| /linux-6.12.1/crypto/asymmetric_keys/ |
| D | pkcs7_trust.c | 27 struct x509_certificate *x509, *last = NULL, *p; in pkcs7_validate_trust_one() local
38 for (x509 = sinfo->signer; x509; x509 = x509->signer) { in pkcs7_validate_trust_one()
39 if (x509->seen) { in pkcs7_validate_trust_one()
40 if (x509->verified) in pkcs7_validate_trust_one()
45 x509->seen = true; in pkcs7_validate_trust_one()
51 x509->id, x509->skid, NULL, false); in pkcs7_validate_trust_one()
59 sinfo->index, x509->index, key_serial(key)); in pkcs7_validate_trust_one()
68 if (x509->signer == x509) { in pkcs7_validate_trust_one()
74 last = x509; in pkcs7_validate_trust_one()
87 x509 = last; in pkcs7_validate_trust_one()
[all …]
|
| D | pkcs7_verify.c | 161 struct x509_certificate *x509; in pkcs7_find_key() local
166 for (x509 = pkcs7->certs; x509; x509 = x509->next, certix++) { in pkcs7_find_key()
172 if (!asymmetric_key_id_same(x509->id, sinfo->sig->auth_ids[0])) in pkcs7_find_key()
177 sinfo->signer = x509; in pkcs7_find_key()
197 struct x509_certificate *x509 = sinfo->signer, *p; in pkcs7_verify_sig_chain() local
208 x509->subject, in pkcs7_verify_sig_chain()
209 x509->raw_serial_size, x509->raw_serial); in pkcs7_verify_sig_chain()
210 x509->seen = true; in pkcs7_verify_sig_chain()
212 if (x509->blacklisted) { in pkcs7_verify_sig_chain()
217 for (p = sinfo->signer; p != x509; p = p->signer) in pkcs7_verify_sig_chain()
[all …]
|
| D | Makefile | 20 x509.asn1.o \
31 $(obj)/x509.asn1.h \
34 $(obj)/x509.asn1.o: $(obj)/x509.asn1.c $(obj)/x509.asn1.h
|
| D | pkcs7_parser.c | 409 struct x509_certificate *x509; in pkcs7_extract_cert() local
428 x509 = x509_cert_parse(value, vlen); in pkcs7_extract_cert()
429 if (IS_ERR(x509)) in pkcs7_extract_cert()
430 return PTR_ERR(x509); in pkcs7_extract_cert()
432 x509->index = ++ctx->x509_index; in pkcs7_extract_cert()
433 pr_debug("Got cert %u for %s\n", x509->index, x509->subject); in pkcs7_extract_cert()
434 pr_debug("- fingerprint %*phN\n", x509->id->len, x509->id->data); in pkcs7_extract_cert()
436 *ctx->ppcerts = x509; in pkcs7_extract_cert()
437 ctx->ppcerts = &x509->next; in pkcs7_extract_cert()
|
| /linux-6.12.1/certs/ |
| D | extract-cert.c | 51 static void write_cert(X509 *x509) in write_cert() argument
59 X509_NAME_oneline(X509_get_subject_name(x509), buf, sizeof(buf)); in write_cert()
60 ERR(!i2d_X509_bio(wb, x509), "%s", cert_dst); in write_cert()
159 X509 *x509; in main() local
165 x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); in main()
166 if (wb && !x509) { in main()
174 ERR(!x509, "%s", cert_src); in main()
175 write_cert(x509); in main()
|
| D | Makefile | 49 -batch -x509 -config $< \
52 $(obj)/signing_key.pem: $(obj)/x509.genkey FORCE
61 $(obj)/x509.genkey:
66 $(obj)/system_certificates.o: $(obj)/signing_key.x509
70 $(obj)/signing_key.x509: extract-cert-in := $(PKCS11_URI)
73 $(obj)/signing_key.x509: $(filter-out $(PKCS11_URI),$(CONFIG_MODULE_SIG_KEY)) $(obj)/extract-cert F…
76 targets += signing_key.x509
|
| D | Kconfig | 68 form of DER-encoded *.x509 files in the top-level build directory,
|
| /linux-6.12.1/scripts/ |
| D | sign-file.c | 184 X509 *x509; in read_x509() local
209 x509 = d2i_X509_bio(b, NULL); in read_x509()
212 x509 = PEM_read_bio_X509(b, NULL, NULL, NULL); in read_x509()
215 ERR(!x509, "%s", x509_name); in read_x509()
217 return x509; in read_x509()
240 X509 *x509; in main() local
309 x509 = read_x509(x509_name); in main()
324 ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo, in main()
333 pkcs7 = PKCS7_sign(x509, private_key, NULL, bm, in main()
|
| D | Makefile.modinst | 108 … cmd_sign = scripts/sign-file $(CONFIG_MODULE_SIG_HASH) "$(sig-key)" certs/signing_key.x509 $@ \
|
| /linux-6.12.1/tools/testing/selftests/bpf/ |
| D | verify_sig_setup.sh | 39 echo "${x509_genkey_content}" > ${tmp_dir}/x509.genkey
42 -batch -x509 -config ${tmp_dir}/x509.genkey \
46 openssl x509 -in ${tmp_dir}/signing_key.pem -out \
|
| /linux-6.12.1/Documentation/admin-guide/ |
| D | module-signing.rst | 145 certs/x509.genkey
153 It is strongly recommended that you provide your own x509.genkey file.
155 Most notably, in the x509.genkey file, the req_distinguished_name section
170 x509.genkey key generation configuration file in the root node of the Linux
174 openssl req -new -nodes -utf8 -sha256 -days 36500 -batch -x509 \
175 -config x509.genkey -outform PEM -out kernel_key.pem \
209 keyctl padd asymmetric "" 0x223c7853 <my_public_key.x509
231 kernel-signkey.x509 module.ko
|
| /linux-6.12.1/ |
| D | .gitignore | 155 signing_key.x509
156 x509.genkey
|
| D | Makefile | 1506 certs/x509.genkey \
|
| /linux-6.12.1/tools/certs/ |
| D | print-cert-tbs-hash.sh | 88 openssl x509 -in - -outform DER | \
|
| /linux-6.12.1/include/linux/ |
| D | kernel_read_file.h | 16 id(X509_CERTIFICATE, x509-certificate) \
|
| /linux-6.12.1/net/wireless/ |
| D | Makefile | 38 $(sort $(wildcard $(CONFIG_CFG80211_EXTRA_REGDB_KEYDIR)/*.x509))
|
| /linux-6.12.1/Documentation/ABI/testing/ |
| D | sysfs-class-firmware-attributes | 440 (x509 .DER format containing an OU). The size of the
|