Lines Matching refs:keys
39 Note: Remove all ECDSA signing keys, e.g. certs/signing_key.pem,
78 bool "Provide system-wide ring of trusted keys"
83 Provide a system keyring to which trusted keys can be added. Keys in
86 userspace may only add extra keys if those keys can be verified by
87 keys already in the keyring.
92 string "Additional X.509 keys for default system keyring"
100 NOTE: If you previously provided keys for the system keyring in the
121 bool "Provide a keyring to which extra trustable keys may be added"
124 If set, provide a keyring to which extra keys may be added, provided
125 those keys are not blacklisted and are vouched for by a key built
130 bool "Only allow additional certs signed by keys on the builtin trusted keyring"
133 If set, only certificates signed by keys on the builtin trusted
139 linking code signing keys with imputed trust to the secondary
143 bool "Provide system-wide ring of blacklisted keys"
146 Provide a system keyring to which blacklisted keys can be added.
181 bool "Allow root to add signed blacklist keys"
185 If set, provide the ability to load new blacklist keys at run time if
188 payload. Blacklist keys cannot be removed.