|
sl@0
|
1 |
28 January 2000
|
|
sl@0
|
2 |
***************
|
|
sl@0
|
3 |
First mainline release of certificate management code
|
|
sl@0
|
4 |
This release consists of 6 DLLs:
|
|
sl@0
|
5 |
|
|
sl@0
|
6 |
asn1.dll:
|
|
sl@0
|
7 |
-basic ASN.1/DER decoding functionality
|
|
sl@0
|
8 |
-depends on euser and bigint
|
|
sl@0
|
9 |
x500.dll:
|
|
sl@0
|
10 |
-processing of X.500 Distinguished Names
|
|
sl@0
|
11 |
-depends on euser, estor and asn1
|
|
sl@0
|
12 |
crypto.dll:
|
|
sl@0
|
13 |
-handling of generic signature verification functionality
|
|
sl@0
|
14 |
-depends on euser, estor, cryptalg and hash
|
|
sl@0
|
15 |
certstore.dll
|
|
sl@0
|
16 |
-handling of certificate storage
|
|
sl@0
|
17 |
-depends on euser, estor, efsrv and crypto
|
|
sl@0
|
18 |
x509.dll
|
|
sl@0
|
19 |
-processing of X.509 certificates
|
|
sl@0
|
20 |
-depends on euser, bafl, estor, asn1, certstore bigint, x500, cryptalg and crypto
|
|
sl@0
|
21 |
-extraction of DH keys is currently *not* supported: this will happen in the next
|
|
sl@0
|
22 |
release
|
|
sl@0
|
23 |
pkixCert.dll
|
|
sl@0
|
24 |
-processing of X.509 certificates according to the PKIX profile (RFC 2459)
|
|
sl@0
|
25 |
-depends on euser, x500, x509, certstore and crypto
|
|
sl@0
|
26 |
|
|
sl@0
|
27 |
3 test executables are also included with the release:
|
|
sl@0
|
28 |
|
|
sl@0
|
29 |
tx509.exe:
|
|
sl@0
|
30 |
-tests X.509 certificate processing, including OOM handling
|
|
sl@0
|
31 |
-requires the existence of a directory 'c:\system\testdata'
|
|
sl@0
|
32 |
-the program reads all the files in the directory and attempts
|
|
sl@0
|
33 |
to process them as X.509 certificates
|
|
sl@0
|
34 |
-for each file it attempts to process, it writes success or failure
|
|
sl@0
|
35 |
to the console. The names of failed files are written to 'c:\errfile.txt',
|
|
sl@0
|
36 |
and details of each successfully parsed certificate to 'c:\outfile.txt'
|
|
sl@0
|
37 |
-a .zip file, 'testdata.zip' is included in '\certman\tx509': this
|
|
sl@0
|
38 |
contains sample X.509 certificates which may be extracted to
|
|
sl@0
|
39 |
'c:\system\testdata' for processing.
|
|
sl@0
|
40 |
tcertstore.exe:
|
|
sl@0
|
41 |
-tests basic certificate store functionality
|
|
sl@0
|
42 |
-requires the existence of an certificate store file, 'certx509.dat', in
|
|
sl@0
|
43 |
'c:\system\data', and the existence of certain specific certificate files in
|
|
sl@0
|
44 |
'c:\system\testdata': these files, along with a suitable certificate store,
|
|
sl@0
|
45 |
are included in the .zip file 'testdata.zip' which is found in '\certman\tcertstore'
|
|
sl@0
|
46 |
tpkixcert.exe
|
|
sl@0
|
47 |
-test basic chain building functionality, and a little validation functionality
|
|
sl@0
|
48 |
-requires the existence of certain specific certificate files in
|
|
sl@0
|
49 |
'c:\system\testdata': these files are included in the .zip file 'testdata.zip'
|
|
sl@0
|
50 |
which is found in '\certman\tpkixcert'. It also reqiuires the existence of a file called
|
|
sl@0
|
51 |
'correctchain.txt' in 'c:\': this file is also included in the .zip.
|
|
sl@0
|
52 |
|
|
sl@0
|
53 |
N.B. certstore.dll also needs a certificate store file, 'certx509.dat', in 'c:\system\data'.
|
|
sl@0
|
54 |
While it is best if the tcertstore test program starts with an empty store, it is more useful to
|
|
sl@0
|
55 |
dependent code if the store is already populated. So, an alternative 'certx509.dat' is included in
|
|
sl@0
|
56 |
'\certman\certstore' for use by certstore.dll when code other than the dedicated test code is using it.
|
|
sl@0
|
57 |
This file currently contains:
|
|
sl@0
|
58 |
Clients:
|
|
sl@0
|
59 |
Name = "Software Install", UID = 0x100042AB
|
|
sl@0
|
60 |
Name = "T_SSLWeb.exe", UID = 1
|
|
sl@0
|
61 |
Certs:
|
|
sl@0
|
62 |
Thawte root |