tools/certs: Add print-cert-tbs-hash.shAdd a new helper print-cert-tbs-hash.sh to generate a TBSCertificatehash from a given certificate. This is useful to generate a blacklistkey description us
tools/certs: Add print-cert-tbs-hash.shAdd a new helper print-cert-tbs-hash.sh to generate a TBSCertificatehash from a given certificate. This is useful to generate a blacklistkey description used to forbid loading a specific certificate in akeyring, or to invalidate a certificate provided by a PKCS#7 file.This kind of hash formatting is required to populate the file pointedout by CONFIG_SYSTEM_BLACKLIST_HASH_LIST, but only the kernel code wasavailable to understand how to effectively create such hash.Cc: David Howells <dhowells@redhat.com>Cc: David Woodhouse <dwmw2@infradead.org>Cc: Eric Snowberg <eric.snowberg@oracle.com>Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>Link: https://lore.kernel.org/r/20210712170313.884724-2-mic@digikod.netSigned-off-by: Jarkko Sakkinen <jarkko@kernel.org>
show more ...