diff options
Diffstat (limited to 'debian/generate_dbx_list')
| -rwxr-xr-x | debian/generate_dbx_list | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/debian/generate_dbx_list b/debian/generate_dbx_list new file mode 100755 index 00000000..95ec3e9e --- /dev/null +++ b/debian/generate_dbx_list @@ -0,0 +1,27 @@ +#!/bin/sh +# +# Helper script - generate a DBX file for inclusion into a shim build +# +# Takes an input file (e.g. debian-dbx.hashes) with data in the form +# +# <hex-encoded sha256 checksums> <arch> +# +# and generates a siglist of the hashes for just the architecture we +# want. No point including all the hashes for all the arches, it just +# bloats things and slows things down. + +set -e + +ARCH=$1 +IN=$2 +OUT=$3 + +rm -f $OUT +for HASH in $(grep -E "[[:xdigit:]]{32} $ARCH" < $IN | \ + awk '{print $1}' | sort | uniq); do + echo " Adding $HASH to dbx list" + efisiglist -o $OUT -a -h $HASH +done + +# If we have an empty hashes file, create an empty DBX file +touch $OUT |