init(keyExchangeKeys:dbSignatures:dbxSignatures:)
Creates a signature lists container from signature list objects.
Declaration
init(keyExchangeKeys: [VZEFISignatureList], dbSignatures: [VZEFISignatureList], dbxSignatures: [VZEFISignatureList])Parameters
- keyExchangeKeys:
An array of Vzefisignaturelist objects for the Key Exchange Key (KEK) database. Must contain only X.509 certificates. If any signature list contains SHA-256 hashes, the framework raises an exception. This parameter can be empty if you don’t need to add KEK signatures.
- dbSignatures:
An array of Vzefisignaturelist objects for the allowed signature database (db). This parameter can be empty if you don’t need to add allowed signatures.
- dbxSignatures:
An array of Vzefisignaturelist objects for the forbidden signature database (dbx). This parameter can be empty if you don’t need to add forbidden signatures.
Discussion
This initializer creates a container holding signature lists for all three UEFI Secure Boot databases.
The following example demonstrates the creation of a VZEFISignatureDatabaseConfiguration with a fully custom configuration.