From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Howells Subject: Re: [GIT PULL] Asymmetric keys and module signing Date: Fri, 28 Sep 2012 11:31:53 +0100 Message-ID: <27846.1348828313@warthog.procyon.org.uk> References: <87ipay3cof.fsf@rustcorp.com.au> <87bogs492s.fsf@rustcorp.com.au> <87ehlp30pd.fsf@rustcorp.com.au> <5555.1348531649@warthog.procyon.org.uk> <8168.1348650575@warthog.procyon.org.uk> <16088.1348736905@warthog.procyon.org.uk> Cc: dhowells@redhat.com, herbert@gondor.hengli.com.au, pjones@redhat.com, jwboyer@redhat.com, linux-crypto@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, keyrings@linux-nfs.org To: Rusty Russell Return-path: Received: from mx1.redhat.com ([209.132.183.28]:27765 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751294Ab2I1KcE (ORCPT ); Fri, 28 Sep 2012 06:32:04 -0400 In-Reply-To: <87ipay3cof.fsf@rustcorp.com.au> Sender: linux-crypto-owner@vger.kernel.org List-ID: Hi Rusty, I've pushed two additional patches. The first makes the X.509 cert signature use the same hash algorithm as the signatures on the modules - which should fix the problem you're seeing, I think. The second makes elements of the names use UTF8 strings, just in case someone wants to use accented characters. David --- The following changes since commit 15765081423824e1ccc329264ae13f5ea87f3a85: MODSIGN: Sign modules during the build process (2012-09-26 10:11:06 +0100) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-modsign.git modsign-post-KS for you to fetch changes up to 9034de9a2c376229e2309eed7e2c871785b5890f: MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs (2012-09-28 11:16:57 +0100) ---------------------------------------------------------------- (from the branch description for modsign-post-KS local branch) post Kernel-Summit module signing ---------------------------------------------------------------- David Howells (2): MODSIGN: Use the same digest for the autogen key sig as for the module sig MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs kernel/Makefile | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-)