Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
MP 1,1-5,1 MacPro5,1: BootROM thread | 144.0.0.0.0
- Thread starter tsialex
- WikiPost WikiPost
- Start date
- Sort by reaction score
- Status
Yes. I don't think that is safe to use a BootROM with multiple sign certificates. I'll PM you.
tsialex: would you like to check my rom for your research/statistics? I have never installed windows and have High Sierra with MP51.0085.B00 Bootrom.
So I just make a dump with RomTool and send it to you?
Best Regards
Chris
So I just make a dump with RomTool and send it to you?
Best Regards
Chris
Are we saying we should avoid booting WIN 10 until we know more? Or are the certs ONLY signed/resigned with new EFI Windows installs?
I am watching macrumours for several years (although I recently signed up) and the thread since the beginning so I 'm pretty impressed and thankful for the knowledge I gained.
I tried to binwalk my BootROM dump and the output is that (normal, I guess):
DECIMAL HEXADECIMAL DESCRIPTION
-------------------------------------------------------------------------------
0 0x0 UEFI PI firmware volume
16524 0x408C UEFI PI firmware volume
24972 0x618C CRC32 polynomial table, little endian
35787 0x8BCB mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit
49948 0xC31C UEFI PI firmware volume
524288 0x80000 UEFI PI firmware volume
540812 0x8408C UEFI PI firmware volume
549260 0x8618C CRC32 polynomial table, little endian
560075 0x88BCB mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit
574236 0x8C31C UEFI PI firmware volume
1048576 0x100000 UEFI PI firmware volume
1114112 0x110000 UEFI PI firmware volume
1343511 0x148017 bzip2 compressed data, block size = 100k
1376256 0x150000 UEFI PI firmware volume
My cMP is an 4.1->5.1 (purchased from Germany in March 2009) with stock CPUs (2x2.26), stock RAM (6 Gb) and MSI 560 aero 4 Gb with 138.0.0.0.0, running Mojave. I skipped 087 firmware.
Because of the purchase date, i guess that cMP would be one from the earliest machines. If you feel that will help, I can send you my BootROM
I tried to binwalk my BootROM dump and the output is that (normal, I guess):
DECIMAL HEXADECIMAL DESCRIPTION
-------------------------------------------------------------------------------
0 0x0 UEFI PI firmware volume
16524 0x408C UEFI PI firmware volume
24972 0x618C CRC32 polynomial table, little endian
35787 0x8BCB mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit
49948 0xC31C UEFI PI firmware volume
524288 0x80000 UEFI PI firmware volume
540812 0x8408C UEFI PI firmware volume
549260 0x8618C CRC32 polynomial table, little endian
560075 0x88BCB mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit
574236 0x8C31C UEFI PI firmware volume
1048576 0x100000 UEFI PI firmware volume
1114112 0x110000 UEFI PI firmware volume
1343511 0x148017 bzip2 compressed data, block size = 100k
1376256 0x150000 UEFI PI firmware volume
My cMP is an 4.1->5.1 (purchased from Germany in March 2009) with stock CPUs (2x2.26), stock RAM (6 Gb) and MSI 560 aero 4 Gb with 138.0.0.0.0, running Mojave. I skipped 087 firmware.
Because of the purchase date, i guess that cMP would be one from the earliest machines. If you feel that will help, I can send you my BootROM
Last edited:
Hi tsialex,
Could you please take a look at my binwalk output? I have reinstalled both Windows 10 EFI and Mac OS several times over the past few weeks whilst troubleshooting some unrelated issues and this has me worried.
Also if you could PM me your PayPal details I would like to send a small donation as a thank you for all of your hard work helping us old cMP users!
Cheers
Could you please take a look at my binwalk output? I have reinstalled both Windows 10 EFI and Mac OS several times over the past few weeks whilst troubleshooting some unrelated issues and this has me worried.
Also if you could PM me your PayPal details I would like to send a small donation as a thank you for all of your hard work helping us old cMP users!
Cheers
Attachments
You have two signing certificates. I have a lot of BootROMs to correct, I can correct yours but not immediately. I'll PM you.
[doublepost=1539771650][/doublepost]
A useless analysis of macOS (OS X) release dates
[doublepost=1539771791][/doublepost]
Yep, no IASInstallPhaseList.plist or signing certificates.
[doublepost=1539771923][/doublepost]
Could you please check the Build date (open your BootROM with any hex editor, go to the end, it's something like 090208090208p).
[doublepost=1539771968][/doublepost]
Thx!Comes today if i am back at home.
[doublepost=1539772163][/doublepost]
With info that we have, seems the trigger is related to MP51.0087.B00 and Windows UEFI install.
You have 140.0.0.0.0, so you will have just one signing certificate after installing Windows in UEFI mode.
Is it interesting that I had no signing certificates, but I previously had Win 10 UEFI installed? I did skip over MP51.0087 entirely. On 138.0 now.
Microsoft documentation with the Windows Signing Certificate talks about 4 ways to install Windows, some with and without the signing. Maybe you installed in a way that didn't had the signing process?
I started to learn this after I found the multiple certificates problem, I'm no way a expert and the documentation is very confusing.
Hmm, I installed from DVD (created from iso downloaded from Microsoft) after choosing UEFI from Option boot manager screen (used HD5770 video card to get that). Seems like a pretty standard UEFI install.
One of the Microsoft support documents that I and @marcoscc linked before shows a registry search to find if it's a UEFI install and some filesystem clues. If you have time, take a look.
This docs:
Diving into Secure Boot
Windows Secure Boot Key Creation and Management Guidance
Boot to UEFI Mode or legacy BIOS mode
Last edited:
It was previously UEFI. No question about that, GPT disk and all. That's why I had the "stuck in Win10 issue" after the v1809 update, and that's when I reinstalled in legacy-BIOS mode.
Maybe for some reason, the UEFI install didn't triggered the start of SecureBoot signing, Microsoft has a mode that has UEFI without SecureBoot, so no surprise here.
I Just checked it, and the outcome is 090218090218p. Not the oldest backplane, I guess...
edit: Base_17 descriptor
Last edited:
Please do further reading in this very thread before asking the same question which has been answered many, many times before. It is good etiquette as well as being respectful to other forum members.
If people really need to ask how they can download a developer beta, then it is definitely not appropriate to play around with literally no knowledge. Sorry for being so honest, but recently so many people request help for stuff they don't understand and ask the same questions over and over again. It is getting annoying to read so many "useless" posts when everything was answered million times before.