blob: 1d0931075759dcdaddb2b45f864186f7026d8bb3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
#!/usr/bin/env bash
uki="$3"
[[ -n "$uki" ]] || exit 0
keypairs=(/var/lib/sbctl/keys/db/db.key /var/lib/sbctl/keys/db/db.pem)
for (( i=0; i<${#keypairs[@]}; i+=2 )); do
key="${keypairs[$i]}"
cert="${keypairs[(( i + 1))]}"
if ! sbverify --cert "$cert" "$uki" &>/dev/null; then
sbsign --key "$key" --cert "$cert" --output "$uki" "$uki"
fi
done
|
