mirror of
https://github.com/ipxe/ipxe
synced 2026-05-22 00:03:42 +03:00
Michael Brown
63c1a63017
The RSA-PSS signature scheme is crowbarred somewhat awkwardly into TLS version 1.2. Certificates with the standard rsaEncryption OID in the public key may be used with either PKCS#1 or RSA-PSS, which breaks the straightforward mapping between the OID and the signature algorithm. Extend the definition of a TLS signature hash algorithm to include a required OID-identified algorithm in the certificate's public key. This allows us to define signature schemes such as rsa_pss_rsae_sha256 where the signature scheme uses an algorithm that differs from the algorithm identified in the certificate's public key. Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE network bootloader
iPXE is the leading open source network boot firmware. It provides a full PXE implementation enhanced with additional features such as:
-
boot from a web server via HTTP or HTTPS,
-
boot from an iSCSI, FCoE, or AoE SAN,
-
control the boot process with a script,
You can use iPXE to replace the existing PXE ROM on your network card, or you can chainload into iPXE to obtain the features of iPXE without the hassle of reflashing.
iPXE is free, open-source software licensed under the GNU GPL (with some portions under GPL-compatible licences).
You can download the rolling release binaries (built from the latest commit), or use the most recent stable release.
For full documentation, visit the iPXE website.