"a4aed36ed5924a05ecfadc470584188bfba2b928" (history) in projects: linux

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched hist:a4aed36ed5924a05ecfadc470584188bfba2b928 (Results 1 – 3 of 3) sorted by relevance

/linux/certs/
H A D	Kconfig	diff a4aed36ed5924a05ecfadc470584188bfba2b928 Tue Jun 29 23:34:21 CEST 2021 Stefan Berger <stefanb@linux.ibm.com> certs: Add support for using elliptic curve keys for signing modules Add support for using elliptic curve keys for signing modules. It uses a NIST P384 (secp384r1) key if the user chooses an elliptic curve key and will have ECDSA support built into the kernel. Note: A developer choosing an ECDSA key for signing modules should still delete the signing key (rm certs/signing_key.*) when building an older version of a kernel that only supports RSA keys. Unless kbuild automati- cally detects and generates a new kernel module key, ECDSA-signed kernel modules will fail signature verification. Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
H A D	Makefile	diff a4aed36ed5924a05ecfadc470584188bfba2b928 Tue Jun 29 23:34:21 CEST 2021 Stefan Berger <stefanb@linux.ibm.com> certs: Add support for using elliptic curve keys for signing modules Add support for using elliptic curve keys for signing modules. It uses a NIST P384 (secp384r1) key if the user chooses an elliptic curve key and will have ECDSA support built into the kernel. Note: A developer choosing an ECDSA key for signing modules should still delete the signing key (rm certs/signing_key.*) when building an older version of a kernel that only supports RSA keys. Unless kbuild automati- cally detects and generates a new kernel module key, ECDSA-signed kernel modules will fail signature verification. Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
/linux/crypto/asymmetric_keys/
H A D	pkcs7_parser.c	diff a4aed36ed5924a05ecfadc470584188bfba2b928 Tue Jun 29 23:34:21 CEST 2021 Stefan Berger <stefanb@linux.ibm.com> certs: Add support for using elliptic curve keys for signing modules Add support for using elliptic curve keys for signing modules. It uses a NIST P384 (secp384r1) key if the user chooses an elliptic curve key and will have ECDSA support built into the kernel. Note: A developer choosing an ECDSA key for signing modules should still delete the signing key (rm certs/signing_key.*) when building an older version of a kernel that only supports RSA keys. Unless kbuild automati- cally detects and generates a new kernel module key, ECDSA-signed kernel modules will fail signature verification. Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>