src/lib/libsecureboot/openpgp, branch main FreeBSD source tree libsecureboot add sha384 and sha512 for OpenPGP 2025-01-20T20:56:44+00:00 Simon J. Gerraty sjg@FreeBSD.org 2025-01-20T20:56:44+00:00 dae4eb623e862789533dca8b644ea531502a088f gpg supports SHA384, SHA512 as well as SHA256 so allow for them. Tweak Makefile.inc so we can build libsecureboot with only OpenPGP trust anchors. Reviewed by: imp Differential Revision: https://reviews.freebsd.org/D48546 
gpg supports SHA384, SHA512 as well as SHA256 so allow for them.

Tweak Makefile.inc so we can build libsecureboot with only OpenPGP
trust anchors.

Reviewed by: imp
Differential Revision:	https://reviews.freebsd.org/D48546
libsecureboot: Report failure for unsupported hash algorithm 2025-01-20T18:59:20+00:00 Huwyler simon.huwyler@gmail.com 2025-01-17T14:55:15+00:00 caaeab697bf98bf96e2fa8cb4a1e22240511fbcc Reviewed by: sjg Pull request: https://github.com/freebsd/freebsd-src/pull/1574 
Reviewed by:	sjg
Pull request:	https://github.com/freebsd/freebsd-src/pull/1574
Remove residual blank line at start of Makefile 2024-07-15T22:43:39+00:00 Warner Losh imp@FreeBSD.org 2024-07-15T04:46:32+00:00 e9ac41698b2f322d55ccf9da50a3596edb2c1800 This is a residual of the $FreeBSD$ removal. MFC After: 3 days (though I'll just run the command on the branches) Sponsored by: Netflix 
This is a residual of the $FreeBSD$ removal.

MFC After: 3 days (though I'll just run the command on the branches)
Sponsored by: Netflix
lib: Remove ancient SCCS tags. 2023-11-27T05:23:28+00:00 Warner Losh imp@FreeBSD.org 2023-11-23T17:21:37+00:00 dc36d6f9bb1753f3808552f3afd30eda9a7b206a Remove ancient SCCS tags from the tree, automated scripting, with two minor fixup to keep things compiling. All the common forms in the tree were removed with a perl script. Sponsored by: Netflix 
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.

Sponsored by:		Netflix
Remove $FreeBSD$: one-line sh pattern 2023-08-16T17:55:03+00:00 Warner Losh imp@FreeBSD.org 2023-08-16T17:55:03+00:00 d0b2dbfa0ecf2bbc9709efc5e20baf8e4b44bbbf Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/ 
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
Remove $FreeBSD$: one-line .c pattern 2023-08-16T17:54:42+00:00 Warner Losh imp@FreeBSD.org 2023-08-16T17:54:42+00:00 1d386b48a555f61cb7325543adbbb5c3f3407a66 Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/ 
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
Remove $FreeBSD$: one-line .h pattern 2023-08-16T17:54:23+00:00 Warner Losh imp@FreeBSD.org 2023-08-16T17:54:23+00:00 42b388439bd3795e09258c57a74ce9eec3651c7b Remove /^\s*\*+\s*\$FreeBSD\$.*$\n/ 
Remove /^\s*\*+\s*\$FreeBSD\$.*$\n/
libsecureboot: avoid set but not used errors 2023-06-30T06:52:17+00:00 Simon J. Gerraty sjg@FreeBSD.org 2023-06-30T06:52:17+00:00 56f3f2d2491e30f369f9461c3cb2a366bdffbe1d Reviewed by: stevek 
Reviewed by:	stevek
lib/libsecureboot: Fix some typos 2022-11-11T15:38:39+00:00 Elyes HAOUAS ehaouas@noos.fr 2021-03-22T17:16:06+00:00 cb25444c05071463d7f690590ed6288b015ec0fb Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr> Pull Request: https://github.com/freebsd/freebsd-src/pull/544 
Signed-off-by: Elyes HAOUAS <ehaouas@noos.fr>
Pull Request:	https://github.com/freebsd/freebsd-src/pull/544
Update libsecureboot 2022-04-18T19:54:15+00:00 Simon J. Gerraty sjg@FreeBSD.org 2022-04-18T19:53:53+00:00 666554111a7e6b4c1a9a6ff2e73f12cd582573bb Preparation for updating bearssl, pull in updates to libsecureboot. o fix handling of some out-of-memory cases o allow more control over reporting of Verified/Unverified files. this helps boot time when console output is slow o recheck verbose/debug level after reading any unverified file o more debug support for vectx o hash_string to support fake stat for tftp o tests/tvo add -v to simply verify signatures o vets.c allow for HAVE_BR_X509_TIME_CHECK which will greatly simplify verification in loader o report date when certificate fails validity period checks Reviewed by: stevek Sponsored by: Juniper Networks, Inc. 
Preparation for updating bearssl, pull in updates to libsecureboot.

o fix handling of some out-of-memory cases

o allow more control over reporting of Verified/Unverified files.
  this helps boot time when console output is slow

  o recheck verbose/debug level after reading any unverified file

o more debug support for vectx

o hash_string to support fake stat for tftp

o tests/tvo add -v to simply verify signatures

o vets.c allow for HAVE_BR_X509_TIME_CHECK which will greatly simplify
  verification in loader

o report date when certificate fails validity period checks

Reviewed by: stevek
Sponsored by: Juniper Networks, Inc.