projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fc3225f) | patch
certs: Limit MODULE_SIG_KEY_TYPE_ECDSA to SHA384 or SHA512
authorDimitri John Ledkov <dimitri.ledkov@canonical.com>
Tue, 10 Oct 2023 21:27:55 +0000 (22:27 +0100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Fri, 20 Oct 2023 05:39:26 +0000 (13:39 +0800)
commitd4f5bfe20da9fa54024a73a9c60aea45e572d786
treea96f98c4ba9daf369dadce52be7f999fcde8c65etree | snapshot
parentfc3225fd6f1e6ac07a8463e7751ecfa228880c71commit | diff
certs: Limit MODULE_SIG_KEY_TYPE_ECDSA to SHA384 or SHA512

NIST FIPS 186-5 states that it is recommended that the security
strength associated with the bit length of n and the security strength
of the hash function be the same, or higher upon agreement. Given NIST
P384 curve is used, force using either SHA384 or SHA512.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
certs/Kconfig diff | blob | history
ep93xx device tree rework repo: git://git.maquefel.me/linux.git