Blame tests/p_shim/01_shim_secureboot_signed.sh

25c93a
#!/bin/bash
25c93a
# This test will verify that shim.efi is correctly signed with correct cert in the CA chain
25c93a
25c93a
t_Log "Running $0 -  Verifying that shim.efi is correctly signed with correct cert"
25c93a
4e7f11
if [[ "$centos_ver" = "7" && "$arch" = "x86_64" ]] ; then
25c93a
  t_InstallPackage pesign shim
8de756
  pesign --show-signature --in /boot/efi/EFI/centos/shim.efi|grep -q 'Microsoft Windows UEFI Driver Publisher'
9bd632
  t_CheckExitStatus $?
38d063
elif [[ "$centos_ver" -ge "8" && "$arch" = "x86_64" ]] ; then
38d063
  t_InstallPackage pesign shim
38d063
  pesign --show-signature --in /boot/efi/EFI/centos/shimx64.efi |grep -q 'Microsoft Windows UEFI Driver Publisher'
38d063
  t_CheckExitStatus $?
25c93a
else
4e7f11
  t_Log "previous versions than CentOS 7 - or not x86_64 arch - aren't using shim/secureboot ... skipping"
25c93a
  exit 0
25c93a
fi
25c93a