summaryrefslogtreecommitdiff
path: root/certs
AgeCommit message (Expand)AuthorFilesLines
2024-09-20sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3Jan Stancek1-30/+73
2024-09-20sign-file,extract-cert: avoid using deprecated ERR_get_error_line()Jan Stancek1-2/+2
2024-09-20sign-file,extract-cert: move common SSL helper functions to a headerJan Stancek2-36/+3
2024-05-10kbuild: use $(src) instead of $(srctree)/$(src) for source directoryMasahiro Yamada1-2/+2
2023-11-02Merge tag 'v6.7-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/...Linus Torvalds1-2/+4
2023-10-31certs: Only allow certs signed by keys on the builtin keyringMimi Zohar1-1/+15
2023-10-27module: enable automatic module signing with FIPS 202 SHA-3Dimitri John Ledkov1-1/+1
2023-10-20certs: Limit MODULE_SIG_KEY_TYPE_ECDSA to SHA384 or SHA512Dimitri John Ledkov1-2/+4
2023-08-17certs: Reference revocation list for all keyringsEric Snowberg1-6/+6
2023-08-17integrity: PowerVM support for loading third party code signing keysNayna Jain1-0/+30
2023-08-17KEYS: DigitalSignature link restrictionEric Snowberg1-0/+49
2023-04-24KEYS: Add missing function documentationEric Snowberg1-3/+11
2023-02-26Merge tag 'kbuild-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/masa...Linus Torvalds1-3/+6
2023-02-13certs: don't try to update blacklist keysThomas Weißschuh1-9/+12
2023-02-13certs: make blacklisted hash available in klogThomas Weißschuh1-1/+1
2023-01-31certs: Fix build error when PKCS#11 URI contains semicolonJan Luebbe1-2/+2
2023-01-22kbuild: do not print extra logs for V=2Masahiro Yamada1-3/+6
2022-09-24certs: make system keyring depend on built-in x509 parserMasahiro Yamada1-1/+1
2022-08-10Merge tag 'kbuild-v5.20' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds4-15/+43
2022-07-27certs: unify blacklist_hashes.c and blacklist_nohashes.cMasahiro Yamada3-14/+5
2022-07-27certs: move scripts/check-blacklist-hashes.awk to certs/Masahiro Yamada2-1/+38
2022-07-24certs: make system keyring depend on x509 parserAdam Borowski1-0/+1
2022-06-21Merge tag 'certs-20220621' of git://git.kernel.org/pub/scm/linux/kernel/git/d...Linus Torvalds5-75/+9
2022-06-21certs: Move load_certificate_list() to be with the asymmetric keys codeDavid Howells5-75/+9
2022-06-15certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST buildMasahiro Yamada3-12/+12
2022-06-15certs/blacklist_hashes.c: fix const confusion in certs blacklistMasahiro Yamada1-1/+1
2022-06-10certs: Convert spaces in certs/Makefile to a tabDavid Howells1-1/+1
2022-06-08cert host tools: Stop complaining about deprecated OpenSSL functionsLinus Torvalds1-0/+7
2022-05-26Merge tag 'kbuild-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds1-2/+2
2022-05-23certs: Explain the rationale to call panic()Mickaël Salaün1-0/+9
2022-05-23certs: Allow root user to append signed hashes to the blacklist keyringMickaël Salaün2-21/+85
2022-05-23certs: Check that builtin blacklist hashes are validMickaël Salaün3-3/+19
2022-05-23certs: Make blacklist_vet_description() more strictMickaël Salaün1-10/+36
2022-05-23certs: Factor out the blacklist hash creationMickaël Salaün1-18/+58
2022-04-05kbuild: Allow kernel installation packaging to override pkg-configChun-Tse Shao1-2/+2
2022-03-31Merge tag 'kbuild-v5.18-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2-29/+11
2022-03-08KEYS: Introduce link restriction for machine keysEric Snowberg1-1/+34
2022-03-08KEYS: store reference to machine keyringEric Snowberg1-0/+9
2022-03-03certs: simplify empty certs creation in certs/MakefileMasahiro Yamada1-10/+11
2022-03-03certs: include certs/signing_key.x509 unconditionallyMasahiro Yamada2-19/+0
2022-01-23certs: Fix build error when CONFIG_MODULE_SIG_KEY is emptyMasahiro Yamada1-1/+1
2022-01-23certs: Fix build error when CONFIG_MODULE_SIG_KEY is PKCS#11 URIMasahiro Yamada1-1/+1
2022-01-08certs: move scripts/extract-cert to certs/Masahiro Yamada3-4/+172
2022-01-08kbuild: do not quote string values in include/config/auto.confMasahiro Yamada1-8/+2
2022-01-08certs: simplify $(srctree)/ handling and remove config_filename macroMasahiro Yamada1-19/+13
2022-01-08certs: remove misleading comments about GCC PRMasahiro Yamada1-2/+0
2022-01-08certs: refactor file cleaningMasahiro Yamada1-4/+5
2022-01-08certs: remove unneeded -I$(srctree) option for system_certificates.oMasahiro Yamada1-3/+0
2022-01-08certs: unify duplicated cmd_extract_certs and improve the logMasahiro Yamada1-6/+3
2022-01-08certs: use $< and $@ to simplify the key generation ruleMasahiro Yamada1-3/+2