Replacement for CRL name hash computation #1412
Comments
|
What's your goal with the hash function? Are you looking for something that
will return the exact same value, or are looking for something that will
fill the same role (i.e., a deterministic short integer representation)?
…On Sat, Jan 18, 2025 at 6:00 PM Istvan Papp ***@***.***> wrote:
I am trying to compute the name hash for CRLs (X509Name.hash() in
pyopenssl), and it seems there is no equivalent operation in the
cryptography package. The closest I can find is Name.public_bytes(), but
that only gives me X509Name.der(). I tried reproducing the steps in hash()'s
documentation, but I'm getting a different hash than openssl. Not to
mention the process is internal and may be subject to change.
What is the suggested replacement for pyopenssl's X509Name.hash()?
—
Reply to this email directly, view it on GitHub
<#1412>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBBYBGO5TASZIBJL6CL2LLMHNAVCNFSM6AAAAABVOBQPL2VHI2DSMVQWIX3LMV43ASLTON2WKOZSG44TOMRWHAZTOMA>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
|
|
I am trying to get the exact same value, to build the symlinks, specifically for openssl to consume later. Without falling back to running openssl via subprocess, preferably. |
|
Unfortunately, OpenSSL no longer documents the precise algorithm for
computing these.
https://github.com/openssl/openssl/blob/master/crypto/x509/x509_cmp.c#L289
is the implementation.
…On Sun, Jan 19, 2025 at 2:32 AM Istvan Papp ***@***.***> wrote:
I am trying to get the exact same value, to build the symlinks, specifically for openssl to consume later. Without falling back to running openssl via subprocess, preferably.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.Message ID: ***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am trying to compute the name hash for CRLs (
X509Name.hash()in pyopenssl), and it seems there is no equivalent operation in the cryptography package. The closest I can find isName.public_bytes(), but that only gives meX509Name.der(). I tried reproducing the steps inhash()'s documentation, but I'm getting a different hash than openssl. Not to mention the process is internal and may be subject to change.What is the suggested replacement for pyopenssl's
X509Name.hash()?The text was updated successfully, but these errors were encountered: