The Cryptographic Message Syntax (PKCS#7) provides a format for
encapsulating digital signatures of arbitrary binary blobs. A
signature can be generated using
openssl cms -sign -in <file to sign> -binary -noattr \
-signer <signer>.crt -inkey <signer>.key -certfile <CA>.crt \
-outform DER -out <signature>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The concept of an OID-identified algorithm as defined in X.509 is used
in some other standards (e.g. PKCS#7). Generalise this functionality
and provide it as part of the ASN.1 core.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
OIDs are theoretically part of a global hierarchy. However, the
hierarchy is sufficiently disorganised as to be essentially
meaningless for all purposes other than guaranteeing uniqueness.
Ignore the hierarchical nature of OIDs and treat them as opaque.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
The version field of an X.509 certificate appears to be optional.
Reported-by: Sebastiano Manusia <Sebastiano.Manusia@chuv.ch>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Access to the gpxe.org and etherboot.org domains and associated
resources has been revoked by the registrant of the domain. Work
around this problem by renaming project from gPXE to iPXE, and
updating URLs to match.
Also update README, LOG and COPYRIGHTS to remove obsolete information.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Michael Brown