pool/shim
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
shim/extract_signature.sh

25 lines
447 B
Bash
Raw Normal View History

Accepting request 186534 from home:lnussel:branches:devel:openSUSE:Factory - don't include binary in the sources. Instead package the raw signature and attach it during build (bnc#813448). OBS-URL: https://build.opensuse.org/request/show/186534 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=32
2013-08-09 09:33:45 +00:00
#!/bin/bash
# extract ascii armored signature from a PE binary
set -e
infile="$1"
if [ -z "$infile" -o ! -e "$infile" ]; then
echo "USAGE: $0 file.efi"
exit 1
fi
nssdir=`mktemp -d`
cleanup()
{
rm -r "$nssdir"
}
trap cleanup EXIT
echo > "$nssdir/pw"
certutil -f "$nssdir/pw" -d "$nssdir" -N
# wtf?
(pesign -n "$nssdir" -h -P -i "$infile";
Accepting request 199366 from home:fcrozat:branches:devel:openSUSE:Factory - Update microsoft.asc: shim signed by UEFI signing service, based on code from "Fri Sep 6 13:57:36 UTC 2013". - Improve extract_signature.sh to work on current path. OBS-URL: https://build.opensuse.org/request/show/199366 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=44
2013-09-17 09:17:43 +00:00
perl $(dirname $0)/timestamp.pl "$infile";
Accepting request 186534 from home:lnussel:branches:devel:openSUSE:Factory - don't include binary in the sources. Instead package the raw signature and attach it during build (bnc#813448). OBS-URL: https://build.opensuse.org/request/show/186534 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=32
2013-08-09 09:33:45 +00:00
pesign -n "$nssdir" -a -f -e /dev/stdout -i "$infile")|cat
Reference in New Issue Copy Permalink