| Kconfig (56c5812623f95313f6a46fbf0beee7fa17c68bbf) | Kconfig (d1f044103dad70c1cec0a8f3abdf00834fec8b98) |
|---|---|
| 1# SPDX-License-Identifier: GPL-2.0 2menu "Certificates for signature checking" 3 4config MODULE_SIG_KEY 5 string "File name or PKCS#11 URI of module signing key" 6 default "certs/signing_key.pem" 7 depends on MODULE_SIG 8 help --- 78 unchanged lines hidden (view full) --- 87 bool "Provide system-wide ring of revocation certificates" 88 depends on SYSTEM_BLACKLIST_KEYRING 89 depends on PKCS7_MESSAGE_PARSER=y 90 help 91 If set, this allows revocation certificates to be stored in the 92 blacklist keyring and implements a hook whereby a PKCS#7 message can 93 be checked to see if it matches such a certificate. 94 | 1# SPDX-License-Identifier: GPL-2.0 2menu "Certificates for signature checking" 3 4config MODULE_SIG_KEY 5 string "File name or PKCS#11 URI of module signing key" 6 default "certs/signing_key.pem" 7 depends on MODULE_SIG 8 help --- 78 unchanged lines hidden (view full) --- 87 bool "Provide system-wide ring of revocation certificates" 88 depends on SYSTEM_BLACKLIST_KEYRING 89 depends on PKCS7_MESSAGE_PARSER=y 90 help 91 If set, this allows revocation certificates to be stored in the 92 blacklist keyring and implements a hook whereby a PKCS#7 message can 93 be checked to see if it matches such a certificate. 94 |
| 95config SYSTEM_REVOCATION_KEYS 96 string "X.509 certificates to be preloaded into the system blacklist keyring" 97 depends on SYSTEM_REVOCATION_LIST 98 help 99 If set, this option should be the filename of a PEM-formatted file 100 containing X.509 certificates to be included in the default blacklist 101 keyring. 102 |
|
| 95endmenu | 103endmenu |