binwalk shimx64.efi
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 Microsoft executable, portable (PE)
26243 0x6683 mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit
520512 0x7F140 SHA256 hash constants, little endian
574827 0x8C56B Unix path: /usr/local/ssl/private
582272 0x8E280 Base64 standard index table
679440 0xA5E10 Certificate in DER format (x509 v3), header length: 4, sequence length: 1132
918693 0xE04A5 Certificate in DER format (x509 v3), header length: 4, sequence length: 1300
919997 0xE09BD Certificate in DER format (x509 v3), header length: 4, sequence length: 1552
922619 0xE13FB Certificate in DER format (x509 v3), header length: 4, sequence length: 1265
923888 0xE18F0 Certificate in DER format (x509 v3), header length: 4, sequence length: 1649
dd if=./shimx64.efi of=test1 skip=679440 count=239253 bs=1
openssl x509 -inform der -in test1 -out test1.pem
openssl x509 -in test1.pem -noout -text
其实都不用从DER转成PEM,直接
openssl x509 -in xxx.der -inform der -text
另外系统里查看BIOS有没有启用安全启动用
bootctl status