rpmmacros: update for pesign -h behavior change...

pesign's hash function changed behavior to have its output fields sorted
the same order as sha256sum and similar do.  This patch takes that into
account.

Signed-off-by: Peter Jones <pjones@redhat.com>
This commit is contained in:
Peter Jones 2024-03-14 15:02:33 -04:00
parent f12ed075c6
commit a0b1fc2aa1

View File

@ -75,8 +75,8 @@ version signed by the UEFI signing service. \
# -i <input>
%define hash(a:i:d:) \
pesign -i %{-i*} -h -P > shim.hash \
read file0 hash0 < shim.hash \
read file1 hash1 < %{-d*}/shim%{-a*}.hash \
read hash0 file0 < shim.hash \
read hash1 file1 < %{-d*}/shim%{-a*}.hash \
if ! [ "$hash0" = "$hash1" ]; then \
echo Invalid signature\! > /dev/stderr \
echo $hash0 vs $hash1 \