|
1 28 January 2000 |
|
2 *************** |
|
3 First mainline release of certificate management code |
|
4 This release consists of 6 DLLs: |
|
5 |
|
6 asn1.dll: |
|
7 -basic ASN.1/DER decoding functionality |
|
8 -depends on euser and bigint |
|
9 x500.dll: |
|
10 -processing of X.500 Distinguished Names |
|
11 -depends on euser, estor and asn1 |
|
12 crypto.dll: |
|
13 -handling of generic signature verification functionality |
|
14 -depends on euser, estor, cryptalg and hash |
|
15 certstore.dll |
|
16 -handling of certificate storage |
|
17 -depends on euser, estor, efsrv and crypto |
|
18 x509.dll |
|
19 -processing of X.509 certificates |
|
20 -depends on euser, bafl, estor, asn1, certstore bigint, x500, cryptalg and crypto |
|
21 -extraction of DH keys is currently *not* supported: this will happen in the next |
|
22 release |
|
23 pkixCert.dll |
|
24 -processing of X.509 certificates according to the PKIX profile (RFC 2459) |
|
25 -depends on euser, x500, x509, certstore and crypto |
|
26 |
|
27 3 test executables are also included with the release: |
|
28 |
|
29 tx509.exe: |
|
30 -tests X.509 certificate processing, including OOM handling |
|
31 -requires the existence of a directory 'c:\system\testdata' |
|
32 -the program reads all the files in the directory and attempts |
|
33 to process them as X.509 certificates |
|
34 -for each file it attempts to process, it writes success or failure |
|
35 to the console. The names of failed files are written to 'c:\errfile.txt', |
|
36 and details of each successfully parsed certificate to 'c:\outfile.txt' |
|
37 -a .zip file, 'testdata.zip' is included in '\certman\tx509': this |
|
38 contains sample X.509 certificates which may be extracted to |
|
39 'c:\system\testdata' for processing. |
|
40 tcertstore.exe: |
|
41 -tests basic certificate store functionality |
|
42 -requires the existence of an certificate store file, 'certx509.dat', in |
|
43 'c:\system\data', and the existence of certain specific certificate files in |
|
44 'c:\system\testdata': these files, along with a suitable certificate store, |
|
45 are included in the .zip file 'testdata.zip' which is found in '\certman\tcertstore' |
|
46 tpkixcert.exe |
|
47 -test basic chain building functionality, and a little validation functionality |
|
48 -requires the existence of certain specific certificate files in |
|
49 'c:\system\testdata': these files are included in the .zip file 'testdata.zip' |
|
50 which is found in '\certman\tpkixcert'. It also reqiuires the existence of a file called |
|
51 'correctchain.txt' in 'c:\': this file is also included in the .zip. |
|
52 |
|
53 N.B. certstore.dll also needs a certificate store file, 'certx509.dat', in 'c:\system\data'. |
|
54 While it is best if the tcertstore test program starts with an empty store, it is more useful to |
|
55 dependent code if the store is already populated. So, an alternative 'certx509.dat' is included in |
|
56 '\certman\certstore' for use by certstore.dll when code other than the dedicated test code is using it. |
|
57 This file currently contains: |
|
58 Clients: |
|
59 Name = "Software Install", UID = 0x100042AB |
|
60 Name = "T_SSLWeb.exe", UID = 1 |
|
61 Certs: |
|
62 Thawte root |