The package builds successfully on vivid but fails on wily. sbsigntool has not changed since vivid. Upgrading to the wily version of libssl1.0.0 in a vivid chroot reproduces the failure.
I'm not sure if this is a regression in libssl1.0.0 or a bug in sbsigntool.
An upload of shim-signed with no source changes is now failing to build in wily, because sbverify fails:
sbverify --cert MicCorUEFCA2011 _2011-06- 27.crt shim.efi.signed 68:error: 21075075: PKCS7 routines: PKCS7_verify: certificate verify error:pk7_ smime.c: 328:Verify error:unable to get issuer certificate
warning: data remaining[1170360 vs 1289424]: gaps between PE/COFF sections?
PKCS7 verification failed
1399198111883
Signature verification failed
(https:/ /launchpad. net/ubuntu/ +source/ shim-signed/ 1.10/+build/ 7652431)
The package builds successfully on vivid but fails on wily. sbsigntool has not changed since vivid. Upgrading to the wily version of libssl1.0.0 in a vivid chroot reproduces the failure.
I'm not sure if this is a regression in libssl1.0.0 or a bug in sbsigntool.