Source: shim-signed
Section: utils
Priority: optional
Maintainer: Steve Langasek <vorlon@debian.org>
Build-Depends: debhelper (>= 9),
# Need shim version 0.9+1474479173.6c180c6-1 so we can check the
# signature on the right version of shim
 shim (= 0.9+1474479173.6c180c6-1),
# sbsigntool version 0.6-3.2 (newer versions do different things with
# padding and the signatures don't match correctly)
 sbsigntool (= 0.6-3.2), po-debconf
Standards-Version: 3.9.4

Package: shim-signed
Architecture: amd64
Depends: ${misc:Depends}, grub-efi-amd64-bin, grub2-common (>= 2.02~beta2-36ubuntu12), mokutil
Replaces: shim (= ${shim:Version})
Recommends: secureboot-db
Built-Using: shim (= ${shim:Version})
Description: Secure Boot chain-loading bootloader (Microsoft-signed binary)
 This package provides a minimalist boot loader which allows verifying
 signatures of other UEFI binaries against either the Secure Boot DB/DBX or
 against a built-in signature database.  Its purpose is to allow a small,
 infrequently-changing binary to be signed by the UEFI CA, while allowing
 an OS distributor to revision their main bootloader independently of the CA.
 .
 This package contains the version of the bootloader binary signed by the
 Microsoft UEFI CA.
