RE: [Cdsa-discuss] x509 document.
Status: Abandoned
Brought to you by:
mdwood-intel
From: Shafik, M. <moh...@in...> - 2001-10-17 18:47:23
|
Chris, An excellent source of information on X.509, with references to other relevant information, is Peter Gutmann's X.509 Style Guide, http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt. Following is the X.509 V3 definition of the to-be-signed X.509 certificate. Note that only issuerUniqueID, subjectUniqueID, and Extensions fields are optional; the rest of the fields are required. TBSCertificate ::= SEQUENCE { version [ 0 ] Version DEFAULT v1(0), serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL, subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL, extensions [ 3 ] Extensions OPTIONAL } The certgen utility (cdsa_dev/signctr/src/appsr/certgen) uses an XML file to generate certificates. The tests provided in the source zip (cdsa_dev/cdsa/src/test/cmdtest/utclx509) also has some examples of usage. Best Regards Shafik -----Original Message----- From: Christopher Quinn [mailto:aj...@ht...] Sent: Monday, October 08, 2001 8:07 AM To: cdsa Subject: [Cdsa-discuss] x509 document. Hi List, Could someone send me a pdf copy of the x509 standard? I have a free-download customer id from ITU but has not worked and I have yet to receive email responses from them. As I have been twiddling my thumbs for a week because of this, I am eager to get on, so distribution rights issues notwithstanding, will someone oblige me? In case X.509 is not enough, any pointers on how to proceed are appreciated: after creating an initial language binding for the CSP and CL API's I'm at the stage of signing a template certificate; the openssl tool does not like the cert result so I assume I need to put in a minimum set of fields. For that I suppose I need to know about OID value formats. I imagine some of the C structs from the CDSA spec are directly related to forming oid values but my initial attempts to get CDSA to accept the values I constructed for CommonName, IssuerName etc, failed, so I am hoping the x509 standard is going to resolve the matter for me . Do I need to look at anything else to produce a basic certificate? Cheers, Chris Q. _______________________________________________ Cdsa-discuss mailing list Cds...@li... https://lists.sourceforge.net/lists/listinfo/cdsa-discuss |