/linux-6.1.9/crypto/asymmetric_keys/ |
D | pkcs7_trust.c | 27 struct x509_certificate *x509, *last = NULL, *p; in pkcs7_validate_trust_one() local 38 for (x509 = sinfo->signer; x509; x509 = x509->signer) { in pkcs7_validate_trust_one() 39 if (x509->seen) { in pkcs7_validate_trust_one() 40 if (x509->verified) in pkcs7_validate_trust_one() 45 x509->seen = true; in pkcs7_validate_trust_one() 51 x509->id, x509->skid, NULL, false); in pkcs7_validate_trust_one() 59 sinfo->index, x509->index, key_serial(key)); in pkcs7_validate_trust_one() 68 if (x509->signer == x509) { in pkcs7_validate_trust_one() 74 last = x509; in pkcs7_validate_trust_one() 87 x509 = last; in pkcs7_validate_trust_one() [all …]
|
D | pkcs7_verify.c | 161 struct x509_certificate *x509; in pkcs7_find_key() local 166 for (x509 = pkcs7->certs; x509; x509 = x509->next, certix++) { in pkcs7_find_key() 172 if (!asymmetric_key_id_same(x509->id, sinfo->sig->auth_ids[0])) in pkcs7_find_key() 177 sinfo->signer = x509; in pkcs7_find_key() 197 struct x509_certificate *x509 = sinfo->signer, *p; in pkcs7_verify_sig_chain() local 208 x509->subject, in pkcs7_verify_sig_chain() 209 x509->raw_serial_size, x509->raw_serial); in pkcs7_verify_sig_chain() 210 x509->seen = true; in pkcs7_verify_sig_chain() 212 if (x509->blacklisted) { in pkcs7_verify_sig_chain() 217 for (p = sinfo->signer; p != x509; p = p->signer) in pkcs7_verify_sig_chain() [all …]
|
D | Makefile | 20 x509.asn1.o \ 28 $(obj)/x509.asn1.h \ 31 $(obj)/x509.asn1.o: $(obj)/x509.asn1.c $(obj)/x509.asn1.h
|
D | pkcs7_parser.c | 407 struct x509_certificate *x509; in pkcs7_extract_cert() local 426 x509 = x509_cert_parse(value, vlen); in pkcs7_extract_cert() 427 if (IS_ERR(x509)) in pkcs7_extract_cert() 428 return PTR_ERR(x509); in pkcs7_extract_cert() 430 x509->index = ++ctx->x509_index; in pkcs7_extract_cert() 431 pr_debug("Got cert %u for %s\n", x509->index, x509->subject); in pkcs7_extract_cert() 432 pr_debug("- fingerprint %*phN\n", x509->id->len, x509->id->data); in pkcs7_extract_cert() 434 *ctx->ppcerts = x509; in pkcs7_extract_cert() 435 ctx->ppcerts = &x509->next; in pkcs7_extract_cert()
|
/linux-6.1.9/certs/ |
D | extract-cert.c | 83 static void write_cert(X509 *x509) in write_cert() argument 91 X509_NAME_oneline(X509_get_subject_name(x509), buf, sizeof(buf)); in write_cert() 92 ERR(!i2d_X509_bio(wb, x509), "%s", cert_dst); in write_cert() 146 X509 *x509; in main() local 152 x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); in main() 153 if (wb && !x509) { in main() 161 ERR(!x509, "%s", cert_src); in main() 162 write_cert(x509); in main()
|
D | Makefile | 49 -batch -x509 -config $< \ 52 $(obj)/signing_key.pem: $(obj)/x509.genkey FORCE 61 $(obj)/x509.genkey: 66 $(obj)/system_certificates.o: $(obj)/signing_key.x509 70 $(obj)/signing_key.x509: extract-cert-in := $(PKCS11_URI) 73 $(obj)/signing_key.x509: $(filter-out $(PKCS11_URI),$(CONFIG_MODULE_SIG_KEY)) $(obj)/extract-cert F… 76 targets += signing_key.x509
|
D | Kconfig | 66 form of DER-encoded *.x509 files in the top-level build directory,
|
/linux-6.1.9/scripts/ |
D | sign-file.c | 180 X509 *x509; in read_x509() local 205 x509 = d2i_X509_bio(b, NULL); in read_x509() 208 x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); in read_x509() 211 ERR(!x509, "%s", x509_name); in read_x509() 213 return x509; in read_x509() 236 X509 *x509; in main() local 305 x509 = read_x509(x509_name); in main() 320 ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo, in main() 329 pkcs7 = PKCS7_sign(x509, private_key, NULL, bm, in main()
|
D | Makefile.modinst | 71 cmd_sign = scripts/sign-file $(CONFIG_MODULE_SIG_HASH) $(sig-key) certs/signing_key.x509 $@ \
|
/linux-6.1.9/tools/testing/selftests/bpf/ |
D | verify_sig_setup.sh | 39 echo "${x509_genkey_content}" > ${tmp_dir}/x509.genkey 42 -batch -x509 -config ${tmp_dir}/x509.genkey \ 46 openssl x509 -in ${tmp_dir}/signing_key.pem -out \
|
/linux-6.1.9/Documentation/admin-guide/ |
D | module-signing.rst | 144 certs/x509.genkey 148 It is strongly recommended that you provide your own x509.genkey file. 150 Most notably, in the x509.genkey file, the req_distinguished_name section 165 x509.genkey key generation configuration file in the root node of the Linux 169 openssl req -new -nodes -utf8 -sha256 -days 36500 -batch -x509 \ 170 -config x509.genkey -outform PEM -out kernel_key.pem \ 204 keyctl padd asymmetric "" 0x223c7853 <my_public_key.x509 226 kernel-signkey.x509 module.ko
|
/linux-6.1.9/ |
D | .gitignore | 146 signing_key.x509 147 x509.genkey
|
D | Makefile | 1598 certs/x509.genkey \
|
/linux-6.1.9/tools/certs/ |
D | print-cert-tbs-hash.sh | 88 openssl x509 -in - -outform DER | \
|
/linux-6.1.9/include/linux/ |
D | kernel_read_file.h | 16 id(X509_CERTIFICATE, x509-certificate) \
|
/linux-6.1.9/net/wireless/ |
D | Makefile | 37 $(wildcard $(CONFIG_CFG80211_EXTRA_REGDB_KEYDIR)/*.x509)
|