Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-05-15 04:32:15 -04:00
Code Issues Projects Releases Packages Wiki Activity

CI: Add secure boot prod keys (#462)

Browse source 
* Add production secure boot keys
* Refactor OS build and upload settings
This commit is contained in:
Malte Poll 2022-11-04 16:48:52 +01:00 committed by GitHub
parent 5ffdbc9bd6
commit ed58fcccd3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
23 changed files with 424 additions and 100 deletions
Download patch file Download diff file Expand all files Collapse all files

1
image/README.md
View file

@ -106,6 +106,7 @@ export AZURE_SECURITY_TYPE=ConfidentialVM # or TrustedLaunch
export AZURE_RESOURCE_GROUP_NAME= # e.g. "constellation-images"
export AZURE_REGION=northeurope
export AZURE_REPLICATION_REGIONS=
export AZURE_DISK_NAME=constellation-$(date +%s)
export AZURE_SNAPSHOT_NAME=${AZURE_DISK_NAME}
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.raw

BIN
image/pki_prod/KEK.auth Normal file
View file

Binary file not shown.

BIN
image/pki_prod/KEK.cer Normal file
View file

Binary file not shown.

23
image/pki_prod/KEK.crt Normal file
View file

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIDzzCCAregAwIBAgIUPRz+bwbU52YaVAdEOfTJsDS8uaMwDQYJKoZIhvcNAQEL
BQAwgYAxCzAJBgNVBAYTAkRFMRwwGgYDVQQIDBNOb3JkcmhlaW4gV2VzdGZhbGVu
MQ8wDQYDVQQHDAZCb2NodW0xHjAcBgNVBAoMFUVkZ2VsZXNzIFN5c3RlbXMgR21i
SDEiMCAGA1UEAwwZQ29uc3RlbGxhdGlvbiBLRUsgQ0EgMjAyMjAeFw0yMjExMDMx
MDQ0NDRaFw0yMjEyMDMxMDQ0NDRaMIGAMQswCQYDVQQGEwJERTEcMBoGA1UECAwT
Tm9yZHJoZWluIFdlc3RmYWxlbjEPMA0GA1UEBwwGQm9jaHVtMR4wHAYDVQQKDBVF
ZGdlbGVzcyBTeXN0ZW1zIEdtYkgxIjAgBgNVBAMMGUNvbnN0ZWxsYXRpb24gS0VL
IENBIDIwMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCH7pE0Tj7w
MbkyiP//SnoMsO576EflVzaAuuhtdk/VPRvWFLbYfQF+Y9nMb1tsaf1pkMsYvO9G
nww0P+5kBEkqnNg3wEnHOmJvJvqXGeo5kZ6LOkBo2cF9jWYxAQzpBq/DSbFxxuoC
0S2SJ+x1VW2rQSBDm39WIN96j3OOfWlGh9jM2Y//zajSMiLCn2l2BbxC68SxCdy+
DZKy8EhDnrXaR/c3wx4OmuyUAYjGy4AZoyKz6yW1tPFzB+YxSQg12oHqVeU16Fh5
Lh/sYRzf0XOLOCqmiA8Sdt47Mbg3FUMxqiXE72GslSfO866va1sc/XPWtthO/8DH
wURcg5VjuL57AgMBAAGjPzA9MB0GA1UdDgQWBBSvkI06eyur45yPKWNppXgKDY39
BjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjANBgkqhkiG9w0BAQsFAAOC
AQEAR+kGJkPdQahdPYo4ysyHLmiN6LlTwUsfEvvvree4rIM3yMBLdp5cSTtj/R29
QMhJvdqFxTRpq7if1qfeXgs4VKuJhFa5MKDE2v2aNGn2fdH11+eQN8g2D2LI/VS8
bVaEXY2iDbN0wE190stW7zMYZymyE7k2ApSvk4dgIiTD5ekFGZQMASeRokih1N1C
0BswAn/cQiD+V8H+f69nYlykH+054RbM3BR4GNyimMtYm+2YTT3Dqp0gXZ4VGIV5
XNv9qKJv5rVCuhl0RtRQu1+MRbvVHtGtbHUzBtUSYqdOlq7jMvPCx0GjbNx4L0RU
LSqg6IEUEjiayK1RQtsD/dVXZQ==
-----END CERTIFICATE-----

BIN
image/pki_prod/KEK.esl Normal file
View file

Binary file not shown.

