[OE-core] [PATCH 1/1] nss: fix non-determinism when create blank certificate
Kang Kai
Kai.Kang at windriver.com
Fri Oct 12 01:25:30 UTC 2018
On 2018年10月12日 02:55, richard.purdie at linuxfoundation.org wrote:
> On Thu, 2018-10-11 at 22:24 +0800, kai.kang at windriver.com wrote:
>> From: Kai Kang <kai.kang at windriver.com>
>>
>> It uses tool certutil from nss to create a blank certificate. But the
>> checksum of output file key4.db changes every time:
>>
>> $ certutil -N -d sql:. --empty-password
>> $ md5sum *
>> f9dac2cfcb07cc8ca6db442a9a570906 cert9.db
>> b892c5ff7c1977d4728240b0cf628377 key4.db
>> 7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt
>> $ rm *
>>
>> $ certutil -N -d sql:. --empty-password
>> $ md5sum *
>> f9dac2cfcb07cc8ca6db442a9a570906 cert9.db
>> 405d55178e866a115c1aa975fccfa764 key4.db
>> 7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt
>>
>> Provide pre-created blank database files to fix non-determinism
>> issue.
>> And these files are from nss qemux86-64 build.
> I agree with this however can we leave a comment in the recipe about
> why we're including these and instructions on how to rebuild them
> please?
OK. V2 will be sent.
Regards,
Kai
>
> Cheers,
>
> Richard
>
>
--
Regards,
Neil | Kai Kang
More information about the Openembedded-core
mailing list