/openbmc/openbmc/meta-openembedded/meta-networking/recipes-connectivity/freeradius/files/ |
H A D | 0013-raddb-certs-Makefile-fix-the-occasional-verification.patch | 11 openssl pkcs12 -in server.p12 -out server.pem -passin pass:'whatever' -passout pass:'whatever' 12 chmod g+r server.pem 17 error server.pem: verification failed 20 It seems the ca.pem mismatchs server.pem which results in failing to 21 execute "openssl verify -CAfile ca.pem server.pem", so add to check 45 ca.key ca.pem: ca.cnf 48 - $(OPENSSL) req -new -x509 -keyout ca.key -out ca.pem \ 49 + @[ -f ca.pem ] || $(OPENSSL) req -new -x509 -keyout ca.key -out ca.pem \ 54 ca.der: ca.pem 55 - $(OPENSSL) x509 -inform PEM -outform DER -in ca.pem -out ca.der [all …]
|
H A D | 0012-raddb-certs-Makefile-fix-the-existed-certificate-err.patch | 9 openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -ext… 38 server.crt: ca.key ca.pem server.csr 39 - $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key $(PASSWORD_CA) -out server… 40 + @[ -f server.crt ] || $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key $(PA… 47 client.crt: ca.key ca.pem client.csr 48 - $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key $(PASSWORD_CA) -out client… 49 + @[ -f client.crt ] || $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key $(PA…
|
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/xmlsec1/xmlsec1/ |
H A D | run-ptest | 13 ./sign1 sign1-tmpl.xml rsakey.pem > sign1-res.xml 14 ./verify1 sign1-res.xml rsapub.pem 19 ./sign2 sign2-doc.xml rsakey.pem > sign2-res.xml 20 ./verify1 sign2-res.xml rsapub.pem 25 ./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml 26 ./verify3 sign3-res.xml ca2cert.pem cacert.pem 31 ./verify1 sign1-res.xml rsapub.pem 32 ./verify1 sign2-res.xml rsapub.pem 37 ./verify2 sign1-res.xml rsakey.pem 38 ./verify2 sign2-res.xml rsakey.pem [all …]
|
/openbmc/openbmc/meta-google/recipes-google/google-bios-key/ |
H A D | google-bios-key.bb | 9 file://platforms_secure.pem \ 10 file://platforms_bringup.pem \ 14 FILES:${PN} += "${datadir}/google-bios-key/platforms_secure.pem" 15 FILES:${PN} += "${datadir}/google-bios-key/platforms_bringup.pem" 16 FILES:${PN} += "${datadir}/platforms_secure.pem" 17 FILES:${PN} += "${datadir}/platforms_bringup.pem" 21 install -m 0644 ${UNPACKDIR}/platforms_secure.pem ${D}${datadir}/google-bios-key 22 install -m 0644 ${UNPACKDIR}/platforms_bringup.pem ${D}${datadir}/google-bios-key 24 ln -s -r ${D}${datadir}/google-bios-key/platforms_secure.pem ${D}${datadir}/platforms_secure.pem 25 … ln -s -r ${D}${datadir}/google-bios-key/platforms_bringup.pem ${D}${datadir}/platforms_bringup.pem
|
/openbmc/qemu/docs/system/ |
H A D | tls.rst | 54 # certtool --generate-privkey > ca-key.pem 67 --load-privkey ca-key.pem \ 69 --outfile ca-cert.pem 74 be used for signing other keys. The generated ``ca-cert.pem`` file 76 support in the VNC server. The ``ca-key.pem`` must not be 124 # certtool --generate-privkey > server-hostNNN-key.pem 126 --load-ca-certificate ca-cert.pem \ 127 --load-ca-privkey ca-key.pem \ 128 --load-privkey server-hostNNN-key.pem \ 130 --outfile server-hostNNN-cert.pem [all …]
|
/openbmc/openbmc/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow/ |
