2012-06-13 06:23:26 +00:00
|
|
|
#!/bin/bash -e
|
|
|
|
|
|
2012-06-13 08:56:28 +00:00
|
|
|
signed="test.signed"
|
|
|
|
|
|
2020-06-06 01:34:55 +00:00
|
|
|
"$sbsign" --cert "$cert" --key "$key" --output "$signed" "$image" || exit 1
|
|
|
|
|
"$sbverify" --cert "$cert" "$signed" || exit 1
|
|
|
|
|
"$sbverify" --cert "$intcert" "$signed" || exit 1
|
|
|
|
|
# there's no intermediate cert in the image so it can't chain to the ca which
|
|
|
|
|
# is why this should fail
|
|
|
|
|
"$sbverify" --cert "$cacert" "$signed" && exit 1
|
|
|
|
|
|
|
|
|
|
# now add the intermediates and each level should succeed
|
|
|
|
|
"$sbsign" --cert "$cert" --addcert "$intcert" --key "$key" --output "$signed" "$image" || exit 1
|
|
|
|
|
"$sbverify" --cert "$cert" "$signed" || exit 1
|
|
|
|
|
"$sbverify" --cert "$intcert" "$signed" || exit 1
|
|
|
|
|
"$sbverify" --cert "$cacert" "$signed" || exit 1
|
|
|
|
|
|
