al-sign-file

A patched version of the Linux kernel sign-file utility for signing kernel modules. Supports both file-based private keys and PKCS#11 hardware tokens (YubiKey, eToken) via the PKCS11_MODULE_PATH environment variable.

Go to file

Andrew Lukoshko 71ff0e909f Initial import: al-sign-file 0.1 Kernel module signing tool with PKCS#11 hardware token support. Based on upstream Linux kernel scripts/sign-file.c (torvalds/linux master) with the following patch: - Added PKCS11_MODULE_PATH env var to explicitly set the OpenSSL ENGINE MODULE_PATH before initialization, bypassing p11-kit module discovery Supports both file-based private keys and PKCS#11 URIs (YubiKey, eToken). Builds against system OpenSSL, installs to /usr/bin/al-sign-file.	2026-03-05 21:12:24 +01:00
al-sign-file.spec	Initial import: al-sign-file 0.1	2026-03-05 21:12:24 +01:00
sign-file.c	Initial import: al-sign-file 0.1	2026-03-05 21:12:24 +01:00
ssl-common.h	Initial import: al-sign-file 0.1	2026-03-05 21:12:24 +01:00

Andrew Lukoshko 71ff0e909f Initial import: al-sign-file 0.1

Kernel module signing tool with PKCS#11 hardware token support.

Based on upstream Linux kernel scripts/sign-file.c (torvalds/linux master)
with the following patch:
- Added PKCS11_MODULE_PATH env var to explicitly set the OpenSSL ENGINE
  MODULE_PATH before initialization, bypassing p11-kit module discovery

Supports both file-based private keys and PKCS#11 URIs (YubiKey, eToken).
Builds against system OpenSSL, installs to /usr/bin/al-sign-file.

2026-03-05 21:12:24 +01:00

al-sign-file.spec

Initial import: al-sign-file 0.1

2026-03-05 21:12:24 +01:00

sign-file.c

Initial import: al-sign-file 0.1

2026-03-05 21:12:24 +01:00

ssl-common.h

Initial import: al-sign-file 0.1

2026-03-05 21:12:24 +01:00