Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.6.131 2022-05-23T15:47:49+00:00 2022-05-23T15:47:49+00:00 Mickaël Salaün mic@linux.microsoft.com 2021-07-12T17:03:09+00:00 urn:sha1:58d416351e6df1a41d415958ccdd8eb9c2173fed Add a new helper print-cert-tbs-hash.sh to generate a TBSCertificate hash from a given certificate. This is useful to generate a blacklist key description used to forbid loading a specific certificate in a keyring, or to invalidate a certificate provided by a PKCS#7 file. This kind of hash formatting is required to populate the file pointed out by CONFIG_SYSTEM_BLACKLIST_HASH_LIST, but only the kernel code was available to understand how to effectively create such hash. Cc: David Howells <dhowells@redhat.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Eric Snowberg <eric.snowberg@oracle.com> Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/r/20210712170313.884724-2-mic@digikod.net Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>