[kernel-tests] secureboot/pesign should allow shim sign to contain Red Hat

failures like: https://datawarehouse.cki-project.org/kcidb/tests/22501970

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   shim-x64
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 09:35:18 ] :: [   LOG    ] :: shim-x64 RPM version: 16.1-7.el9.x86_64
:: [ 09:35:19 ] :: [   LOG    ] :: Output of 'pesign -i /boot/efi/EFI/BOOT/BOOTX64.EFI -S | tee pesign-log':
:: [ 09:35:19 ] :: [   LOG    ] :: --------------- OUTPUT START ---------------
:: [ 09:35:19 ] :: [   LOG    ] :: ---------------------------------------------
:: [ 09:35:19 ] :: [   LOG    ] :: certificate address is 0x7f6391f607b8
:: [ 09:35:19 ] :: [   LOG    ] :: Content was not encrypted.
:: [ 09:35:19 ] :: [   LOG    ] :: Content is detached; signature cannot be verified.
:: [ 09:35:19 ] :: [   LOG    ] :: The signer's common name is Microsoft Windows UEFI Driver Publisher
:: [ 09:35:19 ] :: [   LOG    ] :: No signer email address.
:: [ 09:35:19 ] :: [   LOG    ] :: No signing time included.
:: [ 09:35:19 ] :: [   LOG    ] :: There were certs or crls included.
:: [ 09:35:19 ] :: [   LOG    ] :: ---------------------------------------------
:: [ 09:35:19 ] :: [   LOG    ] :: certificate address is 0x7f6391f62da8
:: [ 09:35:19 ] :: [   LOG    ] :: Content was not encrypted.
:: [ 09:35:19 ] :: [   LOG    ] :: Content is detached; signature cannot be verified.
:: [ 09:35:19 ] :: [   LOG    ] :: The signer's common name is Microsoft UEFI CA 2023 signer
:: [ 09:35:19 ] :: [   LOG    ] :: No signer email address.
:: [ 09:35:19 ] :: [   LOG    ] :: No signing time included.
:: [ 09:35:19 ] :: [   LOG    ] :: There were certs or crls included.
:: [ 09:35:19 ] :: [   LOG    ] :: ---------------------------------------------
:: [ 09:35:19 ] :: [   LOG    ] :: certificate address is 0x7f6391f652c8
:: [ 09:35:19 ] :: [   LOG    ] :: Content was not encrypted.
:: [ 09:35:19 ] :: [   LOG    ] :: Content is detached; signature cannot be verified.
:: [ 09:35:19 ] :: [   LOG    ] :: The signer's common name is Red Hat UEFI Publisher 2024
:: [ 09:35:19 ] :: [   LOG    ] :: The signer's email address is secalert@redhat.com
:: [ 09:35:19 ] :: [   LOG    ] :: Signing time: Fri Feb 06, 2026
:: [ 09:35:19 ] :: [   LOG    ] :: There were certs or crls included.
:: [ 09:35:19 ] :: [   LOG    ] :: ---------------------------------------------
:: [ 09:35:19 ] :: [   LOG    ] :: ---------------  OUTPUT END  ---------------
:: [ 09:35:19 ] :: [   PASS   ] :: Command 'pesign -i /boot/efi/EFI/BOOT/BOOTX64.EFI -S | tee pesign-log' (Expected 0, got 0)
:: [ 09:35:19 ] :: [   PASS   ] :: File 'pesign-signer' should contain 'Microsoft' 
:: [ 09:35:19 ] :: [   FAIL   ] :: File 'pesign-signer' should not contain 'Red Hat\|Fedora\|CentOS' 
:: [ 09:35:19 ] :: [   PASS   ] :: File 'pesign-log' should not contain 'No signatures found' 
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Duration: 1s
::   Assertions: 3 good, 1 bad
::   RESULT: FAIL (shim-x64)
Red Hat now is included on rhel-9.8 and 10.2. see https://issues.redhat.com/browse/RHEL-144030
Jira: CKI-6512
Edited Feb 16, 2026 by CKI Bot