From: David Howells <dhowells@redhat.com>
To: Rusty Russell <rusty@rustcorp.com.au>
Cc: dhowells@redhat.com, herbert@gondor.hengli.com.au,
pjones@redhat.com, jwboyer@redhat.com,
linux-crypto@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, keyrings@linux-nfs.org
Subject: Re: [GIT PULL] Asymmetric keys and module signing
Date: Fri, 28 Sep 2012 11:31:53 +0100 [thread overview]
Message-ID: <27846.1348828313@warthog.procyon.org.uk> (raw)
In-Reply-To: <87ipay3cof.fsf@rustcorp.com.au>
Hi Rusty,
I've pushed two additional patches. The first makes the X.509 cert signature
use the same hash algorithm as the signatures on the modules - which should
fix the problem you're seeing, I think. The second makes elements of the
names use UTF8 strings, just in case someone wants to use accented characters.
David
---
The following changes since commit 15765081423824e1ccc329264ae13f5ea87f3a85:
MODSIGN: Sign modules during the build process (2012-09-26 10:11:06 +0100)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-modsign.git modsign-post-KS
for you to fetch changes up to 9034de9a2c376229e2309eed7e2c871785b5890f:
MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs (2012-09-28 11:16:57 +0100)
----------------------------------------------------------------
(from the branch description for modsign-post-KS local branch)
post Kernel-Summit module signing
----------------------------------------------------------------
David Howells (2):
MODSIGN: Use the same digest for the autogen key sig as for the module sig
MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
kernel/Makefile | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
next prev parent reply other threads:[~2012-09-28 10:32 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-25 0:07 [GIT PULL] Asymmetric keys and module signing David Howells
2012-09-25 0:11 ` David Howells
2012-09-25 15:09 ` Wrong system clock vs X.509 date specifiers David Howells
2012-09-25 15:30 ` Alan Cox
2012-09-25 15:35 ` David Howells
2012-09-25 15:43 ` Paolo Bonzini
2012-09-25 16:00 ` Alan Cox
2012-09-25 21:57 ` David Howells
2012-09-25 16:02 ` Tomas Mraz
2012-09-25 17:31 ` David Howells
2012-09-25 18:39 ` Tomas Mraz
2013-03-14 10:48 ` David Woodhouse
2013-03-14 12:24 ` [PATCH] Fix x509_key_preparse() not to reject keys outside their validity time range David Woodhouse
2013-03-19 21:06 ` Alexander Holler
2012-09-25 15:44 ` [GIT PULL] Asymmetric keys and module signing Kasatkin, Dmitry
2012-09-25 16:15 ` David Howells
2012-09-26 3:46 ` Rusty Russell
2012-09-26 9:09 ` David Howells
2012-09-27 0:12 ` Rusty Russell
2012-09-27 9:08 ` David Howells
2012-09-28 5:55 ` Rusty Russell
2012-09-28 8:13 ` David Howells
2012-09-28 5:58 ` [PATCH 1/2] modsign: don't use bashism in sh scripts Rusty Russell
2012-09-28 8:10 ` David Howells
2012-10-02 2:24 ` Rusty Russell
2012-09-28 5:59 ` [PATCH 2/2] modules: don't call eu-strip if it doesn't exist Rusty Russell
2012-09-28 8:11 ` David Howells
2012-09-28 6:05 ` [GIT PULL] Asymmetric keys and module signing Rusty Russell
2012-09-28 8:09 ` David Howells
2012-09-29 6:53 ` Rusty Russell
2012-09-29 7:13 ` David Howells
2012-10-01 20:41 ` Josh Boyer
2012-10-02 3:28 ` Rusty Russell
2012-10-02 12:17 ` Josh Boyer
2012-09-29 7:16 ` David Howells
2012-10-02 6:12 ` Rusty Russell
2012-10-02 14:07 ` David Howells
2012-10-03 23:22 ` Rusty Russell
2012-10-09 10:55 ` Kasatkin, Dmitry
2012-10-10 9:37 ` Rusty Russell
2012-09-28 9:23 ` David Howells
2012-09-28 10:31 ` David Howells [this message]
2012-10-03 17:50 ` [patch] MODSIGN: Fix build error with strict typechecking David Rientjes
2012-09-27 2:04 ` [GIT PULL] Asymmetric keys and module signing Mimi Zohar
2012-09-28 6:54 ` Rusty Russell
2012-09-28 6:27 ` Geert Uytterhoeven
2012-09-28 8:00 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=27846.1348828313@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=herbert@gondor.hengli.com.au \
--cc=jwboyer@redhat.com \
--cc=keyrings@linux-nfs.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=pjones@redhat.com \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.