Lines Matching full:keys
37 Note: Remove all ECDSA signing keys, e.g. certs/signing_key.pem,
43 bool "Provide system-wide ring of trusted keys"
44 depends on KEYS
48 Provide a system keyring to which trusted keys can be added. Keys in
49 the keyring are considered to be trusted. Keys may be added at will
51 userspace may only add extra keys if those keys can be verified by
52 keys already in the keyring.
54 Keys in this keyring are used by module signature checking.
57 string "Additional X.509 keys for default system keyring"
65 NOTE: If you previously provided keys for the system keyring in the
86 bool "Provide a keyring to which extra trustable keys may be added"
89 If set, provide a keyring to which extra keys may be added, provided
90 those keys are not blacklisted and are vouched for by a key built
94 bool "Provide system-wide ring of blacklisted keys"
95 depends on KEYS
97 Provide a system keyring to which blacklisted keys can be added.
98 Keys in the keyring are considered entirely untrusted. Keys in this
132 bool "Allow root to add signed blacklist keys"
136 If set, provide the ability to load new blacklist keys at run time if
139 payload. Blacklist keys cannot be removed.