[Feature]: Check the DB for the existence of the new certificate before appending

Question

[Feature]: Check the DB for the existence of the new certificate before appending

Flickdm opened this issue a year ago · 2 comments

Feature Overview

Secure Boot Recovery Application should check for the existence of the 2023 Production CA and if it's found respect the existing boot order.

This would prevent scenarios where the application appended correctly yet for some reason the device is continuing to loop.

Solution Overview

Loop over each certificate found in the DB
for each certificate, determine if it has enough length to compare against a #define thumbprint and subject name
compare against the #define thumbprint and subject name
if so return EFI_UNSUPPORTED

Alternatives Considered

No response

Urgency

Medium

Are you going to implement the feature request?

I will implement the feature

Do you need maintainer feedback?

No maintainer feedback needed

Anything else?

No response

Answer 1 · 2024-01-05T23:36:35.000Z

This issue has been automatically marked as stale because it has not had activity in 45 days. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

Answer 2 · 2024-01-12T23:36:38.000Z

This issue has been automatically been closed because it did not have any activity in 45 days and no follow up within 7 days after being marked stale. Thank you for your contributions.