mirror of
https://github.com/torvalds/linux.git
synced 2024-11-16 17:12:06 +00:00
a4aed36ed5
Add support for using elliptic curve keys for signing modules. It uses a NIST P384 (secp384r1) key if the user chooses an elliptic curve key and will have ECDSA support built into the kernel. Note: A developer choosing an ECDSA key for signing modules should still delete the signing key (rm certs/signing_key.*) when building an older version of a kernel that only supports RSA keys. Unless kbuild automati- cally detects and generates a new kernel module key, ECDSA-signed kernel modules will fail signature verification. Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> |
||
---|---|---|
.. | ||
asym_tpm.c | ||
asymmetric_keys.h | ||
asymmetric_type.c | ||
Kconfig | ||
Makefile | ||
mscode_parser.c | ||
mscode.asn1 | ||
pkcs7_key_type.c | ||
pkcs7_parser.c | ||
pkcs7_parser.h | ||
pkcs7_trust.c | ||
pkcs7_verify.c | ||
pkcs7.asn1 | ||
pkcs8_parser.c | ||
pkcs8.asn1 | ||
public_key.c | ||
restrict.c | ||
signature.c | ||
tpm_parser.c | ||
tpm.asn1 | ||
verify_pefile.c | ||
verify_pefile.h | ||
x509_akid.asn1 | ||
x509_cert_parser.c | ||
x509_parser.h | ||
x509_public_key.c | ||
x509.asn1 |