Hello community, here is the log from the commit of package shim for openSUSE:Factory checked in at 2013-08-12 14:22:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/shim (Old) and /work/SRC/openSUSE:Factory/.shim.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "shim" Changes: -------- --- /work/SRC/openSUSE:Factory/shim/shim.changes 2013-08-01 16:08:56.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.shim.new/shim.changes 2013-08-12 14:22:14.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Aug 7 15:51:36 UTC 2013 - lnus...@suse.de + +- don't include binary in the sources. Instead package the raw + signature and attach it during build (bnc#813448). + +------------------------------------------------------------------- Old: ---- shim-signed.efi New: ---- attach_signature.sh extract_signature.sh microsoft.asc show_hash.sh ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ shim.spec ++++++ --- /var/tmp/diff_new_pack.EeRpj4/_old 2013-08-12 14:22:15.000000000 +0200 +++ /var/tmp/diff_new_pack.EeRpj4/_new 2013-08-12 14:22:15.000000000 +0200 @@ -26,13 +26,15 @@ Group: System/Boot Url: https://github.com/mjg59/shim Source: %{name}-%{version}.tar.bz2 -# this binary has been signed by UEFI signing service -# FIXME: evaluate whether using signature only and attaching that -# to the built binary also works -Source1: shim-signed.efi +# run "extract_signature.sh shim.efi" where shim.efi is the binary +# with the signature from the UEFI signing service. +Source1: microsoft.asc Source2: openSUSE-UEFI-CA-Certificate.crt Source3: shim-install Source4: SLES-UEFI-CA-Certificate.crt +Source5: extract_signature.sh +Source6: attach_signature.sh +Source7: show_hash.sh # PATCH-FIX-SUSE shim-suse-build.patch g...@suse.com -- Adjust Makefile for the build service Patch0: shim-suse-build.patch # PATCH-FIX-UPSTREAM shim-fix-pointer-casting.patch g...@suse.com -- Fix a casting issue and the size of an empty vendor_cert or dbx_cert. @@ -121,15 +123,29 @@ # make sure cast warnings don't trigger post build check make VENDOR_CERT_FILE=shim-$suffix.der shim.efi MokManager.efi fallback.efi 2>/dev/null # make VENDOR_CERT_FILE=cert.der VENDOR_DBX_FILE=dbx -mv shim.efi shim-$suffix.efi +cp shim.efi shim-$suffix.efi +chmod 755 %{SOURCE6} %{SOURCE7} +# alternative: verify signature +#sbverify --cert MicCorThiParMarRoo_2010-10-05.pem shim-signed.efi +head -1 %{SOURCE1} > hash1 +%{SOURCE7} shim.efi > hash2 +cat hash1 hash2 +if ! cmp -s hash1 hash2; then + echo "ERROR: binary changed, need to request new signature!" + # don't fail in devel projects + prj="%{_project}" + if "${prj%%:*}" = "openSUSE"; then + false + fi +fi +%{SOURCE6} %{SOURCE1} shim.efi %install export BRP_PESIGN_FILES='%{_libdir}/efi/shim*.efi %{_libdir}/efi/MokManager.efi %{_libdir}/efi/fallback.efi' install -d %{buildroot}/%{_libdir}/efi install -m 644 shim-*.efi %{buildroot}/%{_libdir}/efi install -m 444 shim-*.der %{buildroot}/%{_libdir}/efi -# FIXME: install signed shim here -install -m 644 %{SOURCE1} %{buildroot}/%{_libdir}/efi/shim.efi +install -m 644 shim-signed.efi %{buildroot}/%{_libdir}/efi/shim.efi install -m 644 MokManager.efi %{buildroot}/%{_libdir}/efi/MokManager.efi install -m 644 fallback.efi %{buildroot}/%{_libdir}/efi/fallback.efi install -d %{buildroot}/%{_sbindir} ++++++ attach_signature.sh ++++++ #!/bin/bash # attach ascii armored signature to a PE binary set -e sig="$1" infile="$2" if [ -z "$sig" -o ! -e "$sig" -o -z "$infile" -o ! -e "$infile" ]; then echo "USAGE: $0 sig.asc file.efi" exit 1 fi outfile="${infile%.efi}-signed.efi" nssdir=`mktemp -d` cleanup() { rm -r "$nssdir" } trap cleanup EXIT echo > "$nssdir/pw" certutil -f "$nssdir/pw" -d "$nssdir" -N pesign -n "$nssdir" -m "$sig" -i "$infile" -o "$outfile" ++++++ extract_signature.sh ++++++ #!/bin/bash # extract ascii armored signature from a PE binary set -e infile="$1" if [ -z "$infile" -o ! -e "$infile" ]; then echo "USAGE: $0 file.efi" exit 1 fi nssdir=`mktemp -d` cleanup() { rm -r "$nssdir" } trap cleanup EXIT echo > "$nssdir/pw" certutil -f "$nssdir/pw" -d "$nssdir" -N # wtf? (pesign -n "$nssdir" -h -P -i "$infile"; pesign -n "$nssdir" -a -f -e /dev/stdout -i "$infile")|cat ++++++ microsoft.asc ++++++ hash: cb340011afeb0d74c4a588b36ebaa441961608e8d2fa80dca8c13872c850796b -----BEGIN AUTHENTICODE SIGNATURE----- MIIhPgYJKoZIhvcNAQcCoIIhLzCCISsCAQExDzANBglghkgBZQMEAgEFADBcBgor BgEEAYI3AgEEoE4wTDAXBgorBgEEAYI3AgEPMAkDAQCgBKICgAAwMTANBglghkgB ZQMEAgEFAAQgyzQAEa/rDXTEpYizbrqkQZYWCOjS+oDcqME4cshQeWugggrpMIIE 0TCCA7mgAwIBAgITMwAAAAgesX6cFfyDegABAAAACDANBgkqhkiG9w0BAQsFADCB gTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjErMCkGA1UEAxMi TWljcm9zb2Z0IENvcnBvcmF0aW9uIFVFRkkgQ0EgMjAxMTAeFw0xMjA3MDIyMjI1 MTRaFw0xMzEwMDIyMjI1MTRaMIGVMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv cnBvcmF0aW9uMQ0wCwYDVQQLEwRNT1BSMTAwLgYDVQQDEydNaWNyb3NvZnQgV2lu ZG93cyBVRUZJIERyaXZlciBQdWJsaXNoZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDpIk+20zs8FhtIQeSe7u0Zy3v+A6a9a/HrKH3WwokbEKW/s5l9 TL84I+diNjk92FTXhCTT6uJTxVvjPiaojAHGmeDtq63hMdG1ohoCVzKoUjy0k6eH e7X4svz0S57G14dtK742GhM2iIw9y9FedPZxfG4PjC9+y/iNpdXnszHwPysxNtYd /qPkE1AA0c7qPgm1/twwtB95d+UCgyyfwHAHY+fmjEOBC5HJc2PZRbmEWgeuve5t xFZ0LhGHcyXPleVtJftuv6Nx8VVpGzC959IdseQBbuNtLyCH4tqAAGfsWEoHCVcN