Remove Ubuntu CA and dbx files from the repository

(cherry picked from commit 57b6c43301b1943197eef3d816639277869231d7)

Conflicts:
	debian/rules

FG: adapted to Proxmox d/rules
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

debian/rules

@@ -2,18 +2,8 @@
 
 include /usr/share/dpkg/architecture.mk
 
-# Other vendors, add your certs here.  No sense in using
-# dpkg-vendor --derives-from, because only Canonical-generated binaries will
-# be signed with this key; so if you are building your own shim binary you
-# should be building the other binaries also.
-ifeq ($(shell dpkg-vendor --is ubuntu && echo yes),yes)
-	cert=debian/canonical-uefi-ca.der
-	distributor=ubuntu
-COMMON_OPTIONS ?= ENABLE_SHIM_CERT=1 ENABLE_SBSIGN=1
-else
-	cert=debian/proxmox-uefi-ca.der
-	distributor=proxmox
-endif
+cert=debian/proxmox-uefi-ca.der
+distributor=proxmox
 
 deb_version             := $(shell dpkg-parsechangelog | sed -ne "s/^Version: \(.*\)/\1/p")
 upstream_version        := $(shell echo $(deb_version) | sed -e "s/-[^-]*$$//")

debian/ubuntu-dbx.hashes

@@ -1,22 +0,0 @@
-# debian-dbx.hashes
-#
-# This file contains the sha256 sums of the binaries that we want to
-# blacklist directly in our signed shim. Add entries below, with comments
-# to explain each entry (where possible).
-#
-# The data in this file needs should be of the form:
-#
-# <hex-encoded sha256 checksums> <arch>
-#
-# All other lines will be ignored. I'm using shell-style comments just
-# for clarity.
-#
-# The hashes are generated using:
-#
-#     pesign --hash --padding --in <binary>
-#
-# on *either* the signed or unsigned binary, pesign doesn't care
-# which. See the helper script block_signed_deb for an easy way to
-# generate this information.
-
-# ... This file intentionally left blank for now ...