#!/bin/bash -ex

signed="test.signed"
unsigned="test.unsigned"

"$sbsign" --cert "$cert" --key "$key" --output "$signed" "$image"
cp "$signed" "$unsigned"
"$sbattach" --remove "$unsigned"

# ensure that there is no security directory
objdump -p $unsigned | grep -q '0\+ 0\+ Security Directory'

# ensure that the unsigned file is the same size as our original binary
[ $(stat --format=%s "$image") -eq $(stat --format=%s "$unsigned") ]