Skip to content

[Secure Boot KEK Update] TOSHIBA PK-Signed KEK Update#372

Closed
YN-1048 wants to merge 1 commit into
microsoft:mainfrom
YN-1048:kek-update/TOSHIBA
Closed

[Secure Boot KEK Update] TOSHIBA PK-Signed KEK Update#372
YN-1048 wants to merge 1 commit into
microsoft:mainfrom
YN-1048:kek-update/TOSHIBA

Conversation

@YN-1048
Copy link
Copy Markdown
Contributor

@YN-1048 YN-1048 commented Mar 24, 2026

OEM Certificate Submission

OEM Name: TOSHIBA Corporation
Contact Email: yuki.numata.d89@mail.toshiba

Certificate Details

  • Platform Key Thumbprint: 7bc94987ac5636c9249492b6600dd55ab9e7be47
  • Expiration Date: 2124-01-13

Testing Completed

  • [*] Windows validation
  • Linux validation

Security Review

  • [*] No known security issues

Additional Notes

none

@YN-1048
Copy link
Copy Markdown
Contributor Author

YN-1048 commented Mar 25, 2026

@YN-1048 please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.

@microsoft-github-policy-service agree company="TOSHIBA Corporation"

@Flickdm
Copy link
Copy Markdown
Member

Flickdm commented Mar 25, 2026

FYI: @jgeurten @hughsie

@Flickdm
Copy link
Copy Markdown
Member

Flickdm commented Apr 1, 2026

Thanks! It looks like the PostSignedObjects/KEK/kek_update_map.json has more changes than I expected. Rather than have you fix the file, why don't we drop the changes and I'll fix it up myself after your binary gets in.

Other than that your auth variable update looks like it will be successful!

Let me know if you need help with the git commands.

INFO:root:Validating: KEKUpdate_TOSHIBA_PK7bc94987.bin
INFO:root:Verifying authenticated variable: review/KEKUpdate_TOSHIBA_PK7bc94987.bin
INFO:root:[+] Authenticated variable signature is VALID
INFO:root:  Cryptographic Signature: VALID
INFO:root:  Expected Payload: True
{
  "validation_date": "2026-04-01T22:40:28.395264+00:00",
  "file": "review/KEKUpdate_TOSHIBA_PK7bc94987.bin",
  "parameters": {
    "var_name": "KEK",
    "var_guid": "8be4df61-93ca-11d2-aa0d-00e098032b8c",
    "attributes": "NV,BS,RT,AT,AP"
  },
  "result": {
    "filename": "KEKUpdate_TOSHIBA_PK7bc94987.bin",
    "path": "review/KEKUpdate_TOSHIBA_PK7bc94987.bin",
    "valid": true,
    "payload_hash_valid": true,
    "error": null,
    "warnings": [],
    "details": {
      "verified": true
    },
    "payload_hash": "5b85333c009d7ea55cbb6f11a5c2ff45ee1091a968504c929aed25c84674962f",
    "payload_size": 1506
  }
}
2b4f8e0d45578f5bb0592cb642c01ee0ded2004d9a9dae5c156f6958658caf84  review/KEKUpdate_TOSHIBA_PK7bc94987.bin

@YN-1048
Copy link
Copy Markdown
Contributor Author

YN-1048 commented Apr 2, 2026

Thanks! It looks like the PostSignedObjects/KEK/kek_update_map.json has more changes than I expected. Rather than have you fix the file, why don't we drop the changes and I'll fix it up myself after your binary gets in.

I support your approach.
Thank you.

Flickdm pushed a commit to Flickdm/secureboot_objects that referenced this pull request Apr 2, 2026
@YN-1048 @Flickdm
[Secure Boot KEK Update] TOSHIBA PK-Signed KEK Update
b700b90 
REF: microsoft#372
@Flickdm Flickdm mentioned this pull request Apr 2, 2026
Merged
5 tasks
Flickdm pushed a commit to Flickdm/secureboot_objects that referenced this pull request Apr 2, 2026
@YN-1048 @Flickdm
[Secure Boot KEK Update] TOSHIBA PK-Signed KEK Update
39aa5bc 
REF: microsoft#372
Flickdm pushed a commit that referenced this pull request Apr 2, 2026
@YN-1048 @Flickdm
[Secure Boot KEK Update] TOSHIBA PK-Signed KEK Update
40b3484 
REF: #372
@Flickdm
Copy link
Copy Markdown
Member

Flickdm commented Apr 2, 2026

Merged!

@Flickdm Flickdm closed this Apr 2, 2026
@hughsie
Copy link
Copy Markdown

hughsie commented Apr 7, 2026

Mirrored to the LVFS as https://fwupd.org/lvfs/firmware/132668/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@YN-1048 @Flickdm @hughsie