Botan 1.7.23 (Development branch)

11-24-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Botan 1.7.23 (Development branch)

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.License: BSD License (revised)Changes:
This release optimizes most hash function implementations, particularly MD4 and Tiger, both of which are over 10% faster on x86-64. It reduces the time needed for entropy polling by using better caching and buffering techniques. Using C++ TR1 (enabling ECDSA support) is on by default with GNU C++ and Intel C++. This is the second release candidate for 1.8.0.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

certtool(1) General Commands Manual certtool(1) NAME
certtool - Manipulate certificates and keys. SYNOPSIS
certtool [options] DESCRIPTION
Generate X.509 certificates, certificate requests, and private keys. OPTIONS
Program control options -d, --debug LEVEL Specify the debug level. Default is 1. -h, --help Shows this help text -v, --version Shows the program's version Getting information on X.509 certificates -i, --certificate-info Print information on a certificate. -k, --key-info Print information on a private key. -l, --crl-info Print information on a CRL. --p12-info Print information on a PKCS #12 structure. Getting information on Openpgp certificates --pgp--certificate-info Print information on an OpenPGP certificate. --pgp--key-info Print information on an OpenPGP private key. --pgp--ring-info Print information on a keyring. Generating/verifying X.509 certificates/keys -c, --generate-certificate Generate a signed certificate. -e, --verify-chain Verify a PEM encoded certificate chain. The last certificate in the chain must be a self signed one. --generate-dh-params Generate PKCS #3 encoded Diffie-Hellman parameters. --load-ca-certificate FILE Certificate authority's certificate file to use. --load-ca-privkey FILE Certificate authority's private key file or PKCS #11 URL to use. --load-certificate FILE Certificate file to use. --load-privkey FILE Private key file or PKCS #11 URL to use. --load-pubkey FILE Public key file or PKCS #11 URL to use. --load-request FILE Certificate request file to use. -p, --generate-privkey Generate a private key. -q, --generate-request Generate a PKCS #10 certificate request. -s, --generate-self-signed Generate a self-signed certificate. -u, --update-certificate Update a signed certificate. Controlling output -8, --pkcs8 Use PKCS #8 format for private keys. --pkcs-cipher The cipher to use when doing pkcs encryption. Valid options are 3des,aes-128,aes-192,aes-256,rc2-40 --dsa Generate a DSA key. --bits BITS Specify the number of bits for key generation. --export-ciphers Use weak encryption algorithms. --inraw Use RAW/DER format for input certificates and private keys. --infile FILE Input file. --outraw Use RAW/DER format for output certificates and private keys. --outfile FILE Output file. --password PASSWORD Password to use. --to-p12 Generate a PKCS #12 structure. --template Use a template file to read input. See the doc/certtool.cfg in the distribution, for an example. --fix-key Some previous versions of certtool generated wrongly the optional parameters in a private key. This may affect programs that used them. To fix an old private key use --key-info in combination with this parameter. --v1 When generating a certificate use the X.509 version 1 format. This does not add any extensions (such as indication for a CA) but some programs do need these. EXAMPLES
To create a private key, run: $ certtool --generate-privkey --outfile key.pem To create a certificate request (needed when the certificate is issued by another party), run: $ certtool --generate-request --load-privkey key.pem --outfile request.pem To create a certificate request using a key stored in a PKCS #11 token, run: $ ./certtool --generate-request --load-privkey "pkcs11:..." --load-pubkey "pkcs11:..." --outfile request.pem To generate a certificate using the previous request, use the command: $ certtool --generate-certificate --load-request request.pem --outfile cert.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem To generate a certificate using the private key only, use the command: $ certtool --generate-certificate --load-privkey key.pem --outfile cert.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem To view the certificate information, use: $ certtool --certificate-info --infile cert.pem To generate a PKCS #12 structure using the previous key and certificate, use the command: $ certtool --load-certificate cert.pem --load-privkey key.pem --to-p12 --outder --outfile key.p12 AUTHOR
Nikos Mavrogiannopoulos <nmav@gnutls.org> and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list. This manual page was written by Ivo Timmermans <ivo@debian.org>, for the Debian GNU/Linux system (but may be used by others). May 23rd 2005 certtool(1)

Software Releases - RSS News

Botan 1.7.23 (Development branch)

LEARN ABOUT DEBIAN

certtool