It’s good that you were able to get a complete dump of your firmware with fptw. You have now a valid backup!
Don’t work on the dump, always use a copy so that your dump is still available!
Read the guide to the letter otherwise you’ll brick your machine!
The only mentioning of SMIP signing key is in paragraph 7 and 13 which have the words
“If you are working on a CSTXE 3-4 SPI/BIOS image” in the beginning.
You are working on a CSE ME 11.8
There’s a guide unlocking flash descriptor but there might be other restrictions. CH341 programmer (with accessories) might be needed
The ME from the repository is an unconfigured ME, not a region ready to flash. It always has to be configured with FIT. Using it by just cutting it in size for example would brick your machine!