linux

mirror of https://github.com/torvalds/linux.git synced 2025-11-02 01:29:02 +02:00

History

Stefan Berger a4aed36ed5 certs: Add support for using elliptic curve keys for signing modules Add support for using elliptic curve keys for signing modules. It uses a NIST P384 (secp384r1) key if the user chooses an elliptic curve key and will have ECDSA support built into the kernel. Note: A developer choosing an ECDSA key for signing modules should still delete the signing key (rm certs/signing_key.*) when building an older version of a kernel that only supports RSA keys. Unless kbuild automati- cally detects and generates a new kernel module key, ECDSA-signed kernel modules will fail signature verification. Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>		2021-08-23 19:55:42 +03:00
..
asym_tpm.c	crypto: asym_tpm: correct zero out potential secrets	2020-12-31 10:48:53 +01:00
asymmetric_keys.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
asymmetric_type.c	KEYS: asymmetric: Fix kerneldoc	2021-01-21 16:16:09 +00:00
Kconfig	crypto: asymmetric_keys - select CRYPTO_HASH where needed	2019-06-27 14:28:01 +08:00
Makefile	X.509: Fix modular build of public_key_sm2	2020-10-08 16:39:14 +11:00
mscode.asn1
mscode_parser.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
pkcs7.asn1
pkcs7_key_type.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
pkcs7_parser.c	certs: Add support for using elliptic curve keys for signing modules	2021-08-23 19:55:42 +03:00
pkcs7_parser.h	crypto: asymmetric_keys: fix some comments in pkcs7_parser.h	2021-01-21 16:16:09 +00:00
pkcs7_trust.c	PKCS#7: drop function from kernel-doc pkcs7_validate_trust_one	2021-01-21 16:16:09 +00:00
pkcs7_verify.c	crypto: pkcs7: Use match_string() helper to simplify the code	2021-01-21 16:16:09 +00:00
pkcs8.asn1	KEYS: Implement PKCS#8 RSA Private Key parser [ver #2 ]	2018-10-26 09:30:46 +01:00
pkcs8_parser.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
public_key.c	x509: Add support for parsing x509 certs with ECDSA keys	2021-03-26 19:41:59 +11:00
restrict.c	keys: Update comment for restrict_link_by_key_or_keyring_chain	2021-02-16 10:40:27 +02:00
signature.c	docs: crypto: convert asymmetric-keys.txt to ReST	2020-06-19 14:03:46 -06:00
tpm.asn1	KEYS: Add parser for TPM-based keys [ver #2 ]	2018-10-26 09:30:46 +01:00
tpm_parser.c	KEYS: Add parser for TPM-based keys [ver #2 ]	2018-10-26 09:30:46 +01:00
verify_pefile.c	mm, treewide: rename kzfree() to kfree_sensitive()	2020-08-07 11:33:22 -07:00
verify_pefile.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
x509.asn1	X.509: parse public key parameters from x509 for akcipher	2019-04-18 22:15:02 +08:00
x509_akid.asn1
x509_cert_parser.c	x509: Add OID for NIST P384 and extend parser for it	2021-03-26 19:41:59 +11:00
x509_parser.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36	2019-05-24 17:27:11 +02:00
x509_public_key.c	x509: Add support for parsing x509 certs with ECDSA keys	2021-03-26 19:41:59 +11:00