On 06/05/15 22:06, Nicolas Sylvain wrote:
The next step is to be able to find the name of the .der file in the
crosscert path. It's a checksum of something, but it was not clear to
me what it was.
Thanks for documenting this!
For reference, the "checksum of something" is the CRC32 of the raw DER
bytes comprising the X.509 subject name. This is chosen since:
a) it can be calculated from the X.509 issuer name of the certificate
for which iPXE currently needs to locate a cross-signed certificate,
b) it's trivial to calculate at the point of use in the iPXE codebase,
since we already have a ptr+len for the raw X.509 issuer name,
c) it gives a fixed-length filename and so is easy to construct in C.
Michael
_______________________________________________
ipxe-devel mailing list
[email protected]
https://lists.ipxe.org/mailman/listinfo.cgi/ipxe-devel