gk+COheAFQanfGIbi+Yi16CmV+YfjpAgLzbnAgMBAAGjggEqMIIBJjAfBgNVHSUE GDAWBggrBgEFBQcDAwYKKwYBBAGCN1ACATAdBgNVHQ4EFgQUwEz8eC+VFd3VZV26 /zKXOWqTUqYwHwYDVR0jBBgwFoAUE62/Qwm9gnCcjNVPMW7VIpiKG9QwUwYDVR0f BEwwSjBIoEagRIZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwv TWljQ29yVUVGQ0EyMDExXzIwMTEtMDYtMjcuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0 cy9NaWNDb3JVRUZDQTIwMTFfMjAxMS0wNi0yNy5jcnQwDAYDVR0TAQH/BAIwADAN BgkqhkiG9w0BAQsFAAOCAQEAhAgxQ55OY+iNAOGwwGeNcLuJ9GbpAnqygXeSbV3v gXWzJA5yn5Q/HmvZSg8nyS5palABwHR/a/dXTAnoSFpettcCQkTd1zI2wo6d+tWO xQmLdFFiNCMlUtkjDB0N2ucxCLCgFEvZ6SZdrFbr3M51Es82J6aFjUGHbt4Z014O J5V6aJaq6eoVAJgydFD+fHI4Wqxv7/Bhaz0GbNC+flpTe7GEiMZ9ufBzHDCseRj+ l3tCUP+/vuqB4bo7igMFuTdPDSJFN4HMWCO1+q1eUOhDBjgfgzgv4O2LF2qcn/GG jMZUPn8SsfESrcYkMP0bpTDYd6KQ8NLgnqzOB+037EOcJTCCBhAwggP4oAMCAQIC CmEI08QAAAAAAAQwDQYJKoZIhvcNAQELBQAwgZExCzAJBgNVBAYTAlVTMRMwEQYD VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy b3NvZnQgQ29ycG9yYXRpb24xOzA5BgNVBAMTMk1pY3Jvc29mdCBDb3Jwb3JhdGlv biBUaGlyZCBQYXJ0eSBNYXJrZXRwbGFjZSBSb290MB4XDTExMDYyNzIxMjI0NVoX DTI2MDYyNzIxMzI0NVowgYExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y YXRpb24xKzApBgNVBAMTIk1pY3Jvc29mdCBDb3Jwb3JhdGlvbiBVRUZJIENBIDIw MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClCGxMx0UJaksMpMCH fwZ1DEMBVGTgFn8H7ZJ9C7JzvwwKxkpFYaDFFi2W0/UroPtNSZtBgJA8uVT95rzR ncSkGIp/QYpcWYNoMruMR8nucbwhT5qKfP9EP42PMrImSK51te7JTB5KGX7kgpod eHdNDLC99g/TFtO8+iulUThd9fu623gC2//sChuW1YO4GRPptsB7QHvhHygnyfrv Vl4c5n6UfsDwRLJ5OeXasmKLTb84cOJoJBTJM6QIN9VYaV7TfO3BBFMI506wKodj CGFvYxVZ6rIredcMYWeKW/1erYd/uoZnT3FYEiIEIiLOi+9UcQDOUDVYdpUI7mqx ogHVAgMBAAGjggF2MIIBcjASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcV AgQWBBT4wWu3f3dTSvMlNx1OoSZ7DyBwgDAdBgNVHQ4EFgQUE62/Qwm9gnCcjNVP MW7VIpiKG9QwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGG MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAURWZSQ+F+WBG/1k6eI1UIOzoi aqgwXAYDVR0fBFUwUzBRoE+gTYZLaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3Br aS9jcmwvcHJvZHVjdHMvTWljQ29yVGhpUGFyTWFyUm9vXzIwMTAtMTAtMDUuY3Js MGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEaHR0cDovL3d3dy5taWNyb3Nv ZnQuY29tL3BraS9jZXJ0cy9NaWNDb3JUaGlQYXJNYXJSb29fMjAxMC0xMC0wNS5j cnQwDQYJKoZIhvcNAQELBQADggIBADUIQv8wzM73dgytEGhYNSlGMnYnfO8SQSdC G0qqbYE4SFkTVfPpWDSmFguCql2tgtqAg0EGj7Qd8gO58xpdG/FQkPmzVYRCKBwg vbKuURTFwKyXlSEckNsP/HeelXORiMq9vVK5BVAN31eeoGHtDeVtJdlADxdAyM6j SsJNr5oSHQhUj73HvLkrPUkrHzL8aiFpT5vIfkI0/DYGF4uPIEDAs5oldSfNyQOj 9l3R5zZUerlQtdMS0Qe/u3Tf3B6PgNXtGPQvFBZrL95mjLAj5ceE2O3qwTOCrVZL GC3xaJUHzc/wcvCuu92GhZgsIUwzK/APSvBoh7WSVTJ1oWqCajyjJRGk7a3XBK7L 2EBZoITRlUxikSIadB2MPUcORKbksJs0NbH6tlOoLIHspAVxyJ24uugbRGbkR1QO jlZ/s58WmLKG0Gg+kCO1L16PUIWNxo2CX0Gh9C4N4JnSbHXktmm1IYb6B9H24k3R 2q0sd1MeJTI3x2xScpWGsPE1YWoZ9bI7gVBWpjIt/qKJ+UKGJxhVoYLKWpv4MJhU FKZHliUvyCbkQZQaXAI/5ZbjhVs8Pj+7RxZyVeIlIrHZe+cDBiqj9x6QRsMADdYZ ieMONSdiA3EVpu/QJ6CgWTdg+DiUuOB4cPi6TIaHlPbgrgJF7mXCtqN+aRZ1B5Kb 9aa8WYNYMYIVyDCCFcQCAQEwgZkwgYExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpX YXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg Q29ycG9yYXRpb24xKzApBgNVBAMTIk1pY3Jvc29mdCBDb3Jwb3JhdGlvbiBVRUZJ IENBIDIwMTECEzMAAAAIHrF+nBX8g3oAAQAAAAgwDQYJYIZIAWUDBAIBBQCggcow GQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEOMAwGCisG AQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIGVZb//6Ozv03LK+h0gc9rgbrHonOkZd 0MfBd8nL3VbhMF4GCisGAQQBgjcCAQwxUDBOoBqAGABXAGkAbgBxAHUAYQBsACAA VABlAHMAdKEwgC5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vd2hkYy9oY2wvZGVm YXVsdC5tc3B4MA0GCSqGSIb3DQEBAQUABIIBAEUjL3FyotA8sfCYF1B24bGYtPZb dMlmr+6crsaQTI0iNFIqH7O7PrN082ScJHIOpGZtpuo6vblmDMGemdgN8Ad2mnju JNPKkvzlm/0XUDoUmx+Dbl6tKCpVyh7ZEz6mTAHV2RZUbzevkIR9oAanyaNNJZHc e0d6VdykdYtPZeK5sYzaO9slEHfg5d9B31AdqjU1aQPUxxZxbNOjNIFc6Ro7YR67 3s0EgfEKKVZHmvVZ2ChICTA2Ln/ckXFiAy/lyBJlx0CmiifNPyVhlGn0ny8+5bBB L2CG5ZKLTLYMWZXRQzJgiZG+4uHLaycwR+E100rcLcZ07ooeS25Wx0Tgfe6hghMy MIITLgYKKwYBBAGCNwMDATGCEx4wghMaBgkqhkiG9w0BBwKgghMLMIITBwIBAzEP MA0GCWCGSAFlAwQCAQUAMIIBPQYLKoZIhvcNAQkQAQSgggEsBIIBKDCCASQCAQEG CisGAQQBhFkKAwEwMTANBglghkgBZQMEAgEFAAQgUrLZiye/Z1cUhRClMHxwiIy4 gZcRB8Ml/65nTr8ulPICBlEBPu7EShgTMjAxMzAyMDkwMDEwNDguODg5WjAHAgEB gAIB9KCBuaSBtjCBszELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv bjENMAsGA1UECxMETU9QUjEnMCUGA1UECxMebkNpcGhlciBEU0UgRVNOOkJCRUMt MzBDQS0yREJFMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNl oIIOxzCCBnEwggRZoAMCAQICCmEJgSoAAAAAAAIwDQYJKoZIhvcNAQELBQAwgYgx CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1p Y3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTEwMDcw MTIxMzY1NVoXDTI1MDcwMTIxNDY1NVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB IDIwMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpHQ28dxGKOiDs /BOX9fp/aZRrdFQQ1aUKAIKF++18aEssX8XD5WHCdrc+Zitb8BVTJwQxH0EbGpUd zgkTjnxhMFmxMEQP8WCIhFRDDNdNuDgIs0Ldk6zWczBXJoKjRQ3Q6vVHgc2/JGAy WGBG8lhHhjKEHnRhZ5FfgVSxz5NMksHEpl3RYRNuKMYa+YaAu99h/EbBJx0kZxJy GiGKr0tkiVBisV39dx898Fd1rL2KQk1AUdEPnAY+Z3/1ZsADlkR+79BL/W7lmsqx qPJ6Kgox8NpOBpG2iAg16HgcsOmZzTznL0S6p/TcZL2kAcEgCZN4zfy8wMlEXV4W nAEFTyJNAgMBAAGjggHmMIIB4jAQBgkrBgEEAYI3FQEEAwIBADAdBgNVHQ4EFgQU 1WM6XIoxkPNDe3xGG8UzaFqFbVUwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEw CwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZWy4/o olxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNy b3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYt MjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5t aWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5j cnQwgaAGA1UdIAEB/wSBlTCBkjCBjwYJKwYBBAGCNy4DMIGBMD0GCCsGAQUFBwIB FjFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vUEtJL2RvY3MvQ1BTL2RlZmF1bHQu aHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAFAAbwBsAGkAYwB5AF8A UwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQAH5ohRDeLG 4Jg/gXEDPZ2joSFvs+umzPUxvs8F4qn++ldtGTCzwsVmyWrf9efweL3HqJ4l4/m8 7WtUVwgrUYJEEvu5U4zM9GASinbMQEBBm9xcF/9c+V4XNZgkVkt070IQyK+/f8Z/ 8jd9Wj8c8pl5SpFSAK84Dxf1L3mBZdmptWvkx872ynoAb0swRCQiPM/tA6WWj1kp vLb9BOFwnzJKJ/1Vry/+tuWOM7tiX5rbV0Dp8c6ZZpCM/2pif93FSguRJuI57BlK cWOdeyFtw5yjojz6f32WapB4pm3S4Zz5Hfw42JT0xqUKloakvZ4argRCg7i1gJsi OCC1JeVk7Pf0v35jWSUPei45V3aicaoGig+JFrphpxHLmtgOR5qAxdDNp9DvfYPw 4TtxCd9ddJgiCGHasFAeb73x4QDf5zEHpJM692VHeOj4qEir995yfmFrb3epgcun Caw5u+zGy9iCtHLNHfS4hQEegPsbiSpUObJb2sgNVZl6h3M7COaYLeqN4DMuEin1 wC9UJyH3yKxO2ii4sanblrKnQqLJzxlBTeCG+SqaoxFmMNO7dDJL32N79ZmKLxvH Ia9Zta7cRDyXUHHXodLFVeNp3lfB0d4wwP3M5k37Db9dT+mdHhk4L7zPWAUu7w2g UDXa7wknHNWzfjUeCLraNtvTX4/edIhJEjCCBNEwggO5oAMCAQICCmEH6j4AAAAA ABAwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw b3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAw HhcNMTIwMTA5MjEzNTM3WhcNMTMwNDA5MjE0NTM3WjCBszELMAkGA1UEBhMCVVMx EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjENMAsGA1UECxMETU9QUjEnMCUGA1UECxMe bkNpcGhlciBEU0UgRVNOOkJCRUMtMzBDQS0yREJFMSUwIwYDVQQDExxNaWNyb3Nv ZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEArLKRs8Ez2L8FlySOHC3g7HEsvCifzy1JVeHvu/zjwUeMjKHpXrLzNxtM lcXvcRU+GocXarhoJaGzJQ405JHlqhitYI9UXw74r+pQ3XJlOyEFABlNPE6HPY7J SRcrTQKXH6XPndfvdKYzWrzNRcna9lrEd8/G7IZ6sBvr2JMYJ1sA2LxRMOMZO7ZN PW8ZEwH6q2qIXHyrAUPszTV3MocYl9I/q7UL8VUrElE4mNlXcFHXcpdanPIZMuqC K7r2shLy1YlcL8zrXktoX8q0CIDMKoge+nFmJoVgoIBBn6tBTj5JxH/YlWjRBaa8 lRbWQENtJ6Xn2kiPB1Dy/m/hsJn0sQIDAQABo4IBGzCCARcwHQYDVR0OBBYEFBw+ TiQkOFKmsJaLPYP6QBzUl3mAMB8GA1UdIwQYMBaAFNVjOlyKMZDzQ3t8RhvFM2ha hW1VMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9w a2kvY3JsL3Byb2R1Y3RzL01pY1RpbVN0YVBDQV8yMDEwLTA3LTAxLmNybDBaBggr BgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0LmNv bS9wa2kvY2VydHMvTWljVGltU3RhUENBXzIwMTAtMDctMDEuY3J0MAwGA1UdEwEB /wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwgwDQYJKoZIhvcNAQELBQADggEBAIx4 LOwvQWC+3K/ovFms3igerIdnL2iSbmkoKdUklRC3S2LU6FmnTwPzyY2nDeZk2AW8 VEqGr62SXhWm6KJ0C6iU+gDItDYfCZsT19FQQd5TuoFwnDzqbtdFMnl2ykE4xVLp WvqXYkTms2oFJJ1Py6IH44wUtQkfWbIqacDBQGAL4zDsSLA7i6cYJbka/mGQbsv7 lxb+Dav3Vxql4hhP/rC6arhdr/J+EAEmhUcgX8bSTPTirnJs2GVgS2mKZhUMEpMh ztXnrToJ8VSvwmh6R9SlWXW0wQNjc0SO+clpfJ3/MXhdKqAQBi7Kg0cLYw1Et9wP LKYMEGUUAdOuqnzPMQChggN5MIICYQIBATCB46GBuaSBtjCBszELMAkGA1UEBhMC VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjENMAsGA1UECxMETU9QUjEnMCUGA1UE CxMebkNpcGhlciBEU0UgRVNOOkJCRUMtMzBDQS0yREJFMSUwIwYDVQQDExxNaWNy b3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiUKAQEwCQYFKw4DAhoFAAMVAMkjHgxV D5VtMurdbnMaFzgx80X/oIHCMIG/pIG8MIG5MQswCQYDVQQGEwJVUzETMBEGA1UE CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z b2Z0IENvcnBvcmF0aW9uMQ0wCwYDVQQLEwRNT1BSMScwJQYDVQQLEx5uQ2lwaGVy IE5UUyBFU046QjAyNy1DNkY4LTFEODgxKzApBgNVBAMTIk1pY3Jvc29mdCBUaW1l IFNvdXJjZSBNYXN0ZXIgQ2xvY2swDQYJKoZIhvcNAQEFBQACBQDUv21+MCIYDzIw MTMwMjA4MTIyNjM4WhgPMjAxMzAyMDkxMjI2MzhaMHcwPQYKKwYBBAGEWQoEATEv MC0wCgIFANS/bX4CAQAwCgIBAAICDhkCAf8wBwIBAAICF04wCgIFANTAvv4CAQAw NgYKKwYBBAGEWQoEAjEoMCYwDAYKKwYBBAGEWQoDAaAKMAgCAQACAxbjYKEKMAgC AQACAwehIDANBgkqhkiG9w0BAQUFAAOCAQEAzQCT6RScPYTOQuFjYFRfluWFOu+H mkaFnRv5AHpyepmEUC5MtCXudCSbDI8hKG9KtMD5ICy1hMrMKMFwXYcSfE0lveqP D/DJMNrrzEJcgDLnv8jkmvjdXhXo3K5NLM8ffxV5Wl8JVVU9Ldm28s0C39oVTOVD h+v+t8iccLZa4t7nGFu1fb7dtYCf9H44+/uxOi4xIMYslVbFRyxK6RVH6w4mtjeQ Gixih2JNGintVyA8AeTNdMwCl8X8TUh8/YYlWW1gZHgQzfGba1qNjPTTFsATd/eB WWyzGQo9ZXIglRKmyGF4orHWjX4Sq15E1rSraqUNBiXQAH4OSrEFhDoUojGCAuMw ggLfAgEBMIGKMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAw DgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24x JjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAgphB+o+AAAA AAAQMA0GCWCGSAFlAwQCAQUAoIIBKTAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQ AQQwLwYJKoZIhvcNAQkEMSIEIGOQwgAVf2pXul5+zbE/dgOk6M9oBkEUEqfheuWf 6IH6MIHZBgsqhkiG9w0BCRACDDGByTCBxjCBwzCBqAQUySMeDFUPlW0y6t1ucxoX ODHzRf8wgY8wgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAIKYQfq PgAAAAAAEDAWBBRflhFLlhbsbPjG85vpBBvIGRjAYzANBgkqhkiG9w0BAQsFAASC AQBjsNknQztyuopS9mEaJ1c1CCKUyjtDZZbajoOBYdpaeTmF6/HivmcxmA/qBdE9 5Wk4ZSz4qFfRah5VwoiQFx37tgHPHoGFOZE7dZzpmj1IObv/cAnBS7Ez/Xx1HGte C4VuvXAq5Up1zmC0RCpAyN6f7C/XNOhN+9YQxCfs/MVdNM8340V6N95JIn62TAij UyxHOSstpwTqG042U0VfEvtk52wQottzWd0ra29wCG8cZAyTb4F+BUCzEEyDoOPr aHzGEOAGuwDeiG6SclVuuDxM9BUsPdWy1xUlQ74eGGB9lEMG9/sHX14VKH0q9kA3 KNa/GX4NdMvMjP1DJzdisFTMAAAAAAAA -----END AUTHENTICODE SIGNATURE----- ++++++ show_hash.sh ++++++ #!/bin/bash # show hash of PE binary set -e infile="$1" if [ -z "$infile" -o ! -e "$infile" ]; then echo "USAGE: $0 file.efi" exit 1 fi nssdir=`mktemp -d` cleanup() { rm -r "$nssdir" } trap cleanup EXIT echo > "$nssdir/pw" certutil -f "$nssdir/pw" -d "$nssdir" -N pesign -n "$nssdir" -h -P -i "$infile" -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
