p96705831
/
xmlsec1
forked from openkylin/xmlsec1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
xmlsec1/tests/aleksey-xmldsig-01
History
rtlhq 9f0d89f398 Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
..
relationship Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
README Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
dtd-hmac-91.dtd Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
dtd-hmac-91.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
dtd-hmac-91.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloped-ecdsa-java-bug.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloped-gost.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloped-gost.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-dsa-x509chain.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-dsa-x509chain.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-expired-cert.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-expired-cert.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-gost2012-256.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-gots2012-512.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-md5-hmac-md5-64.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-md5-hmac-md5-64.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-md5-hmac-md5.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-md5-hmac-md5.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-md5-rsa-md5.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-md5-rsa-md5.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-ripemd160-hmac-ripemd160-64.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-ripemd160-hmac-ripemd160-64.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-ripemd160-hmac-ripemd160.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-ripemd160-hmac-ripemd160.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-ripemd160-rsa-ripemd160.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-ripemd160-rsa-ripemd160.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-rsa-x509chain.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-rsa-x509chain.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-ecdsa-sha1.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-ecdsa-sha1.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-hmac-sha1-64.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-hmac-sha1-64.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-hmac-sha1.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-hmac-sha1.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-rsa-sha1.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha1-rsa-sha1.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha224-hmac-sha224-64.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha224-hmac-sha224-64.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha224-hmac-sha224.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha224-hmac-sha224.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha224-rsa-sha224.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha224-rsa-sha224.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-dsa2048-sha256.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-dsa2048-sha256.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-dsa3072-sha256.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-dsa3072-sha256.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-ecdsa-sha256.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-ecdsa-sha256.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-hmac-sha256-64.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-hmac-sha256-64.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-hmac-sha256.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-hmac-sha256.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-rsa-sha256-der.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-rsa-sha256-der.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-rsa-sha256-relationship.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-rsa-sha256-relationship.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-rsa-sha256-verify.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-rsa-sha256.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha256-rsa-sha256.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-ecdsa-sha384.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-ecdsa-sha384.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-hmac-sha384-64.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-hmac-sha384-64.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-hmac-sha384.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-hmac-sha384.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-rsa-sha384.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha384-rsa-sha384.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-ecdsa-sha512.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-ecdsa-sha512.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-hmac-sha512-64.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-hmac-sha512-64.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-hmac-sha512.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-hmac-sha512.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-rsa-sha512.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
enveloping-sha512-rsa-sha512.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
signature-two-keynames.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
signature-two-keynames.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
x509data-sn-test.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
x509data-sn-test.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
x509data-test.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
x509data-test.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
xpointer-hmac.tmpl Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00
xpointer-hmac.xml Import Upstream version 1.2.33 2022-11-29 19:07:29 +08:00

README 

README
http://groups.google.com/groups?hl=en&threadm=9jlbt7%243141%241%40FreeBSD.csie.NCTU.edu.tw&rnum=20&prev=/groups%3Fq%3Dopenssl%2Bx509%2Bcertificates%2Bchain%26start%3D10%26hl%3Den%26selm%3D9jlbt7%25243141%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D20
http://www.post1.com/home/ngps/m2/howto.ca.html


Commands:

(0) create new CA and modify the openssl.cnf file
to point to it

> CA.pl -newca

(1) a self-signed des3 root ca cert, using

> openssl genrsa -des3 -out ca.key
> openssl req -new -key ca.key -out ca.csr
> openssl x509 -req -signkey ca.key -out ca.crt -in ca.csr

verify ca.crt

> openssl x509 -text -in ca.crt

(2) a second ca cert, signed by the first ca, using

> openssl genrsa -des3 -out ca2.key
> openssl req -new -key ca2.key -out ca2.csr
> openssl ca -cert ca.crt -keyfile ca.key -out ca2.crt -infiles ca2.csr

verify ca2.crt

> openssl x509 -text -in ca2.crt
> openssl verify -CAfile ca.crt ca2.crt


(3) a user cert using

> openssl genrsa -des3 -out user.key
> openssl req -new -key user.key -out user.csr
> openssl ca -cert ca2.crt -keyfile ca2.key -out user.crt -infiles user.csr


verify user.crt

> openssl x509 -text -in ca3.crt 
> openssl verify -CAfile ca.crt -untrusted ca2.crt user.crt