From 3c01afac0c9eadd6f1e64b8cac2ee73c05bbca8a Mon Sep 17 00:00:00 2001 From: Johnny Hughes Date: May 11 2020 15:55:20 +0000 Subject: Manual CentOS Debranding --- diff --git a/SOURCES/centos-ca-secureboot.der b/SOURCES/centos-ca-secureboot.der new file mode 100644 index 0000000..44a2563 Binary files /dev/null and b/SOURCES/centos-ca-secureboot.der differ diff --git a/SOURCES/centossecureboot001.crt b/SOURCES/centossecureboot001.crt new file mode 100644 index 0000000..321c4ec --- /dev/null +++ b/SOURCES/centossecureboot001.crt @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + b6:16:15:71:72:fb:31:7e + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=CentOS Secure Boot (CA key 1)/emailAddress=security@centos.org + Validity + Not Before: Aug 1 11:47:30 2018 GMT + Not After : Dec 31 11:47:30 2037 GMT + Subject: CN=CentOS Secure Boot (key 1)/emailAddress=security@centos.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:c1:a3:6a:f4:2d:71:83:6c:21:ca:0c:b7:ac:fa: + 76:80:43:03:40:87:5d:de:e9:1e:df:ad:e7:2b:51: + cb:f8:31:0f:9a:db:ab:23:25:04:11:05:57:7d:f2: + 4b:8d:1e:b3:75:78:1d:b9:57:8b:18:0b:bb:7e:e3: + 24:0f:6a:40:5f:2b:4f:03:a5:85:94:d2:f9:08:a0: + bc:db:a5:ea:4f:7f:e8:7c:d1:a9:f8:f0:9c:25:18: + 00:14:c4:c4:35:7d:1d:4c:8a:8d:95:f8:ed:65:97: + a5:a4:da:7d:cb:f0:33:3b:b7:03:94:68:47:05:57: + 6c:96:91:ac:14:f2:e3:f6:6d:4a:18:cf:68:8a:35: + 6f:8e:26:99:7f:db:c9:83:54:c2:c3:bf:ad:45:a0: + aa:a0:86:5f:20:b1:86:1b:ae:b7:28:15:11:f9:65: + 53:5d:70:33:9b:a3:c7:b5:c8:11:ff:55:3b:e7:46: + f1:6c:6b:8c:bb:f2:9f:36:23:b1:2d:23:2f:8f:4f: + 6c:a8:cc:ae:f5:56:9e:22:6c:0e:9a:4a:b1:bd:b2: + 76:15:5c:05:85:b8:5e:dc:8c:a5:c3:e0:75:51:a4: + 94:9b:03:2e:7b:f8:d3:b9:dd:7f:88:ce:2e:2f:28: + 4c:b4:92:2f:e6:e0:67:0a:d0:ff:c5:d2:79:a6:ef: + 94:0f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Key Usage: + Digital Signature + X509v3 Subject Key Identifier: + F0:37:C6:EA:EC:36:D4:05:7A:52:6C:0E:C6:D5:A9:5B:32:4E:E1:29 + X509v3 Authority Key Identifier: + keyid:54:EC:81:85:89:3E:E9:1A:DB:08:F7:44:88:54:7E:8E:3F:74:3A:F3 + + Signature Algorithm: sha256WithRSAEncryption + 97:97:ba:a6:0b:5b:bb:84:39:2e:ef:8b:51:9a:89:bb:65:3c: + dc:15:d0:5a:88:c5:af:ce:93:f5:c1:74:98:15:59:a9:38:da: + 11:fd:46:d5:4f:23:7c:03:1f:ae:0c:70:93:94:a7:61:2f:4b: + 2f:5f:bb:cc:8a:d7:4a:24:66:73:85:b4:19:13:fc:6a:61:4a: + 28:1f:a2:38:f4:72:90:03:c4:3e:64:63:8b:fb:15:22:22:4e: + b9:43:d9:b4:3d:3a:60:c1:4d:3a:09:85:68:7a:bc:3b:f9:ef: + f3:f5:e9:c9:4f:80:8c:c6:e9:cb:ef:28:44:b0:5d:d4:9e:4f: + 0f:02:9a:65:aa:98:35:b4:6f:d2:80:e3:08:ef:12:d0:17:56: + a6:a1:42:1e:1d:ab:e5:33:c0:fd:88:0d:40:42:81:c8:27:30: + 17:07:57:3e:05:9d:aa:05:0e:5b:3a:79:b4:29:aa:7c:42:5a: + ad:43:59:fb:34:4d:dc:62:58:63:e4:fb:de:bb:fd:6c:4e:97: + 58:f4:b9:99:4a:71:fe:7f:16:50:55:25:46:39:96:9b:88:6c: + 75:19:33:9e:70:b3:04:82:fe:16:a8:8e:22:47:83:6d:16:77: + da:26:ad:31:d8:06:6d:c5:7e:46:4b:21:ab:ae:ec:2a:93:71: + da:7f:89:1d +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgIJALYWFXFy+zF+MA0GCSqGSIb3DQEBCwUAMEwxJjAkBgNV +BAMMHUNlbnRPUyBTZWN1cmUgQm9vdCAoQ0Ega2V5IDEpMSIwIAYJKoZIhvcNAQkB +FhNzZWN1cml0eUBjZW50b3Mub3JnMB4XDTE4MDgwMTExNDczMFoXDTM3MTIzMTEx +NDczMFowSTEjMCEGA1UEAxMaQ2VudE9TIFNlY3VyZSBCb290IChrZXkgMSkxIjAg +BgkqhkiG9w0BCQEWE3NlY3VyaXR5QGNlbnRvcy5vcmcwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDBo2r0LXGDbCHKDLes+naAQwNAh13e6R7frecrUcv4 +MQ+a26sjJQQRBVd98kuNHrN1eB25V4sYC7t+4yQPakBfK08DpYWU0vkIoLzbpepP +f+h80an48JwlGAAUxMQ1fR1Mio2V+O1ll6Wk2n3L8DM7twOUaEcFV2yWkawU8uP2 +bUoYz2iKNW+OJpl/28mDVMLDv61FoKqghl8gsYYbrrcoFRH5ZVNdcDObo8e1yBH/ +VTvnRvFsa4y78p82I7EtIy+PT2yozK71Vp4ibA6aSrG9snYVXAWFuF7cjKXD4HVR +pJSbAy57+NO53X+Izi4vKEy0ki/m4GcK0P/F0nmm75QPAgMBAAGjXTBbMAwGA1Ud +EwEB/wQCMAAwCwYDVR0PBAQDAgeAMB0GA1UdDgQWBBTwN8bq7DbUBXpSbA7G1alb +Mk7hKTAfBgNVHSMEGDAWgBRU7IGFiT7pGtsI90SIVH6OP3Q68zANBgkqhkiG9w0B +AQsFAAOCAQEAl5e6pgtbu4Q5Lu+LUZqJu2U83BXQWojFr86T9cF0mBVZqTjaEf1G +1U8jfAMfrgxwk5SnYS9LL1+7zIrXSiRmc4W0GRP8amFKKB+iOPRykAPEPmRji/sV +IiJOuUPZtD06YMFNOgmFaHq8O/nv8/XpyU+AjMbpy+8oRLBd1J5PDwKaZaqYNbRv +0oDjCO8S0BdWpqFCHh2r5TPA/YgNQEKByCcwFwdXPgWdqgUOWzp5tCmqfEJarUNZ ++zRN3GJYY+T73rv9bE6XWPS5mUpx/n8WUFUlRjmWm4hsdRkznnCzBIL+FqiOIkeD +bRZ32iatMdgGbcV+Rkshq67sKpNx2n+JHQ== +-----END CERTIFICATE----- diff --git a/SPECS/grub2.spec b/SPECS/grub2.spec index 48e33e0..735691a 100644 --- a/SPECS/grub2.spec +++ b/SPECS/grub2.spec @@ -24,8 +24,8 @@ Source6: gitignore Source8: strtoull_test.c Source9: 20-grub.install Source12: 99-grub-mkconfig.install -Source13: securebootca.cer -#(source removed) +Source13: centos-ca-secureboot.der +Source14: centossecureboot001.crt %include %{SOURCE1} @@ -52,7 +52,11 @@ BuildRequires: pesign >= 0.99-8 BuildRequires: ccache %endif -ExcludeArch: s390 s390x %{arm} +%if 0%{?centos} +%global efidir centos +%endif + +ExcludeArch: s390 s390x Obsoletes: %{name} <= %{evr} %if 0%{with_legacy_arch} @@ -164,10 +168,10 @@ git commit -m "After making subdirs" %build %if 0%{with_efi_arch} -%{expand:%do_primary_efi_build %%{grubefiarch} %%{grubefiname} %%{grubeficdname} %%{_target_platform} %%{efi_target_cflags} %%{efi_host_cflags} %{SOURCE13} %{SOURCE14} redhatsecureboot301} +%{expand:%do_primary_efi_build %%{grubefiarch} %%{grubefiname} %%{grubeficdname} %%{_target_platform} %%{efi_target_cflags} %%{efi_host_cflags} %{SOURCE13} %{SOURCE14} centossecureboot001} %endif %if 0%{with_alt_efi_arch} -%{expand:%do_alt_efi_build %%{grubaltefiarch} %%{grubaltefiname} %%{grubalteficdname} %%{_alt_target_platform} %%{alt_efi_target_cflags} %%{alt_efi_host_cflags} %{SOURCE13} %{SOURCE14} redhatsecureboot301} +%{expand:%do_alt_efi_build %%{grubaltefiarch} %%{grubaltefiname} %%{grubalteficdname} %%{_alt_target_platform} %%{alt_efi_target_cflags} %%{alt_efi_host_cflags} %{SOURCE13} %{SOURCE14} centossecureboot001} %endif %if 0%{with_legacy_arch} %{expand:%do_legacy_build %%{grublegacyarch}} @@ -498,7 +502,7 @@ fi %endif %changelog -* Tue Apr 28 2020 CentOS Sources - 2.02-81.el8.centos +* Tue Jan 21 2020 CentOS Sources - 2.02-81.el8.centos - Apply debranding changes * Thu Dec 05 2019 Javier Martinez Canillas - 2.02-81