BIN
image/pki_prod/MicCorKEKCA2011_2011-06-24.crt Normal file
View file

Binary file not shown.

BIN
image/pki_prod/MicCorKEKCA2011_2011-06-24.esl Normal file
View file

Binary file not shown.

BIN
image/pki_prod/MicCorUEFCA2011_2011-06-27.crt Normal file
View file

Binary file not shown.

BIN
image/pki_prod/MicCorUEFCA2011_2011-06-27.esl Normal file
View file

Binary file not shown.

BIN
image/pki_prod/MicWinProPCA2011_2011-10-19.crt Normal file
View file

Binary file not shown.

BIN
image/pki_prod/MicWinProPCA2011_2011-10-19.esl Normal file
View file

Binary file not shown.

BIN
image/pki_prod/PK.auth Normal file
View file

Binary file not shown.

BIN
image/pki_prod/PK.cer Normal file
View file

Binary file not shown.

23
image/pki_prod/PK.crt Normal file
View file

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIID0TCCArmgAwIBAgIUJREZ+2W4ltUi+sHkD0P2Gzh1pugwDQYJKoZIhvcNAQEL
BQAwgYExCzAJBgNVBAYTAkRFMRwwGgYDVQQIDBNOb3JkcmhlaW4gV2VzdGZhbGVu
MQ8wDQYDVQQHDAZCb2NodW0xHjAcBgNVBAoMFUVkZ2VsZXNzIFN5c3RlbXMgR21i
SDEjMCEGA1UEAwwaQ29uc3RlbGxhdGlvbiBVRUZJIENBIDIwMjIwHhcNMjIxMTAz
MTA0NDQzWhcNMjIxMjAzMTA0NDQzWjCBgTELMAkGA1UEBhMCREUxHDAaBgNVBAgM
E05vcmRyaGVpbiBXZXN0ZmFsZW4xDzANBgNVBAcMBkJvY2h1bTEeMBwGA1UECgwV
RWRnZWxlc3MgU3lzdGVtcyBHbWJIMSMwIQYDVQQDDBpDb25zdGVsbGF0aW9uIFVF
RkkgQ0EgMjAyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbY5r+o
2oiCzfOMu0Bb3PqnF7ZBVY+bEwr1zDsX5tEyQqOOiemGLNE2yr6adjTRbldHNON1
kGzuoiD2N4yZQLIpgwPuK2BPM7+ZKVBX4Iw0lmwTXyQhj5uAfCvGbguBXAODB/OO
ERs09CIYseowGQXtsoOgPCBFv2hxYW65Veu0kEb2X81fBuigKZ7WYK3lPjY5Vm00
TIBIV4BsQ2Cd11qqt58gc1AXsrrsRkHMEKVUHhcwUxHu4ZRawdcCg1wEhtboP2Bn
rxfvi0dzqpMIHvWU8wzkauGOAEonSkAo2KOzPUzHzfZ35aArErW5GDwvW6ngt/qK
LcOEoPbL4zD8czECAwEAAaM/MD0wHQYDVR0OBBYEFIxJ60SdEHlmkxJi1Tmkhneq
qKGXMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgGGMA0GCSqGSIb3DQEBCwUA
A4IBAQBzl6kd0ugxUsdUeN+lirrCa8ZcdBaULcKUoCfL+Ho4PxotILH8g6lTCqNL
Isk+kmHsV0JHkkV5R46YbL16lZM1qXhtYQA5yTrKe9sNEre9plAPMQQ2xSAZmVLN
rXDHSLHnerWt2dHkeAF19W20lNBWS1JNRSPVKKWnIFePwm0Z5GXoIfPGyu8AZUTO
AJ7u0NRHiTuUfTC8mZz349ChSnEtRiYur20YHUxQudCQr58c594K1L7GfLoTSpSw
OuYxW7+IYAjLOch1VX9x9BmcmUEL9ut+5W7b61EHEikyUKhvozUWkb9XwmGwROSh
XfrcASBcXJcgYb3TXyHrIMBNtCEU
-----END CERTIFICATE-----

BIN
image/pki_prod/PK.esl Normal file
View file

Binary file not shown.

