xyssl-0.8
所属分类:加密解密
开发工具:Visual C++
文件大小:257KB
下载次数:624
上传日期:2007-12-30 11:20:42
上 传 者:
yezhangxiang
说明: 很多密码算法的一个源代码实现的集合,写的比较专业,c语言的。有DES,AES,RSA,MD2,MD4,MD5
(Many cryptographic algorithm realization of a collection of source code, written by more professional, c language. There are DES, AES, RSA, MD2, MD4, MD5)
文件列表:
xyssl-0.8 (0, 2007-10-20)
xyssl-0.8\BUGS.txt (5866, 2007-10-20)
xyssl-0.8\include (0, 2007-10-20)
xyssl-0.8\include\xyssl (0, 2007-10-20)
xyssl-0.8\include\xyssl\aes.h (2752, 2007-10-20)
xyssl-0.8\include\xyssl\arc4.h (1032, 2007-10-20)
xyssl-0.8\include\xyssl\base64.h (1822, 2007-10-20)
xyssl-0.8\include\xyssl\bignum.h (10644, 2007-10-20)
xyssl-0.8\include\xyssl\bn_mul.h (24682, 2007-10-20)
xyssl-0.8\include\xyssl\certs.h (313, 2007-10-20)
xyssl-0.8\include\xyssl\config.h (5020, 2007-10-20)
xyssl-0.8\include\xyssl\debug.h (2565, 2007-10-20)
xyssl-0.8\include\xyssl\des.h (3894, 2007-10-20)
xyssl-0.8\include\xyssl\dhm.h (3503, 2007-10-20)
xyssl-0.8\include\xyssl\havege.h (657, 2007-10-20)
xyssl-0.8\include\xyssl\md2.h (2985, 2007-10-20)
xyssl-0.8\include\xyssl\md4.h (2918, 2007-10-20)
xyssl-0.8\include\xyssl\md5.h (2918, 2007-10-20)
xyssl-0.8\include\xyssl\net.h (3237, 2007-10-20)
xyssl-0.8\include\xyssl\padlock.h (1662, 2007-10-20)
xyssl-0.8\include\xyssl\rsa.h (8518, 2007-10-20)
xyssl-0.8\include\xyssl\sha1.h (2975, 2007-10-20)
xyssl-0.8\include\xyssl\sha2.h (3435, 2007-10-20)
xyssl-0.8\include\xyssl\sha4.h (3596, 2007-10-20)
xyssl-0.8\include\xyssl\ssl.h (16365, 2007-10-20)
xyssl-0.8\include\xyssl\timing.h (845, 2007-10-20)
xyssl-0.8\include\xyssl\x509.h (11108, 2007-10-20)
xyssl-0.8\LGPL.txt (26944, 2007-10-20)
xyssl-0.8\library (0, 2007-10-20)
xyssl-0.8\library\aes.c (31671, 2007-10-20)
xyssl-0.8\library\arc4.c (3583, 2007-10-20)
xyssl-0.8\library\base64.c (6378, 2007-10-20)
xyssl-0.8\library\bignum.c (39800, 2007-10-20)
xyssl-0.8\library\certs.c (12250, 2007-10-20)
xyssl-0.8\library\debug.c (3291, 2007-10-20)
xyssl-0.8\library\des.c (22867, 2007-10-20)
xyssl-0.8\library\dhm.c (5953, 2007-10-20)
xyssl-0.8\library\havege.c (9237, 2007-10-20)
xyssl-0.8\library\Makefile (920, 2007-10-20)
xyssl-0.8\library\md2.c (8612, 2007-10-20)
... ...
How to setup your own Certificate Authority
===========================================
1. Configure OpenSSL
--------------------
First of all, create sslconf.txt in the current directory
(a basic example is provided at the end of this file). Then
you need to create the database and a starting serial number:
$ touch index
$ echo "01" > serial
2. Generate the CA certificate
------------------------------
$ openssl req -config sslconf.txt -days 3653 -x509 -newkey rsa:2048 \
-set_serial 0 -text -keyout test-ca.key -out test-ca.crt
3. Generate the private key and certificate request
---------------------------------------------------
$ openssl genrsa -out client.key 2048
$ openssl req -config sslconf.txt -new -key client.key -out client.req
4. Issue and sign the certificate
---------------------------------
$ openssl ca -config sslconf.txt -in client.req -out client.crt
5. To revoke a certificate and update the CRL
---------------------------------------------
$ openssl ca -config sslconf.txt -revoke client.crt
$ openssl ca -config sslconf.txt -gencrl -out crl.pem
6. To display a certificate and verify its validity
---------------------------------------------------
$ openssl x509 -in client.crt -text -noout
$ cat test-ca.crt crl.pem > cacrl-temp.pem
$ openssl verify -CAfile cacrl-temp.pem -crl_check client.crt
7. To export a certificate into a .pfx file
-------------------------------------------
$ openssl pkcs12 -export -in client.crt -inkey client.key -out client.pfx
##================================================================
##============== Example OpenSSL configuration file ==============
##================================================================
# References:
#
# /etc/ssl/openssl.conf
# http://www.openssl.org/docs/apps/config.html
# http://www.openssl.org/docs/apps/x509v3_config.html
[ ca ]
default_ca = my_ca
[ my_ca ]
certificate = test-ca.crt
private_key = test-ca.key
database = index
serial = serial
new_certs_dir = .
default_crl_days = 30
default_days = 365
default_md = sha1
policy = my_policy
x509_extensions = v3_usr
[ my_policy ]
countryName = optional
stateOrProvinceName = optional
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
distinguished_name = my_req_dn
x509_extensions = v3_ca
[ my_req_dn ]
countryName = Country Name..............
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name....
localityName = Locality Name.............
0.organizationName = Organization Name.........
organizationalUnitName = Org. Unit Name............
commonName = Common Name (required)....
commonName_max = ***
emailAddress = Email Address.............
emailAddress_max = ***
[ v3_ca ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
[ v3_usr ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
近期下载者:
相关文件:
收藏者: