How to set Issuer information (CA) to User-Certificate - using phpseclib? -

-

i want run certificate authority php interface. backend want use phpseclib. (version 1.0.2 - https://sourceforge.net/projects/phpseclib/files/phpseclib1.0.2.zip/download)

the ca root certificate generated openssl , following script should create valid client certificate issued ca. part csr looks reasonable , csr valid. part sign certificate ca seems fail. certificate user information no issuer given. use example code of website - have no idea do. suggestions? import ca certificate wrong way? 

<?php     set_include_path("../resources/library/");     include('file/x509.php');     include('crypt/rsa.php');     //show errors     error_reporting(e_all);     ini_set('display_errors', 1);       // create key pair.     $rsa = new crypt_rsa();     $key = $rsa->createkey();     $privkey = new crypt_rsa();     $privkey->loadkey($key['privatekey']);     $pubkey = new crypt_rsa();     $pubkey->loadkey($key['publickey']);     $pubkey->setpublickey();      // create certificate request.     $csr = new file_x509();     $csr->setprivatekey($privkey);     $csr->setpublickey($pubkey);     $csr->setdn('cn=www.example.org');     $csr->loadcsr($csr->savecsr($csr->signcsr()));      // set csr attribute.     $csr->setattribute('pkcs-9-at-unstructuredname', array('directorystring' => array('utf8string' => 'mycsr')), file_x509_attr_replace);      // set extension request.     $csr->setextension('id-ce-keyusage', array('encipheronly'));      // generate csr.      file_put_contents('csr.pem',  $output= $csr->savecsr($csr->signcsr()));     echo $output . "\n";      // read certificate request , validate it.     $csr = new file_x509();     $csr->loadcsr(file_get_contents('csr.pem'));     if ($csr->validatesignature() !== true) {         exit("invalid csr\n");     }      // alter certificate request.     $csr->setdnprop('cn', 'www.example.org');     //~ $csr->removeextension('id-ce-basicconstraints');      // load ca , private key.     $pemcakey = file_get_contents("../../myca/cafile/ca.key");     $cakey = new crypt_rsa();     $cakey->setpassword('rootca'); // !!!!!!     $cakey->loadkey($pemcakey);     $pemca = file_get_contents("../../myca/cafile/ca.crt");     $ca = new file_x509();     $ca->loadx509($pemca);     $ca->setprivatekey($cakey);      // sign updated request, producing certificate.     $x509 = new file_x509();     $cert = $x509->loadx509($x509->savex509($x509->sign($ca, $csr)));      // generate certificate.     echo $x509->savex509($cert) . "\n"; ?>

example output first csr , generated certificate:

-----begin certificate request----- miibitcb9qibadaamrgwfgydvqqdda93d3cuzxhhbxbszs5vcmcwgz0wcwyjkozi hvcnaqeba4gnadcbiqkbgqc+usalbhb2te1noqijhpmegc0tcfa9qjup8pqivgip ymbv5s2utjmym8vfnb9lwgchqksdnx561gsilwkcqbows6uppk4ihgtulon6qbm7 wnods4aua6mqghusx9uimyrt4djqbn/cuem1bdcvm4ywjy87kaiph4gvnmoxibb4 zqidaqabodqwfayjkozihvcnaqkcmqcmbw15q1nsmbwgcsqgsib3dqejdjepma0w cwydvr0pbaqdagabmasgcsqgsib3dqebbqobgqbzsbz87numzjy+swhaxper6g7c cllwjam5kgl0jptvyn63q6zzc4dm+svpb3/m5dnuvrws8+prifuyjrbccbo3kyt9 owjbmo8wcae7mtkus/7g3rvanhyxr3vp6ce+qygcmlglgq3dcdperthz5bhx/j+k 4zsgiyve/ao2hm3iqw== -----end certificate request----- -----begin certificate----- miibgtccawugawibagiucliodcnx08a7h12xkdkpsdi6op4wdqyjkozihvcnaqef bqawftetmbega1ueaxmktxjvdhplaybdqtaefw0xnja3mdqxnte2mjbafw0xnza3 mdqxnte2mjbamdqxgdawbgnvbammd3d3dy5legftcgxllm9yzzeymbyga1ueawwp d3d3lmv4yw1wbguub3jnmigfma0gcsqgsib3dqebaquaa4gnadcbiqkbgqc+usal bhb2te1noqijhpmegc0tcfa9qjup8pqivgipymbv5s2utjmym8vfnb9lwgchqksd nx561gsilwkcqbows6uppk4ihgtulon6qbm7wnods4aua6mqghusx9uimyrt4djq bn/cuem1bdcvm4ywjy87kaiph4gvnmoxibb4zqidaqabozawljalbgnvhq8ebamc aaewhwydvr0jbbgwfoau4azgbyenlmiuk2ancwjvl+9p8mmwdqyjkozihvcnaqef bqadaqa= -----end certificate-----

