diff options
author | Stefan Berger <stefanb@linux.ibm.com> | 2021-06-29 17:34:21 -0400 |
---|---|---|
committer | Jarkko Sakkinen <jarkko@kernel.org> | 2021-08-23 19:55:42 +0300 |
commit | 83c761f45c4770c99b1a2d12f599cd246a200173 (patch) | |
tree | 21abbf3f88127afa38ad96ddb975d2cd3676d584 /crypto/async_tx/async_raid6_recov.c | |
parent | d301adefbfcd1438dd74ee1e850284c65097a4ad (diff) | |
download | linux-crypto-83c761f45c4770c99b1a2d12f599cd246a200173.tar.gz linux-crypto-83c761f45c4770c99b1a2d12f599cd246a200173.zip |
certs: Add support for using elliptic curve keys for signing modules
Add support for using elliptic curve keys for signing modules. It uses
a NIST P384 (secp384r1) key if the user chooses an elliptic curve key
and will have ECDSA support built into the kernel.
Note: A developer choosing an ECDSA key for signing modules should still
delete the signing key (rm certs/signing_key.*) when building an older
version of a kernel that only supports RSA keys. Unless kbuild automati-
cally detects and generates a new kernel module key, ECDSA-signed kernel
modules will fail signature verification.
Cc: David Howells <dhowells@redhat.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'crypto/async_tx/async_raid6_recov.c')
0 files changed, 0 insertions, 0 deletions