Added capability to audit ESP partition for revoked files

[sei-vsarvepalli]

This setup now has an audit capability to check if any of the EFI files in the ESP folder - (default ESP mapped as FS0) has any files that are matching with the file in the DBX. Just right click "Scan EFI file against Microsoft DBX JSON".

1. The script get the latest DBX JSON from Microsoft Secureboot objects folder https://github.com/microsoft/secureboot_objects/blob/main/PreSignedObjects/DBX/dbx_info_msft_latest.json
2. Compares any binary file in the in the first ESP volume.
3. Currently it does not care about the architecture.

The script can be used to audit current DBX status before applying the DBX update.

See screenshot example

[cjee21]

Some questions/issues:

• UEFI DBX uses Authenticode hash, not flat hash and some entries in Microsoft's json only has Authenticode hash. It seems you use flat hash only so does this mean the check is not reliable?
• For certificates, thumbprint should be usable and Microsoft's json has thumbprint for certs. Can get cert thumbprint from inside DBX also.
• In readme, "Just right click Scan ESP for revoked files.cmd." then what? Right click only will not do anything and some users will not know what next.
• If the script has limitations and does not reliably detect every revoked binary, for example not checking certs or Authenticode hash, it should be stated in the readme so that users know the results may not have 100% coverage.

Suggestion:

• another feature for checking any EFI file / bootable media specified by user may be added as some users may want to check whether their bootable USB is revoked and needs to be updated or not.