Crypto++ x.509 certificate create
242 views
Skip to first unread message
SeungYoup Lee
Sep 28, 2014, 10:56:52 PM9/28/14
to cryptop...@googlegroups.com
I want to create x.509 certificate using crypto++ library .
----------------------X.509 v3 format ----------------------
Certificate
Version
Serial Number
Algorithm ID
Issuer
Validity
Not Before
Not After
Subject
Subject Public Key Info
Public Key Algorithm
Subject Public Key
Issuer Unique Identifier (Optional)
Subject Unique Identifier (Optional)
Extensions (Optional)
...*Certificate Signature Algorithm
Certificate Signature
------------------------------------------------------------------
I illusion that crypto++ support x.509 format.
But I search ... crypto++ library don't support x.509 certificate.
I also saw other link but, i can't find.
It is right Crypto++ library support only Subject public key info ?
I saw http://www.cryptopp.com/wiki/X.509 site.
I think it is already created certificate ..and verify
I want to create x.509 certificate format and please advise me.
And Please explain in detail
thank u :D
I alread saw blow sites:
2) find keyword x.509 in Crypto++ user group
Jeffrey Walton
Dec 1, 2014, 7:40:53 PM12/1/14
to cryptop...@googlegroups.com
On Sunday, September 28, 2014 10:56:52 PM UTC-4, SeungYoup Lee wrote:
I want to create x.509 certificate using crypto++ library .
----------------------X.509 v3 format ----------------------CertificateVersionSerial NumberAlgorithm IDIssuerValidityNot BeforeNot AfterSubjectSubject Public Key InfoPublic Key AlgorithmSubject Public KeyIssuer Unique Identifier (Optional)Subject Unique Identifier (Optional)Extensions (Optional)...*Certificate Signature AlgorithmCertificate Signature
------------------------------------------------------------------
...
It is right Crypto++ library support only Subject public key info ?I saw http://www.cryptopp.com/wiki/X.509 site.I think it is already created certificate ..and verify
The code on the X.509 wiki page was unwittingly donated by Geoff Beier (I grabbed it off an old post of his).
I think Geoff's code is the most progress I've seen anyone make on it. I can say I've never tried to write a X.509 certificate reader/writer for Crypto++.
I think you will be on your own. The reading and writing of optional arguments will probably be the pain point. A few of the Crypto++ classes that serializes keys handles optional arguments, so there's a brief example of how to do it. But I don't think it will scale. For example, from ecp.cpp:
ECP::ECP(BufferedTransformation &bt)
: m_fieldPtr(new Field(bt))
{
BERSequenceDecoder seq(bt);
GetField().BERDecodeElement(seq, m_a);
GetField().BERDecodeElement(seq, m_b);
// skip optional seed
if (!seq.EndReached())
{
SecByteBlock seed;
unsigned int unused;
BERDecodeBitString(seq, seed, unused);
}
seq.MessageEnd();
}
: m_fieldPtr(new Field(bt))
{
BERSequenceDecoder seq(bt);
GetField().BERDecodeElement(seq, m_a);
GetField().BERDecodeElement(seq, m_b);
// skip optional seed
if (!seq.EndReached())
{
SecByteBlock seed;
unsigned int unused;
BERDecodeBitString(seq, seed, unused);
}
seq.MessageEnd();
}
Jeff
Reply all
Reply to author
Forward
0 new messages