H A D | 0001-generate-not-static-get_dh-functions.patch | 19 @@ -113,8 +113,9 @@ lib/dhparams.c: lib/dh1024.pem lib/dh2048.pem lib/dh4096.pem 21 openssl dhparam -C -in $(srcdir)/lib/dh1024.pem -noout && \ 22 openssl dhparam -C -in $(srcdir)/lib/dh2048.pem -noout && \ 23 - openssl dhparam -C -in $(srcdir)/lib/dh4096.pem -noout) \ 25 + openssl dhparam -C -in $(srcdir)/lib/dh4096.pem -noout) | \
|
/openbmc/openbmc/meta-openembedded/meta-oe/classes/ |
H A D | signing.bbclass | 137 # signing_import_cert_chain_from_pem <role> <pem> 152 local pem="${2}" 155 cat "${pem}" | \ 156 while openssl x509 -inform pem -outform der -out ${B}/temp_${i}.der; do 162 echo "imported ${pem} under role: ${role}_${i}" 167 # signing_import_cert_from_pem <role> <pem> 173 local pem="${2}" 176 -in "${pem}" -inform pem -outform der | 190 # signing_import_pubkey_from_pem <role> <pem> 196 local pem="${2}" [all …]
|
/openbmc/docs/security/ |
H A D | TLS-configuration.md | 123 openssl genrsa -out CA-key.pem 2048 131 openssl req -new -config openssl-client.cnf -key CA-key.pem -x509 -days 1000 -out CA-cert.pem 142 openssl genrsa -out client-key.pem 2048 152 openssl req -new -config openssl-client.cnf -key client-key.pem -out signingReqClient.csr 155 Sign the certificate using your `CA-cert.pem` certificate with following 159 …-days 365 -in signingReqClient.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out client-c… 162 The file `client-cert.pem` now contains a signed client certificate. 174 openssl genrsa -out server-key.pem 2048 186 openssl req -new -config openssl-server.cnf -key server-key.pem -out signingReqServer.csr 189 Sign the certificate using your `CA-cert.pem` certificate with following [all …]
|
/openbmc/openbmc/meta-security/meta-integrity/scripts/ |
H A D | ima-gen-CA-signed.sh | 18 CA=${1:-ima-local-ca.pem} 45 -out csr_ima.pem -keyout privkey_ima.pem \ 47 openssl x509 -req -in csr_ima.pem -days 36500 -extfile $GENKEY -extensions v3_usr \
|
/openbmc/openbmc/meta-security/meta-integrity/data/debug-keys/ |
H A D | README.md | 6 - ima-local-ca.pem: The CA's self-signed certificate 7 - privkey_ima.pem: IMA & EVM private key used for signing files 8 - x509_ima.der: Certificate containing public key (of privkey_ima.pem) to verify signatures 16 openssl verify -CAfile ima-local-ca.pem x509_ima.der
|
/openbmc/openbmc/meta-openembedded/meta-python/recipes-devtools/python/python3-pyasn1-modules/ |
H A D | 0001-Stop-using-pyasn1.compat.octets.patch | 32 from pyasn1_modules import pem 54 from pyasn1_modules import pem 75 from pyasn1_modules import pem 96 from pyasn1_modules import pem 117 from pyasn1_modules import pem 138 from pyasn1_modules import pem 148 substrate = pem.readBase64fromText(self.encrypted_key_pkg_pem_text) 170 from pyasn1_modules import pem
|
/openbmc/phosphor-certificate-manager/ |
H A D | x509_utils.cpp | 236 std::unique_ptr<X509, decltype(&::X509_free)> parseCert(const std::string& pem) in parseCert() argument 238 if (pem.size() > INT_MAX) in parseCert() 251 BIOMemPtr bioCert(BIO_new_mem_buf(pem.data(), static_cast<int>(pem.size())), in parseCert() 257 "PEM", pem); in parseCert()
|
H A D | certificate.cpp | 92 void dumpCertificate(const std::string& pem, const std::string& certFilePath) in dumpCertificate() argument 102 outputCertFileStream << pem << "\n" << std::flush; in dumpCertificate() 109 "ERR", e, "SRC_PEM", pem, "DST", certFilePath); in dumpCertificate() 257 const std::string& pem, Watch* watchPtr, in Certificate() argument 269 install(x509Store, pem, restore); in Certificate() 383 void Certificate::install(X509_STORE& x509Store, const std::string& pem, in install() argument 388 lg2::debug("Certificate install, PEM_STR:{PEM_STR}", "PEM_STR", pem); in install() 392 lg2::info("Certificate install, PEM_STR:{PEM_STR} ", "PEM_STR", pem); in install() 410 internal::X509Ptr cert = parseCert(pem); in install() 417 dumpCertificate(pem, certFilePath); in install()
