OsRecovery Signatures
Enroll Factory Defaults or load certificates from a file:
1. Public Key Certificate:
a) EFI_SIGNATURE_LIST
b) EFI_CERT_X509 (DER)
c) EFI_CERT_RSA2048 (bin)
d) EFI_CERT_SHAXXX
2. Authenticated UEFI Variable
3. EFI PE/COFF Image (SHA256)
Key Source: Factory, External, Mixed
Export Secure Boot variables
Copy NVRAM content of Secure Boot variables to files in a root folder on a file
system device.
Enroll Efi Image
Allow the image to run in Secure Boot mode. Enroll SHA256 Hash certificate of a
PE image into Authorized Signature Database (db).
65
http://www.tyan.com