BIN
image/pki_prod/db.auth Normal file
View file

Binary file not shown.

BIN
image/pki_prod/db.cer Normal file
View file

Binary file not shown.

23
image/pki_prod/db.crt Normal file
View file

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIID3zCCAsegAwIBAgIUabymjDZHxHUDa8BD0zOZ8+EOE3UwDQYJKoZIhvcNAQEL
BQAwgYgxCzAJBgNVBAYTAkRFMRwwGgYDVQQIDBNOb3JkcmhlaW4gV2VzdGZhbGVu
MQ8wDQYDVQQHDAZCb2NodW0xHjAcBgNVBAoMFUVkZ2VsZXNzIFN5c3RlbXMgR21i
SDEqMCgGA1UEAwwhQ29uc3RlbGxhdGlvbiBQcm9kdWN0aW9uIFBDQSAyMDIyMB4X
DTIyMTEwMzEwNDQ0NFoXDTIyMTIwMzEwNDQ0NFowgYgxCzAJBgNVBAYTAkRFMRww
GgYDVQQIDBNOb3JkcmhlaW4gV2VzdGZhbGVuMQ8wDQYDVQQHDAZCb2NodW0xHjAc
BgNVBAoMFUVkZ2VsZXNzIFN5c3RlbXMgR21iSDEqMCgGA1UEAwwhQ29uc3RlbGxh
dGlvbiBQcm9kdWN0aW9uIFBDQSAyMDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAjnnWY1ghM2nSAsXy5XTCzxelfn2r05XKIoi5Z/950/5vDXxwtHsP
+3+L0/cQOw4kFI18QZelKOR6ZmnjE2QqyzWfFGluJUKs8m/fWBVzfSmwnHxMrAAq
iO548WefX10zx/8V6M0vZ1V1yxSy7MmGbZfM3GyDWwzQqUPpT0aJqJqMMjLhqqo4
od0MogwfPs2TwAGwuKRDB2gQWefXZKGIuBGVV+aUtLtOqgg/IFCmpZ86aSKrC/sY
lZMaohez0w7C9qz0MxGammGkbzF5bwzb1pqZejOc3Gi42THaJkMB8NLG0snW4mEA
h0zyWwfsqDxG5AuOzcj7OPBbp6jxeyYzoQIDAQABoz8wPTAdBgNVHQ4EFgQU/8+b
Jm3btv0a/cjt91jbeFIsi80wDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAYYw
DQYJKoZIhvcNAQELBQADggEBADPVt4BDSvTGCvxdBUWM94RU0BpineYMhXGxo5wl
SVo3QvA2UYdVgMOsxbRuc4cwDMCYWD9jX3EeLHQojZYevw6LwBxYz8cTW/U+7h4E
Ct2LVLJli5ZmUweTjEB6wBI+ykuQUicyvyOHY2kJbXzWYiZ8izByZNawP1sFuGgr
25gGJjArlxRn24Nv3ZpQjV4q6voTVulZQD1iNm7Y1gqrIhflvn91x5d8eARuieGH
4oYEvvYhTp8yxVeY8h+Q5Ve8gubj4rMwjEdDUdPMkJ6LHe+xjiH0xLjjKlVioDuZ
+HvmCaNQ50Gro7cfrn+kIi8gM1DnQFyRg54qVlN/MYasi7s=
-----END CERTIFICATE-----

BIN
image/pki_prod/db.esl Normal file
View file

Binary file not shown.