|
H A D | config.h.in | 14 inline constexpr char defaultPrivateKeyFileName[] = "privkey.pem"; 17 inline constexpr char defaultRSAPrivateKeyFileName[] = ".rsaprivkey.pem";
|
/openbmc/linux/tools/testing/selftests/bpf/ |
H A D | verify_sig_setup.sh | 43 -outform PEM -out ${tmp_dir}/signing_key.pem \ 44 -keyout ${tmp_dir}/signing_key.pem 2>&1 46 openssl x509 -in ${tmp_dir}/signing_key.pem -out \
|
/openbmc/openbmc/meta-aspeed/recipes-bsp/u-boot/ |
H A D | u-boot-aspeed-sdk_2019.04.bb | 12 …file://rsa_oem_dss_key.pem;sha256sum=64a379979200d39949d3e5b0038e3fdd5548600b2f7077a17e35422336075… 13 …file://rsa_pub_oem_dss_key.pem;sha256sum=40132a694a10af2d1b094b1cb5adab4d6b4db2a35e02d848b2b6a85e6… 17 SOCSEC_SIGN_KEY ?= "${UNPACKDIR}/rsa_oem_dss_key.pem"
|
/openbmc/openbmc/meta-security/meta-integrity/classes/ |
H A D | kernel-modsign.bbclass | 9 MODSIGN_PRIVKEY ?= "${MODSIGN_KEY_DIR}/privkey_modsign.pem" 23 > "${B}/modsign_key.pem" 30 cp modsign_key.pem $kerneldir/
|
/openbmc/linux/Documentation/hwmon/ |
H A D | lineage-pem.rst | 1 Kernel driver lineage-pem 8 Prefix: 'lineage-pem' 41 $ modprobe lineage-pem 42 $ echo lineage-pem 0x40 > /sys/bus/i2c/devices/i2c-1/new_device
|
/openbmc/linux/certs/ |
H A D | Makefile | 43 ifeq ($(CONFIG_MODULE_SIG_KEY),certs/signing_key.pem) 52 $(obj)/signing_key.pem: $(obj)/x509.genkey FORCE 55 targets += signing_key.pem
|
/openbmc/openbmc/meta-hpe/meta-gxp/classes/ |
H A D | gxp2-bootblock-n.bbclass | 17 …all -m 644 ${HPE_GXP_KEY_FILES_DIR}/customer_private_key.pem ${DEPLOYDIR}/hpe-uboot-signing-key.pem
|
H A D | gxp-bootblock-n.bbclass | 16 install -m 644 ${HPE_GXP_KEY_FILES_DIR}/private_key.pem ${DEPLOYDIR}/hpe-uboot-signing-key.pem
|
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/xrdp/ |
H A D | xrdp_0.9.20.bb | 85 if test ! -s ${sysconfdir}/xrdp/cert.pem 88 -keyout ${sysconfdir}/xrdp/key.pem \ 89 -out ${sysconfdir}/xrdp/cert.pem \ 91 chmod 400 ${sysconfdir}/xrdp/key.pem
|
/openbmc/openbmc-test-automation/lib/ |
H A D | certificate_utils.robot | 70 ... BMC Execute Command cat /etc/nslcd/certs/cert.pem 91 ... ${SPACE}-keyout ${cert_dir_name}/cert.pem -out ${cert_dir_name}/cert.pem 97 ... ${EXECDIR}${/}${cert_dir_name}${/}cert.pem 100 ... ${EXECDIR}${/}${cert_dir_name}${/}cert.pem 109 ... OperatingSystem.Get File ${EXECDIR}${/}${cert_dir_name}${/}cert.pem 117 ... OperatingSystem.Get File ${EXECDIR}${/}${cert_dir_name}${/}cert.pem 127 ${cert_name}= Catenate SEPARATOR= ${random_name} .pem 184 ... Set Variable /etc/nslcd/certs/cert.pem phosphor-certificate-manager@nslcd.service
|
/openbmc/u-boot/doc/imx/habv4/csf_examples/mx6_mx7/ |
H A D | csf_uboot.txt | 16 File = "../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem" 26 File= "../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"
|
/openbmc/u-boot/doc/imx/habv4/csf_examples/additional_images/ |
H A D | csf_additional_images.txt | 16 File = "../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem" 26 File= "../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"
|