extract-cert: Cope with multiple X.509 certificates in a single file - wireguard-linux

diff options

author	David Woodhouse <David.Woodhouse@intel.com>	2015-07-20 21:16:33 +0100
committer	David Howells <dhowells@redhat.com>	2015-08-12 17:01:01 +0100
commit	84706caae9e06363db4f956cde4f9715ce5c0ef3 (patch)
tree	282821472d398da61e41035646ab9a20085db816 /kernel/module_signing.c
parent	sign-file: Generate CMS message as signature instead of PKCS#7 (diff)
download	wireguard-linux-84706caae9e06363db4f956cde4f9715ce5c0ef3.tar.xz wireguard-linux-84706caae9e06363db4f956cde4f9715ce5c0ef3.zip

extract-cert: Cope with multiple X.509 certificates in a single file

This is not required for the module signing key, although it doesn't do any harm — it just means that any additional certs in the PEM file are also trusted by the kernel. But it does allow us to use the extract-cert tool for processing the extra certs from CONFIG_SYSTEM_TRUSTED_KEYS, instead of that horrid awk|base64 hack. Also cope with being invoked with no input file, creating an empty output file as a result. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>

Diffstat (limited to 'kernel/module_signing.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: