Add a reset for Shim variables that disable parts of its Secure Boot …

…validation

* Per https://github.com/rhboot/shim/blob/main/MokVars.txt, some Shim variables
  (MokSBState, MokDBState, MokIgnoreDB) might be set, that bypass parts of its
  standard Secure Boot validation.
* Detect if any of these variables are set, and ask the user if they want to
  reset them.

Add PFX support for providing certificates

* Also set the start date of the credentials we generate to 00:00 so that users
  don't run into a situation where they can't sign an executable because the
  credentials are not valid yet.
* Also re-instate 'Microsoft Windows Production PCA 2011' DB installation since
  KB5025885 is a complete mess and, even with the 2024.08 refresh, Microsoft still
  has not defaulted to use UEFI bootloaders that are signed with the new 2023 creds.

Update README and add Mosby.nsh

* Also only apply the OpenSSL patch to the architecture it's relevant to.

Add a new [DETECT] mode for DB that reuses an existing cert if present

* Also add Utf16ToUtf8() and replace UCS-2 references to UTS-16
  (since we are actually processing UTF-16 and not UCS-2).
* Also add SimpleFileExistsByPath() and update the README.

Add README and update GitHub Actions to produce releases