extract-cert: Cope with multiple X.509 certificates in a single file - linux

diff options

author	David Woodhouse <David.Woodhouse@intel.com>	2015-07-20 22:16:33 +0200
committer	David Howells <dhowells@redhat.com>	2015-08-12 18:01:01 +0200
commit	84706caae9e06363db4f956cde4f9715ce5c0ef3 (patch)
tree	282821472d398da61e41035646ab9a20085db816 /kernel
parent	sign-file: Generate CMS message as signature instead of PKCS#7 (diff)
download	linux-84706caae9e06363db4f956cde4f9715ce5c0ef3.tar.xz linux-84706caae9e06363db4f956cde4f9715ce5c0ef3.zip

extract-cert: Cope with multiple X.509 certificates in a single file

This is not required for the module signing key, although it doesn't do any harm — it just means that any additional certs in the PEM file are also trusted by the kernel. But it does allow us to use the extract-cert tool for processing the extra certs from CONFIG_SYSTEM_TRUSTED_KEYS, instead of that horrid awk|base64 hack. Also cope with being invoked with no input file, creating an empty output file as a result. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>

Diffstat (limited to 'kernel')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: