linux-arm.git - Russell King's ARM Linux kernel tree

diff options

author	Mickaël Salaün <mic@linux.microsoft.com>	2021-07-12 19:03:09 +0200
committer	Jarkko Sakkinen <jarkko@kernel.org>	2022-05-23 18:47:49 +0300
commit	58d416351e6df1a41d415958ccdd8eb9c2173fed (patch)
tree	9d6d6733a7358b8039670389504bdb14ef5d682b /certs/blacklist.c
parent	4b0986a3613c92f4ec1bdc7f60ec66fea135991f (diff)

tools/certs: Add print-cert-tbs-hash.sh

Add a new helper print-cert-tbs-hash.sh to generate a TBSCertificate hash from a given certificate. This is useful to generate a blacklist key description used to forbid loading a specific certificate in a keyring, or to invalidate a certificate provided by a PKCS#7 file. This kind of hash formatting is required to populate the file pointed out by CONFIG_SYSTEM_BLACKLIST_HASH_LIST, but only the kernel code was available to understand how to effectively create such hash. Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Eric Snowberg <eric.snowberg@oracle.com> Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/r/20210712170313.884724-2-mic@digikod.net Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

Diffstat (limited to 'certs/blacklist.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: