From 8f7d539eb78f4c4fcda2822094597af1c36d7eb9098ce2a40413fd9fb853aa61 Mon Sep 17 00:00:00 2001
From: Joey Lee <jlee@suse.com>
Date: Sat, 17 Feb 2024 10:35:28 +0000
Subject: [PATCH] Accepting request 1147310 from
 home:joeyli:branches:devel:openSUSE:Factory

Add suffix string of project to filename of included certificates

OBS-URL: https://build.opensuse.org/request/show/1147310
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=210
---
 shim.changes | 19 +++++++++++++++++++
 shim.spec    |  3 ++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/shim.changes b/shim.changes
index 27965fc..de0cbca 100644
--- a/shim.changes
+++ b/shim.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Sat Feb 17 07:51:01 UTC 2024 - Joey Lee <jlee@suse.com>
+
+- Modified shim.spec file to add suffix string of project to filename
+  of included certificates. e.g.
+    rpm -pql shim-15.8-lp155.6.1.x86_64.rpm
+        /etc/uefi
+        /etc/uefi/certs
+        /etc/uefi/certs/2B697CB1-shim-devel.crt
+        /etc/uefi/certs/4659838C-shim-opensuse.crt
+        /etc/uefi/certs/BCA4E38E-shim-sles.crt
+
+  The original name of crt files are:
+        /etc/uefi/certs/2B697CB1-shim.crt
+        /etc/uefi/certs/4659838C-shim.crt
+        /etc/uefi/certs/BCA4E38E-shim.crt
+
+  It can indicate the souce project of certificates.
+
 -------------------------------------------------------------------
 Thu Feb 15 09:46:09 UTC 2024 - Joey Lee <jlee@suse.com>
 
diff --git a/shim.spec b/shim.spec
index 8e51334..8636131 100644
--- a/shim.spec
+++ b/shim.spec
@@ -283,8 +283,9 @@ install -m 755 %{SOURCE3} %{buildroot}/%{_sbindir}/
 # install SUSE certificate
 install -d %{buildroot}/%{_sysconfdir}/uefi/certs/
 for file in shim-*.der; do
+    filename=$(echo "$file" | cut -f 1 -d '.')
     fpr=$(openssl x509 -sha1 -fingerprint -inform DER -noout -in $file | cut -c 18- | cut -d ":" -f 1,2,3,4 | sed 's/://g')
-    install -m 644 $file %{buildroot}/%{_sysconfdir}/uefi/certs/${fpr}-shim.crt
+    install -m 644 $file %{buildroot}/%{_sysconfdir}/uefi/certs/${fpr}-${filename}.crt
 done
 %if %{defined shim_lib64_share_compat}
     [ "%{sysefidir}" != "/usr/lib64/efi" ] || exit 1