summaryrefslogtreecommitdiffstats
path: root/certs
Commit message (Expand)AuthorAgeFilesLines
* sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3Jan Stancek2024-09-201-30/+73
* sign-file,extract-cert: avoid using deprecated ERR_get_error_line()Jan Stancek2024-09-201-2/+2
* sign-file,extract-cert: move common SSL helper functions to a headerJan Stancek2024-09-202-36/+3
* kbuild: use $(src) instead of $(srctree)/$(src) for source directoryMasahiro Yamada2024-05-101-2/+2
* Merge tag 'v6.7-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/...Linus Torvalds2023-11-021-2/+4
|\
| * module: enable automatic module signing with FIPS 202 SHA-3Dimitri John Ledkov2023-10-271-1/+1
| * certs: Limit MODULE_SIG_KEY_TYPE_ECDSA to SHA384 or SHA512Dimitri John Ledkov2023-10-201-2/+4
* | certs: Only allow certs signed by keys on the builtin keyringMimi Zohar2023-10-311-1/+15
|/
* certs: Reference revocation list for all keyringsEric Snowberg2023-08-171-6/+6
* integrity: PowerVM support for loading third party code signing keysNayna Jain2023-08-171-0/+30
* KEYS: DigitalSignature link restrictionEric Snowberg2023-08-171-0/+49
* KEYS: Add missing function documentationEric Snowberg2023-04-241-3/+11
* Merge tag 'kbuild-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/masa...Linus Torvalds2023-02-261-3/+6
|\
| * kbuild: do not print extra logs for V=2Masahiro Yamada2023-01-221-3/+6
* | certs: don't try to update blacklist keysThomas Weißschuh2023-02-131-9/+12
* | certs: make blacklisted hash available in klogThomas Weißschuh2023-02-131-1/+1
* | certs: Fix build error when PKCS#11 URI contains semicolonJan Luebbe2023-01-311-2/+2
|/
* certs: make system keyring depend on built-in x509 parserMasahiro Yamada2022-09-241-1/+1
* Merge tag 'kbuild-v5.20' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds2022-08-104-15/+43
|\
| * certs: unify blacklist_hashes.c and blacklist_nohashes.cMasahiro Yamada2022-07-273-14/+5
| * certs: move scripts/check-blacklist-hashes.awk to certs/Masahiro Yamada2022-07-272-1/+38
* | certs: make system keyring depend on x509 parserAdam Borowski2022-07-241-0/+1
|/
* Merge tag 'certs-20220621' of git://git.kernel.org/pub/scm/linux/kernel/git/d...Linus Torvalds2022-06-215-75/+9
|\
| * certs: Move load_certificate_list() to be with the asymmetric keys codeDavid Howells2022-06-215-75/+9
* | certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST buildMasahiro Yamada2022-06-153-12/+12
* | certs/blacklist_hashes.c: fix const confusion in certs blacklistMasahiro Yamada2022-06-151-1/+1
|/
* certs: Convert spaces in certs/Makefile to a tabDavid Howells2022-06-101-1/+1
* cert host tools: Stop complaining about deprecated OpenSSL functionsLinus Torvalds2022-06-081-0/+7
* Merge tag 'kbuild-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mas...Linus Torvalds2022-05-261-2/+2
|\
| * kbuild: Allow kernel installation packaging to override pkg-configChun-Tse Shao2022-04-051-2/+2
* | certs: Explain the rationale to call panic()Mickaël Salaün2022-05-231-0/+9
* | certs: Allow root user to append signed hashes to the blacklist keyringMickaël Salaün2022-05-232-21/+85
* | certs: Check that builtin blacklist hashes are validMickaël Salaün2022-05-233-3/+19
* | certs: Make blacklist_vet_description() more strictMickaël Salaün2022-05-231-10/+36
* | certs: Factor out the blacklist hash creationMickaël Salaün2022-05-231-18/+58
|/
* Merge tag 'kbuild-v5.18-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2022-03-312-29/+11
|\
| * certs: simplify empty certs creation in certs/MakefileMasahiro Yamada2022-03-031-10/+11
| * certs: include certs/signing_key.x509 unconditionallyMasahiro Yamada2022-03-032-19/+0
* | KEYS: Introduce link restriction for machine keysEric Snowberg2022-03-081-1/+34
* | KEYS: store reference to machine keyringEric Snowberg2022-03-081-0/+9
|/
* certs: Fix build error when CONFIG_MODULE_SIG_KEY is emptyMasahiro Yamada2022-01-231-1/+1
* certs: Fix build error when CONFIG_MODULE_SIG_KEY is PKCS#11 URIMasahiro Yamada2022-01-231-1/+1
* certs: move scripts/extract-cert to certs/Masahiro Yamada2022-01-083-4/+172
* kbuild: do not quote string values in include/config/auto.confMasahiro Yamada2022-01-081-8/+2
* certs: simplify $(srctree)/ handling and remove config_filename macroMasahiro Yamada2022-01-081-19/+13
* certs: remove misleading comments about GCC PRMasahiro Yamada2022-01-081-2/+0
* certs: refactor file cleaningMasahiro Yamada2022-01-081-4/+5
* certs: remove unneeded -I$(srctree) option for system_certificates.oMasahiro Yamada2022-01-081-3/+0
* certs: unify duplicated cmd_extract_certs and improve the logMasahiro Yamada2022-01-081-6/+3
* certs: use $< and $@ to simplify the key generation ruleMasahiro Yamada2022-01-081-3/+2