- Note: refer to README.orig for the build steps. - First, generate a self-signed example certificate. - Compute the PE authenticate hash ```shell ./src/sbsign --key sample.pem --cert sample.pem bzImage ``` example output: ``` sum region: 0x0000 -> 0x00d9 [0x00da bytes] sum region: 0x00de -> 0x0129 [0x004c bytes] sum region: 0x0132 -> 0x01ff [0x00ce bytes] sum region: 0x0200 -> 0x39df [0x37e0 bytes] sum region: 0x39e0 -> 0x39ff [0x0020 bytes] sum region: 0x3a00 -> 0x61d71f [0x619d20 bytes] sha384 digest: ae53ade456d0eaddb739e78914390bc6f33e368bc67a57dc8751aa863fbce1de6ef7ae951e1dc17d9d24db098763f77d ``` - Compute the PE authenticate hash with patched bzImage ```shell ./src/sbsign --key sample.pem --cert sample.pem -Q bzImage ``` example output: ``` patching @0x210 (type_of_loader) to 0xb0 ... patching @0x211 (loadflags) to 0x81 ... patching @0x224 (heap_end_ptr) to 0xfe00 ... patching @0x228 (cmd_line_ptr) to 0x20000 sum region: 0x0000 -> 0x00d9 [0x00da bytes] sum region: 0x00de -> 0x0129 [0x004c bytes] sum region: 0x0132 -> 0x01ff [0x00ce bytes] sum region: 0x0200 -> 0x39df [0x37e0 bytes] sum region: 0x39e0 -> 0x39ff [0x0020 bytes] sum region: 0x3a00 -> 0x61d71f [0x619d20 bytes] sha384 digest: 283471cdbd2b3ee19142938daa12edd9eda3ff8422f14ff4190c3f0140ca4ef1b4685bacda6d025b84f159d7f6ea2a88 ```