mirror of
https://git.code.sf.net/p/linux-ima/ima-evm-utils
synced 2025-07-01 21:31:14 +02:00
Deprecate IMA signature version 1
The original IMA file signatures were based on a SHA1 hash. Kernel support for other hash algorithms was subsequently upstreamed. Deprecate "--rsa" support. Define "--enable-sigv1" option to configure signature v1 support. Reviewed-by: Petr Vorel <pvorel@suse.cz> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar
@ -49,6 +49,11 @@ AC_ARG_ENABLE([openssl_conf],
|
||||
AC_DEFINE(DISABLE_OPENSSL_CONF, 1, [Define to disable loading of openssl config by evmctl.])
|
||||
fi], [enable_openssl_conf=yes])
|
||||
|
||||
AC_ARG_ENABLE(sigv1,
|
||||
AS_HELP_STRING([--enable-sigv1], [Build ima-evm-utils with signature v1 support]))
|
||||
AM_CONDITIONAL([CONFIG_SIGV1], [test "x$enable_sigv1" = "xyes"])
|
||||
AS_IF([test "$enable_sigv1" != "yes"], [enable_sigv1="no"])
|
||||
|
||||
#debug support - yes for a while
|
||||
PKG_ARG_ENABLE(debug, "yes", DEBUG, [Enable Debug support])
|
||||
if test $pkg_cv_enable_debug = yes; then
|
||||
@ -83,5 +88,6 @@ echo " openssl-conf: $enable_openssl_conf"
|
||||
echo " tss2-esys: $ac_cv_lib_tss2_esys_Esys_Free"
|
||||
echo " tss2-rc-decode: $ac_cv_lib_tss2_rc_Tss2_RC_Decode"
|
||||
echo " ibmtss: $ac_cv_header_ibmtss_tss_h"
|
||||
echo " sigv1: $enable_sigv1"
|
||||
echo " doc: $have_doc"
|
||||
echo
|
||||
|
||||
Reference in New Issue
Block a user