test: sign extension images used by TEST-50-DISSECT

(cherry picked from commit c581bc8ad810a7e84952791ec644c569c30bbc56)

diff --git a/test/units/util.sh b/test/units/util.sh
index 6ba7706b024d5e4116b8a2f74ea72bf96a464b74..e2470a27eb5140d892506cc9e5ea29a931406d5f 100755 (executable)
--- a/test/units/util.sh
+++ b/test/units/util.sh
@@ -323,6 +323,13 @@ EOF
         echo MARKER=1 >"$initdir/usr/lib/systemd/system/some_file"
         mksquashfs "$initdir" /tmp/app0.raw -noappend
         veritysetup format /tmp/app0.raw /tmp/app0.verity --root-hash-file /tmp/app0.roothash
+        openssl smime -sign -nocerts -noattr -binary \
+                -in /tmp/app0.roothash \
+                -inkey /usr/share/mkosi.key \
+                -signer /usr/share/mkosi.crt \
+                -outform der \
+                -out /tmp/app0.roothash.p7s
+        chmod go+r /tmp/app0*
 
         initdir="/var/tmp/conf0"
         mkdir -p "$initdir/etc/extension-release.d" "$initdir/etc/systemd/system" "$initdir/opt"
@@ -335,6 +342,13 @@ EOF
         echo MARKER_1 >"$initdir/etc/systemd/system/some_file"
         mksquashfs "$initdir" /tmp/conf0.raw -noappend
         veritysetup format /tmp/conf0.raw /tmp/conf0.verity --root-hash-file /tmp/conf0.roothash
+        openssl smime -sign -nocerts -noattr -binary \
+                -in /tmp/conf0.roothash \
+                -inkey /usr/share/mkosi.key \
+                -signer /usr/share/mkosi.crt \
+                -outform der \
+                -out /tmp/conf0.roothash.p7s
+        chmod go+r /tmp/conf0*
 
         initdir="/var/tmp/app1"
         mkdir -p "$initdir/usr/lib/extension-release.d" "$initdir/usr/lib/systemd/system" "$initdir/opt"