17 lines
667 B
Bash
Executable file
17 lines
667 B
Bash
Executable file
#!/bin/bash -e
|
|
|
|
signed="test.signed"
|
|
|
|
"$sbsign" --cert "$cert" --key "$key" --output "$signed" "$image" || exit 1
|
|
"$sbverify" --cert "$cert" "$signed" || exit 1
|
|
"$sbverify" --cert "$intcert" "$signed" || exit 1
|
|
# there's no intermediate cert in the image so it can't chain to the ca which
|
|
# is why this should fail
|
|
"$sbverify" --cert "$cacert" "$signed" && exit 1
|
|
|
|
# now add the intermediates and each level should succeed
|
|
"$sbsign" --cert "$cert" --addcert "$intcert" --key "$key" --output "$signed" "$image" || exit 1
|
|
"$sbverify" --cert "$cert" "$signed" || exit 1
|
|
"$sbverify" --cert "$intcert" "$signed" || exit 1
|
|
"$sbverify" --cert "$cacert" "$signed" || exit 1
|
|
|