From 69fcabeddf7e6bd0a7b710818a074ff1126f3b24 Mon Sep 17 00:00:00 2001 From: David Howells Date: Fri, 28 Sep 2012 11:16:57 +0100 Subject: [PATCH] --- yaml --- r: 334313 b: refs/heads/master c: 5e8cb1e441dd74723898cd28fe64af5651023af0 h: refs/heads/master i: 334311: efab349539fc97c19abd3b2e7d480a16e5c0da4d v: v3 --- [refs] | 2 +- trunk/kernel/Makefile | 22 +++++++++++++++++++++- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/[refs] b/[refs] index d3acf77f185f..0ae50a31cca4 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 80d65e58e93ffdabf58202653a0435bd3cf2d82e +refs/heads/master: 5e8cb1e441dd74723898cd28fe64af5651023af0 diff --git a/trunk/kernel/Makefile b/trunk/kernel/Makefile index 111a845460c9..a799029320d1 100644 --- a/trunk/kernel/Makefile +++ b/trunk/kernel/Makefile @@ -149,6 +149,26 @@ kernel/modsign_pubkey.o: signing_key.x509 extra_certificates # fail and that the kernel may be used afterwards. # ############################################################################### +sign_key_with_hash := +ifeq ($(CONFIG_MODULE_SIG_SHA1),y) +sign_key_with_hash := -sha1 +endif +ifeq ($(CONFIG_MODULE_SIG_SHA224),y) +sign_key_with_hash := -sha224 +endif +ifeq ($(CONFIG_MODULE_SIG_SHA256),y) +sign_key_with_hash := -sha256 +endif +ifeq ($(CONFIG_MODULE_SIG_SHA384),y) +sign_key_with_hash := -sha384 +endif +ifeq ($(CONFIG_MODULE_SIG_SHA512),y) +sign_key_with_hash := -sha512 +endif +ifeq ($(sign_key_with_hash),) +$(error Could not determine digest type to use from kernel config) +endif + signing_key.priv signing_key.x509: x509.genkey @echo "###" @echo "### Now generating an X.509 key pair to be used for signing modules." @@ -160,7 +180,7 @@ signing_key.priv signing_key.x509: x509.genkey @echo "###" @echo "### rngd -r /dev/hwrandom" @echo "###" - openssl req -new -nodes -utf8 -sha1 -days 36500 -batch \ + openssl req -new -nodes -utf8 $(sign_key_with_hash) -days 36500 -batch \ -x509 -config x509.genkey \ -outform DER -out signing_key.x509 \ -keyout signing_key.priv