How to set Issuer information (CA) to User-Certificate - using phpseclib? -

-

i want run certificate authority php interface. backend want use phpseclib. (version 1.0.2 - https://sourceforge.net/projects/phpseclib/files/phpseclib1.0.2.zip/download)

the ca root certificate generated openssl , following script should create valid client certificate issued ca. part csr looks reasonable , csr valid. part sign certificate ca seems fail. certificate user information no issuer given. use example code of website - have no idea do. suggestions? import ca certificate wrong way? 

<?php     set_include_path("../resources/library/");     include('file/x509.php');     include('crypt/rsa.php');     //show errors     error_reporting(e_all);     ini_set('display_errors', 1);       // create key pair.     $rsa = new crypt_rsa();     $key = $rsa->createkey();     $privkey = new crypt_rsa();     $privkey->loadkey($key['privatekey']);     $pubkey = new crypt_rsa();     $pubkey->loadkey($key['publickey']);     $pubkey->setpublickey();      // create certificate request.     $csr = new file_x509();     $csr->setprivatekey($privkey);     $csr->setpublickey($pubkey);     $csr->setdn('cn=www.example.org');     $csr->loadcsr($csr->savecsr($csr->signcsr()));      // set csr attribute.     $csr->setattribute('pkcs-9-at-unstructuredname', array('directorystring' => array('utf8string' => 'mycsr')), file_x509_attr_replace);      // set extension request.     $csr->setextension('id-ce-keyusage', array('encipheronly'));      // generate csr.      file_put_contents('csr.pem',  $output= $csr->savecsr($csr->signcsr()));     echo $output . "\n";      // read certificate request , validate it.     $csr = new file_x509();     $csr->loadcsr(file_get_contents('csr.pem'));     if ($csr->validatesignature() !== true) {         exit("invalid csr\n");     }      // alter certificate request.     $csr->setdnprop('cn', 'www.example.org');     //~ $csr->removeextension('id-ce-basicconstraints');      // load ca , private key.     $pemcakey = file_get_contents("../../myca/cafile/ca.key");     $cakey = new crypt_rsa();     $cakey->setpassword('rootca'); // !!!!!!     $cakey->loadkey($pemcakey);     $pemca = file_get_contents("../../myca/cafile/ca.crt");     $ca = new file_x509();     $ca->loadx509($pemca);     $ca->setprivatekey($cakey);      // sign updated request, producing certificate.     $x509 = new file_x509();     $cert = $x509->loadx509($x509->savex509($x509->sign($ca, $csr)));      // generate certificate.     echo $x509->savex509($cert) . "\n"; ?>

example output first csr , generated certificate:

-----begin certificate request----- miibitcb9qibadaamrgwfgydvqqdda93d3cuzxhhbxbszs5vcmcwgz0wcwyjkozi hvcnaqeba4gnadcbiqkbgqc+usalbhb2te1noqijhpmegc0tcfa9qjup8pqivgip ymbv5s2utjmym8vfnb9lwgchqksdnx561gsilwkcqbows6uppk4ihgtulon6qbm7 wnods4aua6mqghusx9uimyrt4djqbn/cuem1bdcvm4ywjy87kaiph4gvnmoxibb4 zqidaqabodqwfayjkozihvcnaqkcmqcmbw15q1nsmbwgcsqgsib3dqejdjepma0w cwydvr0pbaqdagabmasgcsqgsib3dqebbqobgqbzsbz87numzjy+swhaxper6g7c cllwjam5kgl0jptvyn63q6zzc4dm+svpb3/m5dnuvrws8+prifuyjrbccbo3kyt9 owjbmo8wcae7mtkus/7g3rvanhyxr3vp6ce+qygcmlglgq3dcdperthz5bhx/j+k 4zsgiyve/ao2hm3iqw== -----end certificate request----- -----begin certificate----- miibgtccawugawibagiucliodcnx08a7h12xkdkpsdi6op4wdqyjkozihvcnaqef bqawftetmbega1ueaxmktxjvdhplaybdqtaefw0xnja3mdqxnte2mjbafw0xnza3 mdqxnte2mjbamdqxgdawbgnvbammd3d3dy5legftcgxllm9yzzeymbyga1ueawwp d3d3lmv4yw1wbguub3jnmigfma0gcsqgsib3dqebaquaa4gnadcbiqkbgqc+usal bhb2te1noqijhpmegc0tcfa9qjup8pqivgipymbv5s2utjmym8vfnb9lwgchqksd nx561gsilwkcqbows6uppk4ihgtulon6qbm7wnods4aua6mqghusx9uimyrt4djq bn/cuem1bdcvm4ywjy87kaiph4gvnmoxibb4zqidaqabozawljalbgnvhq8ebamc aaewhwydvr0jbbgwfoau4azgbyenlmiuk2ancwjvl+9p8mmwdqyjkozihvcnaqef bqadaqa= -----end certificate-----

i falsly had opinion output certificate contains no issuer. used https://www.sslshopper.com/certificate-decoder.html testing/decoding.

[solved] - using decoder openssl set information + issuer shown.

?! in case decoder messing reading header information ?!


Comments

Post a Comment

Popular posts from this blog

java - Static nested class instance -

-
this question has answer here: java inner class , static nested class 23 answers i came across in java, know static nested class why create instance of 'static'. isn't whole idea of 'static' use without instance? understand concept of inner classes, why (and frankly how possible to) create 'instance' of 'static' member @ ? why this: 1- outerclass.staticnestedclass nestedobject = new outerclass.staticnestedclass(); 2- nestedobject.anestedclassmethod(); and not this: 1- outerclass outerinstance=new outerclass(); 2- outerinstance.staticnestedclass.anestedclassmethod(); use on inner classes, keyword static indicates can access inner class without instance of outer class. for example: public class outer { public static class inner { /* code here. */ } } with construction, can create instance of inn
Read more

c# - Bluetooth LE CanUpdate Characteristic property -

-
i building xamarin.forms cross platform mobile app, uses monkey.robotics bluetoth low energy functionality. connecting mbed based implimentation of custom gatt service . in xamarin c#, triggers characteristic. canupdate property in monkey.robotics? this standard example c# based on: if (characteristic.canupdate) { characteristic.valueupdated += (s, e) => { debug.writeline("characteristic.valueupdated"); device.begininvokeonmainthread( () => { updatedisplay(characteristic); }); isbusy = false; // spin until first result received }; isbusy = true; characteristic.startupdates(); } this has been working, since changed own custom gatt service connecting to, canupdate property false. property , how triggered? me debugging gatt service code. thanks monkey.robotics open sour
Read more

JavaScript - Replace variable from string in all occurrences -

-
ok, know if have character '-' , want remove in places in string javascript, ... someword = someword.replace(/-/g, ''); but, when applying array of characters, s not working ... const badchars = ('\/:*?"<>|').split(''); let filename = title.replace(/ /g, '-').tolocalelowercase(); (let item = 0; item < badchars.length; item++) { // below not work global '/ /g' filename = filename.replace(/badchars[item]/g, ''); } any ideas? /badchars[item]/g looks badchars , literally, followed i , t , e , or m . if you're trying use character badchars[item] , you'll need use regexp constructor, , you'll need escape regex-specific characters. escaping regular expression has been well-covered . using that: filename = filename.replace(new regexp(regexp.quote(badchars[item]), 'g'), ''); but , don't want that. want character class: let filename = title.replac
Read more