i falsly had opinion output certificate contains no issuer. used https://www.sslshopper.com/certificate-decoder.html testing/decoding.

[solved] - using decoder openssl set information + issuer shown.

?! in case decoder messing reading header information ?!


Comments

Post a Comment

Popular posts from this blog

matlab - error with cyclic autocorrelation function -

-
Image
i'm trying code cyclic autocorrelation function in matlab follows: t=0:(n-1); t=t*te; i_alpha=0; tau=-n2*te:te:n2*te; alpha=-1/2:1/n:1/2; ryy_cl=zeros(length(alpha),length(tau)); alpha=alpha/te ind_tau=0; i_alpha=i_alpha+1; k=tau ind_tau=ind_tau+1; if k>0 % ryy_cl(i_alpha,ind_tau)=1/length(sig_bin_syl_mod(1:end- k))*sum((sig_bin_syl_mod(1:end-k)).*sig_bin_syl_mod(k+1:end)).*exp(1i*2*pi*alpha*t(1+k:length(sig_bin_syl_mod(1:end)))); ryy_cl(i_alpha,ind_tau)=(1/n)*sum((sig_bin_syl_mod(1:end-k)).*sig_bin_syl_mod(k+1:end)).*exp(-1i*2*pi*alpha*t(1:end-k)); else ryy_cl(i_alpha,ind_tau)=(1/n)*sum((sig_bin_syl_mod(1-k:end)).*sig_bin_syl_mod(1:end+k)).*exp(-1i*2*pi*alpha*t(1-k:end)); end end end i'm getting errors, , doesn't show expecting. according below formulae, how can fix it? the code provided incomplete, difficult confidently reproduce error. in particular, haven't de...
Read more

django - (fields.E300) Field defines a relation with model 'AbstractEmailUser' which is either not installed, or is abstract -

-
i trying create customuser django project email username , add radio button truck , company. in registration process email-id registered per truck or company. mentioned radio button 'tag' , add manytomany field tag in emailuser model. when makemigrations, raising error : (fields.e300) field defines relation model 'abstractemailuser' either not installed, or abstract. i quite new django , not sure whether have created correct code wants. please me solving this. here code, models.py: import django django.contrib.auth.models import ( abstractbaseuser, baseusermanager, permissionsmixin) django.core.mail import send_mail django.db import models django.utils import timezone django.utils.translation import ugettext_lazy _ class emailusermanager(baseusermanager): """custom manager emailuser.""" def _create_user(self, email, password, is_staff, is_superuser, **extra_fields): """create , save emailus...
Read more

c# - What is a good .Net RefEdit control to use with ExcelDna? -

-
i using exceldna , c# build suite of tools. part of forms i'd want user select cells/ranges workbook. i've got application.inputbox route working...but doesn't cool... i haven't read many things excel's refedit control, , see many have in past written workarounds, in (shudder) vba or vb.net. however, none of these seem recent... best approach/control refedit functionality on form run via exceldna (if applicable)? the refedit sample project of github explores different ways of dealing threading when showing form excel add-in, main issue making refedit control .net add-in. check page links various other implementations: https://github.com/excel-dna/exceldna/wiki/links-about-refedit
Read more