Symaptic: os/security/cryptoservices/certificateandkeymgmt/tder/example/readme.txt@260cb5ec6c19 (annotated)

sl@0	1	The following example creates a PKCS#12 file that is identical to a reference
sl@0	2	file created using OpenSSL.
sl@0	3
sl@0	4
sl@0	5	Limitations
sl@0	6	***********
sl@0	7	1) There is no support for the PKCS#12 PBE KDF. The derived keys must be calculated externally.
sl@0	8
sl@0	9	* OpenSSL must be in your path for the example to work. *
sl@0	10
sl@0	11	Reference PKCS12 file (root5ca.p12) details
sl@0	12	******************************************
sl@0	13	certificate: root5ca.pem
sl@0	14	key: root5ca_key.pem
sl@0	15	commands line: openssl pkcs12 -export -in root5ca.pem -inkey root5ca_key.pem -out root5ca.p12 -name "Root5CA" -password pass:password
sl@0	16	password: password
sl@0	17
sl@0	18	The salt was extracted from root5ca.p12 and the iv and key were re-created using
sl@0	19	the PKCS12 KDF. These crypto params could be re-used to create other examples
sl@0	20	so long as the same ciphers are used.
sl@0	21
sl@0	22	Certificate
sl@0	23	-----------
sl@0	24	salt: 07EE43282EFFF9D4
sl@0	25	iter: 2048
sl@0	26	key: 44f58eebbf
sl@0	27	iv: 2b4076b4b266f90b
sl@0	28
sl@0	29	Private Key
sl@0	30	-----------
sl@0	31	salt: 17D32E39CDF9CCD6
sl@0	32	iter: 2048
sl@0	33	key: 3abe08c2e6a4782090258b75936f730c81165ad16a968401
sl@0	34	iv: d23d26d5f997e21f
sl@0	35
sl@0	36	Mac
sl@0	37	---
sl@0	38	salt: 6F855D153C618D4C
sl@0	39	iter: 2048
sl@0	40	key: d9c9d4803178c611251ccefef608bda2bf7ec183
sl@0	41
sl@0	42	Running the example
sl@0	43	*******************
sl@0	44	From the example directory run
sl@0	45	..\dergen.pl --binary --in pkcs12simple.txt --out pkcs12simple.p12
sl@0	46
sl@0	47	Viewing the data
sl@0	48	openssl pkcs12 -in pkcs12simple.p12 -info -nodes -password pass:password
sl@0	49
sl@0	50	or double-click on the file in Explorer
sl@0	51
sl@0	52	Instructions for DERGEN.pl
sl@0	53	**************************
sl@0	54	see ..\syntax.txt

author	sl
	Tue, 10 Jun 2014 14:32:02 +0200
changeset 1	260cb5ec6c19
permissions	-rw-r--r--