3f:ce:77:5e:19:d5:19:81:8b:0c:71:01:5d:e7: + 2f:99:d4:16:b4:05:3d:56:c1:90:cb:de:4b:0d:c7:d5:0b:9e: + 4b:95:74:35:cb:6b:1e:0e:1f:15:39:74:f8:6c:25:e5:de:d6: + f4:e6:6f:98:a5:df:83:44:97:ee:2e:f6:f8:fc:ba:43:69:9c: + 03:2d:96:ff:c6:5a:32:1c:b1:99:fe:aa:ec:e6:04:5e:21:c5: + ef:10:e4:bd:95:d7:0b:42:5d:90:d0:56:1e:32:f3:44:16:be: + ad:9a:f8:c9:0c:b6 +-----BEGIN CERTIFICATE----- +MIIElDCCAvygAwIBAgIJAJFdFkL2YAnkMA0GCSqGSIb3DQEBCwUAMFoxNDAyBgNV +BAMTK1JlZCBIYXQgRW50ZXJwcmlzZSBMaW51eCBrcGF0Y2ggc2lnbmluZyBrZXkx +IjAgBgkqhkiG9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMTQwMzMxMDgz +NDQ3WhcNMzcwMzI1MDgzNDQ3WjBaMTQwMgYDVQQDEytSZWQgSGF0IEVudGVycHJp +c2UgTGludXgga3BhdGNoIHNpZ25pbmcga2V5MSIwIAYJKoZIhvcNAQkBFhNzZWNh +bGVydEByZWRoYXQuY29tMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA +pq3eLXfudqkpMPzytxGsQZRyaFJrCFRoiscKpbIQtrSDbzz/T/6bHqbkp3h4etEG +MLIs9bNoGh0ouSRPdaridgCL3QbjJFKlFOJCFxdPAVpql79gCK3gF2AgvFkR4oc9 +bMe4ivFEhwkTcf12fe/lK8p4YU0WjmjgCoXS49434dHm2KD3MNNi+sQggZea18JO +okmAANBtrMY+mVpIcM9bUuWMiFECiQ8KP7gShRrLL3Iyl876/gRH9h2BSgFljxcg +IG3FFpG+y5LMrR+m1iyO2UhYfY3+CKdU9MOl5q4l2ud7sSAGO2y3keWTQZWVv5rM +XCBPC5ZVkP5AXJlZ/g4b+rd4td23/9BJl+i/WjTSAgWQNsXJLo0nHVx7l/zKIrQB +ADZ8bQ+mNQ40PwdZijkJd0cJbwpF5OLmDJnzAcg92Pku9fosYaFqWEMGcoSwpLta +jCwnti3iuBPwFWn3IwVPI1zflXoGpJi7OTTH6wFhqMR8zA37Vo0a2uGUxafpKBo1 +AgMBAAGjXTBbMAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgeAMB0GA1UdDgQWBBRN +OP2GTr4YxfC3LjhS4gFMOmdvyDAfBgNVHSMEGDAWgBRNOP2GTr4YxfC3LjhS4gFM +OmdvyDANBgkqhkiG9w0BAQsFAAOCAYEAF9IDjEnNE+krmZHJD0YdkVyp7xdGP+7R +BRBykAlVG5SmyDSNifuWz7V7CDi6d2vladceceqtNOWzHx3L18dt9kWowHR5Lcrl +Bq8+t0CvZpiB4EXVBPOmK/9VsU5tKdrqpasngpzXeG5WTYKwbd6/YOlap8SNi8Nq +8MWM884vbj/Zf43Ono5vnJV53JWfshCXV647a+ByGDLLsgiLNMvwUdvqB5YyoAt5 +1Pdjmcl3WHFudwPpfVKQ0iaibQoRMimEsCxS2f5r2WqcqklMh2qLW4RR958jKrn4 +nOv/nf+NIwkA33f44xeNBjW8fo+/piO1USvHXy13E0NHj2JAp5yfqzQ6h5aD3gCn +YEsJYEmrOfHVoj/Od14Z1RmBiwxxAV3nL5nUFrQFPVbBkMveSw3H1QueS5V0Nctr +Hg4fFTl0+Gwl5d7W9OZvmKXfg0SX7i72+Py6Q2mcAy2W/8ZaMhyxmf6q7OYEXiHF +7xDkvZXXC0JdkNBWHjLzRBa+rZr4yQy2 +-----END CERTIFICATE----- diff --git a/SOURCES/spheresecureboot001.pem b/SOURCES/spheresecureboot001.pem new file mode 100644 index 0000000..be2ee29 --- /dev/null +++ b/SOURCES/spheresecureboot001.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 08:60:56:42:47:85:4c:fe:ba:bd:cb:99:d3:6b:c4:a8 + Signature Algorithm: sha256WithRSAEncryption + Issuer: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Secure Boot CA + Validity + Not Before: Mar 22 16:42:54 2023 GMT + Not After : Mar 22 16:42:54 2053 GMT + Subject: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Secure Boot Signing + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d4:66:e0:18:8a:79:c1:61:3b:f7:48:c6:41:86: + 21:82:a4:00:59:e7:61:10:75:c5:fd:34:14:e1:44: + 86:bc:12:87:6d:9e:5c:f6:54:65:8f:31:c4:a3:62: + 65:15:40:70:f5:f2:cf:09:52:ca:c7:94:51:62:d0: + fb:fc:1e:3d:21:7e:a8:10:40:9d:c1:8c:f9:0b:89: + 41:0c:5a:7e:2c:bd:cc:15:aa:6c:28:4b:94:03:a0: + 3f:16:5b:e5:b3:c7:05:3a:a7:f4:08:3f:18:d5:2d: + a5:13:57:97:e7:0a:00:7e:59:43:73:c5:9c:e4:4d: + dc:c6:ad:8b:37:6b:b9:78:62:4c:11:49:4e:ad:30: + 9c:3d:89:59:0e:a4:41:12:d8:fb:31:22:3c:57:75: + ee:a5:45:55:d6:dc:4b:96:1c:f5:a9:95:9d:09:76: + 48:3b:15:5a:02:e6:23:2b:62:d7:51:f5:67:3a:32: + d4:b8:21:b5:3c:34:82:5c:2b:70:52:32:cd:17:39: + 78:fd:a0:d8:99:d0:62:68:4b:b9:b3:8d:fd:f4:2e: + 34:5f:d8:48:c9:66:f5:91:cf:ee:34:87:68:a8:ca: + ae:da:35:45:5c:4c:a9:40:f0:e1:a2:bd:33:88:8c: + 53:8a:cd:63:95:05:5d:48:1d:ce:ce:cb:cb:bb:7e: + cb:5d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + 49:59:67:B5:13:6C:C8:DF:7E:64:B9:22:E3:A9:35:50:6B:95:84:D5 + X509v3 Extended Key Usage: + Code Signing + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + E9:5A:22:76:4E:CE:34:C9:69:BD:42:5C:7C:6A:9F:5A:BE:AC:97:50 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 4b:5a:c8:7a:83:75:c0:02:e0:08:15:dd:e0:f6:0f:33:3c:8f: + 84:d7:04:39:13:05:99:3d:5b:da:c3:45:d2:1d:2c:7a:1f:fd: + 8c:ae:75:71:23:0a:11:43:a1:1c:90:83:70:a3:02:93:c9:27: + 6b:dd:eb:2b:56:c5:7c:fb:8c:71:b3:e9:83:c8:a3:99:9d:9c: + d2:c1:2b:15:f3:c5:6e:22:30:e6:63:4f:50:1b:d0:f8:3b:e8: + c1:3f:9c:d0:a7:59:f5:5c:68:ce:2e:ae:79:94:8f:14:47:1c: + 92:0c:72:3a:7f:fa:85:39:a1:9a:19:32:ab:7a:0a:4f:fe:ae: + bc:af:0c:5a:f0:0d:f2:ea:49:f6:53:4d:e1:aa:d7:2e:1e:aa: + e6:c8:5e:3c:91:b0:59:6d:e8:60:f7:af:34:47:c6:50:5b:90: + 92:46:15:02:c4:d3:ed:3f:d2:c3:05:6e:78:cd:9b:84:b1:43: + 84:d2:4a:9d:8e:db:d4:a9:90:5c:b8:8e:78:a0:5f:00:dd:b3: + f5:98:29:72:58:ab:99:5e:c8:ba:7f:21:72:ba:a3:c4:31:aa: + e7:b3:cd:02:aa:ae:54:77:4f:9c:73:68:60:a6:af:c4:b3:7a: + 6e:64:94:9e:01:1b:c0:f9:b8:f1:5c:fd:de:cb:00:d7:ed:4d: + 46:a9:4c:1f +-----BEGIN CERTIFICATE----- +MIIEZjCCA06gAwIBAgIQCGBWQkeFTP66vcuZ02vEqDANBgkqhkiG9w0BAQsFADCB +tzEqMCgGA1UECxMhTVNWU3BoZXJlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSQw +IgYJKoZIhvcNAQkBFhVzZWN1cml0eUBtc3ZzcGhlcmUucnUxDzANBgNVBAcTBk1v +c2NvdzEPMA0GA1UECBMGTW9zY293MQswCQYDVQQGEwJSVTERMA8GA1UEChMITkNT +RCBMTEMxITAfBgNVBAMTGE1TVlNwaGVyZSBTZWN1cmUgQm9vdCBDQTAgFw0yMzAz +MjIxNjQyNTRaGA8yMDUzMDMyMjE2NDI1NFowgbwxKjAoBgNVBAsTIU1TVlNwaGVy +ZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIGCSqGSIb3DQEJARYVc2VjdXJp +dHlAbXN2c3BoZXJlLnJ1MQ8wDQYDVQQHEwZNb3Njb3cxDzANBgNVBAgTBk1vc2Nv +dzELMAkGA1UEBhMCUlUxETAPBgNVBAoTCE5DU0QgTExDMSYwJAYDVQQDEx1NU1ZT +cGhlcmUgU2VjdXJlIEJvb3QgU2lnbmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANRm4BiKecFhO/dIxkGGIYKkAFnnYRB1xf00FOFEhrwSh22eXPZU +ZY8xxKNiZRVAcPXyzwlSyseUUWLQ+/wePSF+qBBAncGM+QuJQQxafiy9zBWqbChL +lAOgPxZb5bPHBTqn9Ag/GNUtpRNXl+cKAH5ZQ3PFnORN3MatizdruXhiTBFJTq0w +nD2JWQ6kQRLY+zEiPFd17qVFVdbcS5Yc9amVnQl2SDsVWgLmIyti11H1Zzoy1Lgh +tTw0glwrcFIyzRc5eP2g2JnQYmhLubON/fQuNF/YSMlm9ZHP7jSHaKjKrto1RVxM +qUDw4aK9M4iMU4rNY5UFXUgdzs7Ly7t+y10CAwEAAaNlMGMwHwYDVR0jBBgwFoAU +SVlntRNsyN9+ZLki46k1UGuVhNUwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDAYDVR0T +AQH/BAIwADAdBgNVHQ4EFgQU6Voidk7ONMlpvUJcfGqfWr6sl1AwDQYJKoZIhvcN +AQELBQADggEBAEtayHqDdcAC4AgV3eD2DzM8j4TXBDkTBZk9W9rDRdIdLHof/Yyu +dXEjChFDoRyQg3CjApPJJ2vd6ytWxXz7jHGz6YPIo5mdnNLBKxXzxW4iMOZjT1Ab +0Pg76ME/nNCnWfVcaM4urnmUjxRHHJIMcjp/+oU5oZoZMqt6Ck/+rryvDFrwDfLq +SfZTTeGq1y4equbIXjyRsFlt6GD3rzRHxlBbkJJGFQLE0+0/0sMFbnjNm4SxQ4TS +Sp2O29SpkFy4jnigXwDds/WYKXJYq5leyLp/IXK6o8QxquezzQKqrlR3T5xzaGCm +r8Szem5klJ4BG8D5uPFc/d7LANftTUapTB8= +-----END CERTIFICATE----- diff --git a/SOURCES/spheresecurebootca.pem b/SOURCES/spheresecurebootca.pem new file mode 100644 index 0000000..ad9f486 --- /dev/null +++ b/SOURCES/spheresecurebootca.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 86:2f:3e:4c:b2:26:42:00:b8:3a:f1:25:79:9e:4e:41 + Signature Algorithm: sha256WithRSAEncryption + Issuer: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Secure Boot CA + Validity + Not Before: Mar 22 16:42:54 2023 GMT + Not After : Mar 22 16:42:54 2053 GMT + Subject: OU = MSVSphere Certification Authority, emailAddress = security@msvsphere.ru, L = Moscow, ST = Moscow, C = RU, O = NCSD LLC, CN = MSVSphere Secure Boot CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cc:19:da:af:e7:7c:fa:a6:b7:3e:9d:83:8c:70: + 30:53:96:9c:94:94:2f:92:0d:b7:d0:ae:ee:6a:2e: + 06:0b:2f:0a:43:a9:a2:ba:63:1d:f7:7d:7b:8e:b2: + cd:f4:4b:1f:e7:8a:41:b2:4c:82:cb:b0:40:aa:fa: + 03:71:63:5a:b7:5b:d0:01:37:4f:88:4d:6e:a4:dd: + af:e0:87:ce:95:86:6e:5f:a9:cf:90:23:7c:1e:b4: + 73:28:13:40:4d:95:07:ef:46:cf:c5:41:e6:5d:a7: + e1:56:6f:30:8d:73:a6:4b:f7:57:09:01:af:98:c4: + ee:d8:62:b0:aa:d9:be:6b:d3:58:17:9d:01:14:e8: + 7c:59:f1:64:de:4b:b9:e1:71:0c:ef:13:0e:9e:d9: + f8:f9:60:62:96:0e:4c:fa:5f:0b:5c:e2:f4:9d:7f: + 49:24:3c:f4:c8:0d:14:2b:cb:1f:b1:92:dc:88:a8: + e2:c7:86:21:c9:50:a9:9b:12:3f:dc:17:06:42:56: + c0:6f:98:26:06:e1:19:3d:de:cf:a2:c8:b1:f7:80: + 86:3e:f7:33:d1:ca:f8:98:fd:3f:e0:03:10:25:b8: + 7f:5e:7c:cb:16:ed:e7:29:6d:9b:55:75:6d:aa:8f: + 95:19:ca:86:49:41:e1:ba:22:c1:86:a2:28:72:f8: + 9a:79 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + 49:59:67:B5:13:6C:C8:DF:7E:64:B9:22:E3:A9:35:50:6B:95:84:D5 + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 49:59:67:B5:13:6C:C8:DF:7E:64:B9:22:E3:A9:35:50:6B:95:84:D5 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 7b:50:33:73:3e:5f:6c:b9:1c:27:4f:68:cb:57:38:7a:f7:57: + c3:6c:cb:c1:5e:7a:3b:a6:d0:b1:b1:c9:7d:19:f1:40:3f:09: + 24:fb:f2:08:a7:bb:94:40:4d:5d:cd:70:26:1f:d9:9f:9d:b7: + 6e:7d:8c:bc:aa:7f:8a:be:42:c0:8c:db:82:6b:ad:08:38:2b: + b1:a1:c4:8c:f4:08:b9:eb:7d:e8:a1:df:03:47:e5:1e:4b:95: + 4f:4f:a4:05:42:bd:9c:6f:f0:bd:ed:4f:bf:f7:d4:ad:a5:ef: + 6e:1c:ad:9e:66:dd:4d:eb:3e:b4:d0:e0:39:2b:9d:72:8c:c0: + a8:8e:82:cd:23:f4:47:63:51:78:4a:cd:e8:54:47:09:a1:cd: + ef:b7:bf:c5:30:e6:24:0e:c3:f5:65:4b:59:ff:74:86:13:06: + a9:2a:2a:38:bd:05:4a:f7:12:eb:da:ed:e1:a1:7b:24:b2:53: + 22:c9:49:a5:57:e0:2c:89:fe:62:95:b2:8c:4a:07:8d:c8:b1: + d2:22:8f:09:bd:a9:4e:01:88:cd:54:93:7c:22:98:51:a2:c4: + d5:f9:60:8d:2f:b8:b3:0d:01:47:c0:b0:34:01:12:c0:c3:46: + 6b:4a:fc:6a:71:97:73:64:80:f9:82:ee:bd:6e:00:8d:cf:55: + f7:7d:d2:e6 +-----BEGIN CERTIFICATE----- +MIIEYDCCA0igAwIBAgIRAIYvPkyyJkIAuDrxJXmeTkEwDQYJKoZIhvcNAQELBQAw +gbcxKjAoBgNVBAsTIU1TVlNwaGVyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEk +MCIGCSqGSIb3DQEJARYVc2VjdXJpdHlAbXN2c3BoZXJlLnJ1MQ8wDQYDVQQHEwZN +b3Njb3cxDzANBgNVBAgTBk1vc2NvdzELMAkGA1UEBhMCUlUxETAPBgNVBAoTCE5D +U0QgTExDMSEwHwYDVQQDExhNU1ZTcGhlcmUgU2VjdXJlIEJvb3QgQ0EwIBcNMjMw +MzIyMTY0MjU0WhgPMjA1MzAzMjIxNjQyNTRaMIG3MSowKAYDVQQLEyFNU1ZTcGhl +cmUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJDAiBgkqhkiG9w0BCQEWFXNlY3Vy +aXR5QG1zdnNwaGVyZS5ydTEPMA0GA1UEBxMGTW9zY293MQ8wDQYDVQQIEwZNb3Nj +b3cxCzAJBgNVBAYTAlJVMREwDwYDVQQKEwhOQ1NEIExMQzEhMB8GA1UEAxMYTVNW +U3BoZXJlIFNlY3VyZSBCb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAzBnar+d8+qa3Pp2DjHAwU5aclJQvkg230K7uai4GCy8KQ6miumMd9317 +jrLN9Esf54pBskyCy7BAqvoDcWNat1vQATdPiE1upN2v4IfOlYZuX6nPkCN8HrRz +KBNATZUH70bPxUHmXafhVm8wjXOmS/dXCQGvmMTu2GKwqtm+a9NYF50BFOh8WfFk +3ku54XEM7xMOntn4+WBilg5M+l8LXOL0nX9JJDz0yA0UK8sfsZLciKjix4YhyVCp +mxI/3BcGQlbAb5gmBuEZPd7Posix94CGPvcz0cr4mP0/4AMQJbh/XnzLFu3nKW2b +VXVtqo+VGcqGSUHhuiLBhqIocviaeQIDAQABo2MwYTAfBgNVHSMEGDAWgBRJWWe1 +E2zI335kuSLjqTVQa5WE1TAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUSVlntRNsyN9+ZLki46k1UGuVhNUwDQYJKoZIhvcNAQELBQAD +ggEBAHtQM3M+X2y5HCdPaMtXOHr3V8Nsy8Feejum0LGxyX0Z8UA/CST78ginu5RA +TV3NcCYf2Z+dt259jLyqf4q+QsCM24JrrQg4K7GhxIz0CLnrfeih3wNH5R5LlU9P +pAVCvZxv8L3tT7/31K2l724crZ5m3U3rPrTQ4DkrnXKMwKiOgs0j9EdjUXhKzehU +Rwmhze+3v8Uw5iQOw/VlS1n/dIYTBqkqKji9BUr3Euva7eGheySyUyLJSaVX4CyJ +/mKVsoxKB43IsdIijwm9qU4BiM1Uk3wimFGixNX5YI0vuLMNAUfAsDQBEsDDRmtK +/Gpxl3NkgPmC7r1uAI3PVfd90uY= +-----END CERTIFICATE----- diff --git a/SPECS/edk2.spec b/SPECS/edk2.spec index 0b4fbb6..0f7b49b 100644 --- a/SPECS/edk2.spec +++ b/SPECS/edk2.spec @@ -21,7 +21,7 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE} -Release: 6%{?dist} +Release: 6%{?dist}.inferit Summary: UEFI firmware for 64-bit virtual machines License: BSD-2-Clause-Patent and Apache-2.0 and MIT URL: http://www.tianocore.org @@ -51,6 +51,21 @@ Source80: edk2-build.py Source82: edk2-build.rhel-9 Source90: DBXUpdate-%{DBXDATE}.x64.bin + +Source100: msvsphereca1.pem +Source101: msvsphereima.pem +Source102: nvidiagpuoot001.pem +Source103: rhelimaca1.pem +Source104: rhelima.pem +Source105: spheresecureboot001.pem +Source106: msvspheredup1.pem +Source107: msvspherepatch1.pem +Source108: rheldup3.pem +Source109: rhelima_centos.pem +Source110: rhelkpatch1.pem +Source111: spheresecurebootca.pem +Source112: certs_add.sh + Patch1: 0003-Remove-paths-leading-to-submodules.patch Patch2: 0004-MdeModulePkg-TerminalDxe-set-xterm-resolution-on-mod.patch Patch3: 0005-OvmfPkg-take-PcdResizeXterm-from-the-QEMU-command-li.patch @@ -209,6 +224,7 @@ cp -a -- %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} . cp -a -- %{SOURCE40} %{SOURCE41} %{SOURCE43} %{SOURCE44} %{SOURCE45} . cp -a -- %{SOURCE80} %{SOURCE82} . cp -a -- %{SOURCE90} . +cp -a -- %{SOURCE100} %{SOURCE101} %{SOURCE102} %{SOURCE103} %{SOURCE104} %{SOURCE105} %{SOURCE106} %{SOURCE107} %{SOURCE108} %{SOURCE109} %{SOURCE110} %{SOURCE111} %{SOURCE112} . tar -C CryptoPkg/Library/OpensslLib -a -f %{SOURCE2} -x # Done by %setup, but we do not use it for the auxiliary tarballs @@ -276,6 +292,7 @@ virt-fw-vars --input RHEL-9/ovmf/OVMF.inteltdx.fd \ --set-dbx DBXUpdate-%{DBXDATE}.x64.bin \ --enroll-redhat --secure-boot \ --set-fallback-no-reboot +./certs_add.sh RHEL-9/ovmf/OVMF_VARS.secboot.fd %endif %if %{build_aarch64} @@ -435,7 +452,7 @@ install -m 0644 \ %changelog -* Fri Nov 08 2024 Dmitriy Samoylik - 20240524-6 +* Fri Nov 08 2024 Dmitriy Samoylik - 20240524-6.inferit - Added msvsphere certificates for secure boot * Fri Sep 13 2024 Miroslav Rezanina - 20240524-6